Container mirror :

Docker Architecture diagram :

Docker Using client - The server (client-server) Architecture mode .Docker The client will communicate with Docker Daemons communicate .Docker Daemons deal with complex and onerous tasks , For example, establish 、 function 、 Publish your Docker Containers .

Docker Clients and daemons can run on the same system , You can also use it Docker The client connects to a remote Docker Daemon .Docker Between the client and the daemons socket perhaps RESTful API communicate .

Docker_host The end runs a subroutine :Docker_daemon The daemons , So run docker_daemon The server of the process is the daemons server .docker_daemon Can listen on the socket , For the sake of safety ,docker_daemon By default, only local unix socket File socket , Three types of sockets are supported :ipv4+ port 、ipv6+ port 、UNIX Socket file( Local files ),docker_daemon Only the third socket, the local file, is monitored , image mysql Just monitor, therefore docker_daemon Only clients are allowed to be local .

Images are layered , The image needs to be downloaded locally for sharing , The image needs to be in docker Local storage of the host .

Because all images are read-only , So when you start a container, you start it based on the image , On the basis of the existing image , Create a dedicated writable layer for the container , To start a container .

Docker There are two main components :

Docker: Open source container virtualization platform .

Docker Hub: For sharing 、 management Docker Container of Docker SaaS platform .

Docker Daemon

As shown in the figure above ,Docker The daemon runs on a host . The user does not interact directly with the daemon , But through Docker The client communicates with it indirectly .

Docker client

Docker client , It's actually docker Binary program , Is the main user with Docker Interactive mode . It receives user instructions and responds to them Docker Daemon communication , And so on and so on .

Docker Internal

To understand Docker Internal construction of , You have to know the following three parts :

  • Docker Mirror image (Docker images)
  • Docker Warehouse (Docker registeries)
  • Docker Containers (Docker containers)

Docker Mirror image

Docker The image is a read-only template . for instance , A mirror image can contain an image running on Apache Upper Web The application and what it uses Ubuntu operating system .

Images are used to create containers .Docker Provides a simple way to create a new image or upgrade an existing image , You can also download images created by others .Docker The mirror is Docker The structural part of .

Images are layered , The image needs to be downloaded locally for sharing , The image needs to be in docker Local storage of the host .

Because all images are read-only , So when you start a container, you start it based on the image , On the basis of the existing image , Create a dedicated writable layer for the container , To start a container .

Docker Warehouse

Docker The repository is used to hold images . It can be understood as a code repository in code control . alike ,Docker Warehouses are also public and private .

public Docker The warehouse name is Docker Hub.Docker Hub Provides a large set of mirrors for use . These images can be created by yourself , Or you can create it on the basis of other people's images .Docker Warehouse is Docker Distribution portion .

Docker object

Use Docker when , You can create and use images , Containers , The Internet , volume , Plug ins and other objects . You can add objects 、 Delete 、 Change 、 check .

Docker Containers

Docker Containers are similar to folders . One Docker The container contains all the environments that an application needs to run . every last Docker Containers are all from Docker Mirror created .

Docker The container works 、 Start 、 stop it 、 Move and delete . every last Docker Containers are independent and secure application platforms .Docker The container is Docker Running part .

Docker Registry

1、 Provide a warehouse for image storage

2、 It provides the authentication function when the user obtains the image

3、 Provide the search index of all servers provided by the current server

Docker Registry There are a lot of warehouses , A warehouse has a name , Only one application image is stored in a warehouse . such as nginx Program , however nginx There will be different versions , therefore nginx Different versions of are stored in the same warehouse , The warehouse name is the application name :nginx. 

nginx There will be... In the warehouse nginx Different versions :nginx1.10、nginx1.12 etc. , How to mark images of different versions ? By adding an extra component to each image : label .

So use   Warehouse, + label   To uniquely identify a mirror image . If only the warehouse name is given when accessing the image , And no labels , The default is the latest tag .

For programs , Odd numbers are development boards , And even numbers are stable . 

Docker How containers work

One Docker The container contains an operating system 、 User added files and metadata (meta-data). We can see , Each container is created from a mirror . The mirror image tells Docker What's in the container , What program runs when the container starts , There's also a lot of configuration data .Docker The mirror image is read-only . When Docker Run a container created from the mirror , It adds a read-write layer to the top of the image , Applications can run here .

When you run docker What happened to the container

Whether you use docker Order or RESTful API,Docker The client will tell Docker The daemons run a container .

$ sudo docker run -i -t ubuntu /bin/bash

Let's analyze this command .Docker Client side usage docker Command to run ,run The parameter indicates that the client wants to run a new container .Docker To run a container, the client needs to tell Docker The minimum parameter information for the daemons is :

  • From which image is this container created , Here is ubuntu, The basis of Ubuntu Mirror image .
  • The command to run in the container , Here is /bin/bash, Run in a container Bash shell.

So what happens at the bottom after running this command ?

In order ,Docker Did these things :

  • Pull ubuntu Mirror image : Docker Check ubuntu Is there a mirror image , If there is no such mirror locally ,Docker From Docker Hub download . If the image already exists ,Docker It will be used to create new containers .
  • Create a new container :  When Docker With this image ,Docker It will be used to create a new container .
  • Allocate the file system and mount a read / write layer :  The container will be created in this file system , And a read-write layer is added to the image .
  • Distribution network / Bridge interface :  Create a network interface that allows the container to communicate with the local host .
  • Set up a IP Address :  Find one available from the pool IP Address and add it to the container .
  • Run the program you specified :  Run the specified program .
  • Capture and provide application output :  Connect and record the standard output 、 Input and errors allow you to see how your program works .

You now have a running container ! From here you can manage your containers , Interact with Applications , After the application is complete , You can stop or delete your container .

Installation and use docker

Mirror image :

docker software package    But the version is older

Tsinghua University docker Of repo file :

This version is relatively new :

# cd /etc/yum.repos.d/

# wget  download repo file

# vim docker-ce.repo   // Due to the docker Older version , So make changes to this file


yum.repos.d]# yum repolist

# yum install docker-ce   // If you use the old version, it's yum install docker

docker Program environment :

Environment profile :
Unit File:
Docker Registry The configuration file :
    The configuration file :/etc/docker/daemon.json   // This file does not exist by default , To create yourself needs

Docker Mirror to accelerate : In order to download the image faster , You need to define a mirror Accelerator

Docker China's official image is speeding up    slower

Aliyun accelerator

Add the following paragraph to /etc/docker/daemon.json In the document

"registry-mirrors": [""]   

// The above is json Array of functions ,key yes registry-mirrors, value yes, Values can have multiple , use "," separate

# mkdir /etc/docker

# vim /etc/docker/daemon.json // Add this passage

"registry-mirrors": [""]

# systemctl start docker.service

# docker version  // see docker edition

Version: 18.09.2
API version: 1.39
Go version: go1.10.6
Git commit: 6247962
Built: Sun Feb 10 04:13:27 2019
OS/Arch: linux/amd64
Experimental: false

Server: Docker Engine - Community
Version: 18.09.2
API version: 1.39 (minimum version 1.12)
Go version: go1.10.6
Git commit: 6247962
Built: Sun Feb 10 03:47:25 2019
OS/Arch: linux/amd64
Experimental: false

# docker info   // For more details docker Information

Server Version: 18.09.
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9754871865f7fe2f4e74d43e2fc7ccd237edcbce
runc version: 09c8266bf2fcf9519a651b04ae54c967b9ab86ec
init version: fec3683
Security Options:
Profile: default
Kernel Version: 3.10.-.el7.x86_64
Operating System: CentOS Linux (Core)
OSType: linux
Architecture: x86_64
Total Memory: .692GiB
Name: node1
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Experimental: false
Insecure Registries:
Registry Mirrors:
Live Restore Enabled: false
Product License: Community Engine

# docker  // You can see docker Subcommand for

# docker container --help   // Now it's managed separately

Docker command :

Alpine brief introduction

Download mirroring

# docker image pull nginx:1.14-alpine   // download nginx Of alpine Mirror image

# docker image ls    // Show image

# docker pull busybox

# docker image ls --help

Start the container

# docker container --help   // Container order

# docker container ls

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

Containers ID      Based on which image the container starts     Commands running in a container                                                 Container mapped port

COMMAND: Commands running in the container ,docker Containers are designed to run a single program , Which program to run when starting a program based on an image ? Each image has a program defined to run by default . But you can also change the default program .

# docker run --help

Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

# docker network ls

5ebae7e509fa bridge bridge local If you don't specify , This is the default
b255b50dc21e host host local
db26f5263d07 none null local

Docker network

The started container will automatically own inet The address in the network , And is nat Bridge , That is, address translation can be carried out , adopt inet Communicate with the outside world , You can ask to go out , But I can't get in .

# ifconfig

docker0: flags=<UP,BROADCAST,MULTICAST> mtu
inet netmask broadcast
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet netmask broadcast
inet6 fe80::f528:::13a7 prefixlen scopeid 0x20<link>
ether :0c::ee::1e txqueuelen (Ethernet)
RX packets bytes (71.7 MiB)
RX errors dropped overruns frame
TX packets bytes (320.4 MiB)
TX errors dropped overruns carrier collisions

Docker run command

OPTIONS explain :

  • -a stdin:  Specify the standard I / O content type , Optional STDIN/STDOUT/STDERR Three items ;

  • -d:  Background running container , And return to the container ID;

  • -i:  Run container in interactive mode , Usually with -t Use at the same time ;

  • -p:  Port mapping , The format is : host ( host ) port : Container port

  • -t:  Reassign a pseudo input terminal to the container , Usually with -i Use at the same time ;

  • --name="nginx-lb":  Specify a name for the container ;

  • --dns  Specify the DNS The server , The default is the same as the host ;

  • --dns-search  Specify the container DNS Search for domain names , The default is the same as the host ;

  • -h "mars":  Of the specified container hostname;

  • -e username="ritchie":  Set the environment variable ;

  • --env-file=[]:  Read environment variables from the specified file ;

  • --cpuset="0-2" or --cpuset="0,1,2":  Bind container to specified CPU function ;

  • -m : Set the maximum memory used by the container ;

  • --net="bridge":  Specify the network connection type of the container , Support bridge/host/none/container:<name|id>  Four types ;

  • --link=[]:  Add a link to another container ;

  • --expose=[]:  Open a port or a group of ports ;


Use docker Mirror image nginx:latest Start a container in backend mode , And name the container mynginx.

docker run --name mynginx -d nginx:latest

Mirror image nginx:latest Start a container in backend mode , And will the container 80 Port mapping to host random port .

docker run -P -d nginx:latest

Mirror image nginx:latest, Start a container in backend mode , The container of 80 Port mapping to host's 80 port , Host Directory /data Mapped to container /data.

docker run -p 80:80 -v /data:/data -d nginx:latest

Bound to the container 8080 port , And map it to the local host Of 80 On port .

$ docker run -p ubuntu bash

Mirror image nginx:latest Start a container in interactive mode , Execute in container /bin/bash command .

runoob@runoob:~$ docker run -it nginx:latest /bin/bash

/ # exit   // Exit the container , When you look again , This container is stagnant

# docker container start -ai busybox    // Containers created before starting

# docker rm busybox   // After the container stops, it can be deleted

# docker ps -a   // When you look again, there is no such container

establish nginx Containers

# docker run --name web1 -d nginx:1.14-alpine    // Even if there is no local mirror, it doesn't matter , Will automatically download the image to the local

# docker ps //nginx The container has started 
3ecb4f5d9a10 nginx:1.14-alpine "nginx -g 'daemon of?? 2 minutes ago Up 2 minutes 80/tcp web1
nginx -g 'daemon of?? // Here to create nginx When the container , It's running the program in the background , So there's this problem . Run any program in the container, don't run in the background ,
Because a container is to run a program , If this program is still running in the background , Then there is no program running in this container ,
Then the container will end without the program running , It's the only process , It's the skeleton that supports the container

# docker inspect web1   // Look at the container web1 Information about

"Id": "3ecb4f5d9a109c5714718c81acf592890c9cd6bcee95d0f1e50b103689af1bc0",
"Created": "2019-02-15T08:45:44.059155956Z",
"Path": "nginx",
"Args": [
"daemon off;"
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": ,
"ExitCode": ,
"Error": "",
"StartedAt": "2019-02-15T08:45:44.947856586Z",
"FinishedAt": "0001-01-01T00:00:00Z"
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "5ebae7e509fa740a57623ec16baa50026135b09c7c98485cbe9784a272e7bdda",
"EndpointID": "2bd43ccab59dee023a35dd28cfdc1238dc9e0ee032b5c42daca6f5bf2351ec90",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null

# curl   // visit nginx Of web page

# docker run --name kvstor1 -d redis:4-alpine

Unable to find image 'redis:4-alpine' locally // There is no such image here , Just download 
-alpine: Pulling from library/redis
6c40cc604d8e: Already exists
e42672a2ca6a: Pull complete
823e4275fef6: Pull complete
0c49a8a142d3: Pull complete
62c3ab7a67af: Pull complete
d8e4fee2dbc2: Pull complete
Digest: sha256:99c3c1e02e5e794d7309003d4f5d045cba0b94911b9b3a2659bb15e8f4261954
Status: Downloaded newer image for redis:-alpine
# docker ps
da481ee71e45 redis:-alpine "docker-entrypoint.s?? About a minute ago Up About a minute 6379/tcp kvstor1 // Running
3ecb4f5d9a10 nginx:1.14-alpine "nginx -g 'daemon of?? 35 minutes ago Up 34 minutes 80/tcp web1

# docker container exec --help    // visit redis Containers , Need to have redis client , This image comes with a client , So you can log in around the boundary of the container .

Usage: docker container exec [OPTIONS] CONTAINER COMMAND [ARG...]

# docker exec -it kvstor1 /bin/sh   //

/data # ps
redis : redis-server
root : /bin/sh
root : ps
/data # netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp* LISTEN -
tcp ::: :::* LISTEN -
/data # exit

Logs about containers , Because a container only runs a single program , So the logs are sent directly to the console , Instead of saving it in a file

# docker logs web1   // see web1 Container log - - [15/Feb/2019:09:10:42 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

Docker Container state transition and related common commands

2、Docker More articles on basic usage

  1. Docker Basic usage

    Docker Basic usage author : Yin Zhengjie Copyright notice : Original works , Declined reprint ! Otherwise, the legal liability will be investigated . One . install docker 1>. Dependent base environment 64 bits CPU Linux Kerner 3.10+ ...

  2. Docker Study 2 Docker Basic usage

    One .docker framework 1.client End 2.server End ,docker daemo Daemon , Listen on the socket .docker Three types of sockets are supported . a.ip vs Socket : namely IP + Port socket b.i ...

  3. docker Second articles Docker Basic usage

    Docker In the container lxc -> libcontainer -> runC OCI (Open Container Initiative) from Linux The foundation dominates 2015 year 6 Founded in do ...

  4. 2.docker Basic usage

    One . Preface OCI(Open Container Initiative): from Linux The foundation dominates 2015 year 6 Founded in ,OCI Defines the criteria for container runtime . OCI There are two parts : the Runtime Spe ...

  5. docker Basic usage

    docker  framework : docker  Pre Installation Preparation : install centos7 , Not in centos6  [root@node01 yum.repos.d]# uname -a Linux node01 -. ...

  6. Docker Basic course

    One .Docker What is it? ? KVM, Virtualbox, Vmware It's virtual machines , Let each instance see a separate machine : and Docker It's virtual out operating system , Isolation between applications , Let each application feel that they have their own exercise ...

  7. Docker Installation and foundation usage

    understand Docker(1):Docker Installation and foundation usage This series will introduce Docker Knowledge about : (1)Docker Installation and basic usage (2)Docker Mirror image (3)Docker Isolation of containers - Use ...

  8. Docker series 03—Docker Basic introduction

    This article is included in the container technology learning series article catalog 1. The concept is introduced 1.1 Containers 1.1.1 Introduce A tool for holding other items , It can be partially or completely closed , Be used to hold . Store . Transport of goods . Objects can be placed in containers , And containers protect the contents . ...

  9. 【 Add 】docker Based on learning

    docker Basic knowledge of I wrote an article before docker Unauthorized access to articles , Now to add docker Basic knowledge of , In order to learn better docker A loophole in . docker It's a lightweight virtualization product , It's a hierarchical structure . ...

Random recommendation

  1. be based on AVPlayer Custom player

    If I just play a video , Regardless of the interface of the player .iOS9.0 Before using  MPMoviePlayerController, Or bring one inside view Of  MPMoviePlayerViewCo ...

  2. TCP/IP Deal with the UDP The difference between agreements

    TCP(Transmission Control Protocol, Transmission control protocol ) It's a connection oriented protocol , in other words , Before sending and receiving data , Must establish a reliable connection with the other party . One TCP The connection has to go through three times “ dialogue ” To build it up , ...

  3. Socket I/O Model - overlap I/O

    The basic design principle of overlapping model is to let the application use overlapping data structure , One or more at a time WinsockI/O request . For those submitted requests , After they're done , Applications can serve them . The overall design of the model is based on Windows overlap I/O ...

  4. SQL Realization , Update if it exists , Add... If it doesn't exist

    alter proc proc_DataSummary as begin begin try begin tran --PV -- The statistical information is stored in the temporary table ), CreateDate, ) ), Crea ...

  5. Python The way Day14

    primary coverage :jQuery Advanced .CSS Pseudo classes and pseudo elements .jQuery plug-in unit tab Menu style checkbox Future generations . Reverse election Location :scrollTop and offset event : Two ways to bind events and delegate delegate a ...

  6. 【 js Basics 】【 Source code learning 】backbone Source code reading ( 3、 ... and ) Talking about REST and CRUD

    I've seen it recently backbone.js Source code , The details of the source code will not be repeated here , As you can star My source code reading project ( ...

  7. JS How to realize the intelligent floating of navigation bar

    <script language="javascript">     function smartFloat(obj) {         var obj = docu ...

  8. document.querySelectorAll() compatible IE6

    Not much to say , Go straight to the code // Use css Selector gets element object Compatibility encapsulation Test Already. function getElementsByCss(cssStr){ if(document.que ...

  9. w7 python35 Output Chinese garbled to solve

    1. There's a lot of confusion python The built-in console is normal however cmd So I kneel , With vs code It's the same thing , I don't want to study before python27 So simple , Add a front #UTF That's all right. Find solutions online import io,sy ...

  10. node.js Page rendering method of ejs

    . Install dependent components npm i consolidate -D npm i ejs -D 2. Layout server const express = require('express'); const consoli ...