Docker basic management 1

It is an open source application container engine, based on go language concurrency and following Apache 2.0 0 protocol open source
It is an open source tool for running applications in Linux container ● it is a lightweight "virtual machine"“
Docker's container technology can easily create a lightweight, portable and self-sufficient container for any application on one host.
Docker's Logo is designed as a blue whale, dragging many containers. Whales can be seen as host computers, and containers can be understood as isolated containers. Each container contains its own application (sandbox).

Docker's design purpose: Build, ship and Run Any App, Anywhere; That is, through the management of the life cycle of application component packaging, publishing, deployment and operation, the purpose of "one-time packaging and running everywhere" at the application component level is achieved. The components here can be either an application, a set of services, or even a complete operating system.

1.2 # reasons for Docker's popularity

Flexibility: even the most complex applications can be containerized.
Lightweight: the container leverages and shares the host kernel.
Interchangeable: you can deploy updates and upgrades immediately.
Portable: can be built locally, deployed to the cloud, and run anywhere.
Scalable: container copies can be added and automatically distributed.
Scalable stack: services can be stacked vertically and instantaneously

Container runs locally on linux and shares the kernel of the host with other containers. It runs an independent process and does not occupy the memory of any other executable files. It is very lightweight. The virtual machine runs a completed operating system. It needs more resources to access the host resources through the virtual machine manager.

1.3. Usage scenarios of Docker

Packaging to simplify application deployment
It can be migrated arbitrarily away from the underlying hardware
Example: server migration from Tencent cloud to Alibaba cloud

2, The difference between Docker and virtual machine and Openstack

2.1 # the difference between Docker and virtual machine

characteristic	Docker container	virtual machine
Starting speed	Second order	Minute level
Computing power loss	Almost none	The loss is about 50%
performance	Near primary	weaker than
System support (single machine)	Thousands	Dozens
Isolation	Resource isolation / restriction	Complete isolation

2.2 # the difference between Docker and Openstack

category	Docker	Openstack
Deployment difficulty	It's simple	Too many components and complex deployment
Starting speed	Second order	Minute level
Execution performance	Almost consistent with the physical system	VM will occupy some resources
Mirror volume	Mirror MB LEVEL	GB level of virtual machine image
Management efficiency	Simple management	Components are interdependent and complex to manage
Isolation	High isolation	Complete isolation
Manageability	Single process	Complete system management
network connections	Relatively weak	With the help of neutron, various network management components can be flexibly installed

2.3 the container supports two important technologies in the kernel

docker is essentially a process of the host
docker implements resource isolation through namespace
docker implements resource restriction through cgroup
docker realizes efficient file operation through copy on write technology (similar to the disk of virtual machine, such as allocating 500g instead of actually occupying 500g of physical disk)

3, Docker core concepts

image

Docker image is the basis of container creation. It is similar to the snapshot of virtual machine and can be understood as a read-only template for docker container engine.
Start a container through an image. An image is an executable package, which includes all the contents required to run the application, including code, runtime, libraries, environment variables, and configuration files.
Docker image is also a compressed package, but this compressed package is not only an executable file, but also an environment deployment script. It also contains a complete operating system. Because most images are built based on an operating system, it is easy to build the same local and remote environments, which is also the essence of docker image.

container

Docker's container is a running instance created from the image, which can be started, stopped and deleted. Each container created is isolated and invisible to each other to ensure the security of the platform.
The container can be regarded as a simple linux environment (including root user permissions, image space, user space, network space, etc.) and applications running in it.

Warehouse

Docker warehouse is used to store images in a centralized manner. After creating your own image, you can use the push command to upload it to public or private warehouses. The next time you want to use this image on another machine, just get it from the warehouse.
The images, containers, logs and other contents of Docker are stored in / var/lib/docker by default

4, Docker installation

Currently, Docker can only support 64 bit systems.

systemctl stop firewalld.service
setenforce 0
 
#Install dependent packages
yum install -y yum-utils device-mapper-persistent-data lvm2

#Set alicloud image source
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
 
 
#Install docker CE and set it to start automatically
yum install -y docker-ce
 
systemctl start docker.service
systemctl enable docker.service

Installed Docker The system has two programs, Docker Server and Docker client. among Docker The server is a service process, which is responsible for managing all containers.
Docker The client plays the role of Docker The remote controller of the server can be used to control Docker Server process. In most cases Docker The server and client run on the same machine.

Version number of docker and version number of go

5, Docker image operation

View version information and details

docker version
docker info

Image search 1.5

Format: docker search keyword
docker search nginx

5.2 obtaining images

Format: docker pull Warehouse name[:label]

If no label is specified when downloading the image, the latest version of the image in the warehouse will be downloaded by default, that is, the label selected is the latest label.

docker pull nginx

Image download acceleration

Browser access https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors Get image accelerator configuration

Execute commands on virtual machines 

  docker info See if acceleration is enabled

5.4 viewing image information

After downloading, the image is stored in the /var/lib/docker
 
#View downloaded image file information
cat /var/lib/docker/image/overlay2/repositories.json
 
#View all images downloaded locally
docker images

REPOSITORY: The warehouse to which the image belongs;
TAG: The label information of the image, marking different images in the same warehouse;
IMAGE ID: Mirror unique ID Number, which uniquely identifies a mirror image;
CREATED: Image creation time;
VIRTUAL SIZE: Image size;


#Obtain the image details according to the unique ID number of the image
 Format: docker inspect image ID number
docker inspect ae2feff98a0c

5.5 add a new label for the local image

Format: docker tag name:[label] New name:[new label]
docker tag nginx:latest nginx:web
 
docker images | grep nginx

5.6 deleting images

Format:
docker rmi Warehouse name:label #When a mirror has multiple labels, only the specified labels are deleted
 perhaps
docker rmi image ID number #The mirror is completely deleted
 
The method is to delete the image container first. Note: if the image container has been deleted, then delete it. If normal deletion cannot be deleted, it can be added-f Option to force deletion.
 
docker rmi nginx:web

- f forced deletion needs to think twice. If this image is being used by the container, it will be deleted together with the container

5.7 store image: save the image as a local file

Format: docker save -o Image of storage file name
docker save -o nginx nginx:latest #The saved image is named nginx and exists in the current directory
ls -lh

5.8 load image: import the image file into the image library

Format:
docker load < Saved files
 perhaps
docker load -i Saved files
 
docker load < nginx

5.9 uploading images

Default upload to docker Hub For the official public warehouse, you need to register the account of using the public warehouse https://hub.docker.com 
Click to use docker login Command to enter user name, password and email to complete registration and login.
Before uploading the image, you need to add a new label to the local image before using it docker push Command to upload
#Log in to public warehouse
docker login                                         
Username:account number
password:password                       
 1.List all mirrors first
docker images
2.Change the image to be published to your account name.
Example: my account name: aaaa
 My image: docker_name
docker tag  docker_name  aaaa/docker_name
#When adding a new tag, you must precede it with the username of your dockerhub
3.Publish image
docker push aaaa/docker_name#Upload image

5.10 summary: common image operations

docker search
docker pull
docker images
docker inspect
docker tag
docker rmi
docker save -o
docker load -i
docker push

6, Docker container operation

6.1 container creation

This is the process of loading the image into the container.

The newly created container is stopped by default and does not run any program. A process needs to be initiated to start the container.

Format: docker create [option] image

Common options:

-i: Keep the input of the container open

-t: Give Way Docker Assign a pseudo terminal



docker create -it nginx:latest /bin/bash


#If the creation fails, turn on route forwarding

6.2 check the operation status of the container

docker ps -a #-a option can display all containers
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8b0a7be0ff58 nginx:latest "/docker-entrypoint...." 57 seconds ago Created inspiring_swanson
 
Container ID No. loaded image running program creation time current state port mapping name

6.3 starting the container

Format: docker start Container ID/name
docker start 8b0a7be0ff58
docker ps -a

Note: the port number is the internal port of the container and has nothing to do with the host

6.4 creating and starting containers

Format:
docker run image bash -c shell command

For example: docker run nginx:1.14 bash -c ls /  #You will find that a new container is created and a shell command is started and executed. The container takes this command as the first process. After the command is executed, the first process of the container is closed, and the container stops

The newly created container is stopped by default and does not run any program. A process needs to be initiated to start the container.
*If prompted WARNING:IPv4 forwarding is disabled.Networking wil not work.You need to/etc/sysctl.conf Middle opening ip Forwarding function, and reload the kernel configuration, and then restart the network card and docker service

format∶docker create [option]
Common options for mirroring∶
-i∶Keep the input of the container open
-t∶Give Way Docker Assign a pseudo terminal
-it: Work together to interact with the container and run an interactive session shell
docker create -it nginx:1.14 bash		#Bash is the abbreviation of system commands / bin/bash, / usr/bin/bash

#Start the container and view the running status of the container
docker start Container ID/name

docker ps -a                           #-The a option can display all containers, and only the running containers are displayed without - A

Can be executed directly docker run Command, equivalent to executing first docker create Command, execute again docker start Command.
be careful∶A container is a container with which to run shell For the terminal where the command co exists, the command runs, the container runs, the command ends, and the container exits.

If you want the created container to run all the time, you need to ensure that the first program running the container is running all the time. When the first process exits, the container will exit; Stopping the container also stops the processes in the container
docker The container defaults to the first process inside the container, that is pid = 1 Program as docker Whether the container is running, if docker In container pid = 1 The process of is suspended, so docker The container will exit directly, that is to say Docker There must be a foreground process in the container, otherwise the container is considered dead.

When using docker run To create a container, Docker The standard running process in the background is:
(1)Checks whether the specified mirror exists locally. When the image does not exist, it will be downloaded from the public warehouse
(2)Create and start a container using the image
(3)Allocate a file system to the container and mount a read-write layer outside the read-only image layer
(4)Bridge a virtual machine interface from the bridge interface configured by the host to the container
(5)Assign an address in the address pool IP Address to container;
(6)Execute the application specified by the user. After execution, the container is terminated

Continuously run the container created by docker run in the background

Need in docker run Add after command -d Option let Docker The container runs in the background as a daemon. And the program that the container is running cannot end.
docker run -d nginx:1.14 bash -c "while true;do echo hello;done"
docker ps -a 
#It can be seen that the container is always UP and running
docker run -itd --name test1 nginx:1.14 bash        
#Create a container and continue to run the container, - name customize a container name. If you do not use - d to run in the background, you will enter the container after creating it. If you exit, you will directly terminate the operation of the container

Terminate container operation

format∶ docker stop Container ID/name
docker stop [-t] Container ID/name                     #-t specifies how many seconds to wait before directly kill ing the container. The default is 10 seconds

docker ps -a

Format: docker kill Container ID/name
docker kill Container ID/name 

docker ps -a

#The difference between kill and stop is that stop will notify the container that it needs to be closed. After waiting for about 10S, close the container and reserve a time for the service cache data to be saved. Kill will immediately close the container, and the data cached in memory may be lost directly

Entry of containers

format∶ docker exec -it container ID/name /bin/bash
-i Option means to keep the input of the container open
-t Option means let Docker Assign a pseudo terminal

Enter the container and keep running in the background

Import the file into the container from the host

echo abc123 > nanjing,txt       #Create a file in the current directory and copy it to the container
docker cp nanjing,txt 96b69fc922bb:/opt/
 
#Copy files from container to host
docker cp 96b69fc922bb:/opt/test.txt ~/abc123.txt

Export and import of containers

docker export container ID/name >file name
docker export 5c48f0d8de05 > nginx.tar
scp scp nginx.tar 192.168.80.12:/opt

Import of containers

Import:
cat file name | docker import - Image name:label
cat nginx.tar | docker import - nginx:test  
docker run -itd --name jzm2 42bcd5796190 bash   #Recreate container

Delete container

#You need to stop the container for deletion first. If you force the deletion of the running container, you need to add "- f". rmi is to delete the mirror warehouse, and rm can be used to delete the container
 format∶docker rm [-f] container ID/name
docker stop container ID                            #Delete containers in terminated state
docker rm container ID
docker rm -f container ID                           #Force deletion of running containers

#Batch stop container
docker ps -a | awk 'NR>=2{print "docker stop "$1}' | bash                
docker ps -a | awk 'NR>=2{print $1}' | xargs docker stop

#Batch delete all containers
docker ps -a | awk 'NR>=2{print "docker rm "$1}'| bash 
docker ps -a | awk 'NR>=2{print $1}'| xargs docker rm (-f)

#Batch delete image
docker images | awk 'NR>=2{print "docker rmi "$3}'| bash
 
#Delete none mirror
docker images | grep none | awk '{print $3}' | xargs docker rmi

#Batch cleaning containers stopped in the background
docker rm $(docker ps -a -q)

Keywords: Operation & Maintenance Docker Container

Added by andychamberlainuk on Mon, 07 Mar 2022 18:23:28 +0200

Programming VIP