Why Docker?
Why use Docker? Personally, the convenience that Docker can provide is the excellence of this technology in the face of program environment migration.
This performance allows us to avoid having to accompany a long list of environment configuration guides for version restrictions and extension descriptions when sharing code or project cooperation and handover; we no longer have to deliberately record our configuration changes to the existing environment, so as not to be at a loss when the next system migration; more importantly, Docker does not complicate the solution while providing the above solutions. On the contrary, it provides a faster and easier way.
Docker's unique application of incremental and file layers makes the solution to problems such as mirror download, sharing & isolation, version control and other problems particularly elegant. Interested readers can refer to the book "Learn Docker step by step".
Download & Install
download
Visit the URL below from the menuGet Docker Select the appropriate version to download.
/
Install
Desktop version of fool-in-law installation is available on both Mac and Windows, while installation in Centos will be limited by the system kernel version, see the link.
After the installation is complete, you can view the Docker version in the following ways:
docker --version
Change the mirror source
The speed of accessing official mirrors in China is slow, so you can choose a domestic mirror source. Here are the mirror sources of DaoCloud and Alibaba Cloud. The mirror source replacement method is explained in the following URL:
DaoCloud: /mirror
AliCloud: /#/accelerator
Mirror Market
You can search for the required image from the following URL:
Official:/
DaoCloud: /
AliCloud:/
Explanation of nouns
- Mirror: The downloaded from the mirror market is a mirror, which can be understood as a template for the container.
- Container: The environment in which the application runs, the creation of the container depends on a certain image. Note that the container is not a copy of the mirror. The container just establishes a read and write layer on the mirror to cover the modifications to the mirror configuration and files in the container. This method can avoid waste of resources caused by frequent mirror replication. For details, please refer to relevant books or blogs.
Mirrors and containers
Search and obtain mirror image
Search for mirrors
You can use the following command to search for images on a machine with Docker installed, but it is still recommended to search by accessing the mirror store. Note that $mirror-name needs to be replaced with the image name you want to search for.
docker search $mirror-name
Get a mirror
You can use the following command to pull the image locally, where $tag after the colon is the mirrored version tag. If the colon and subsequent content are omitted, it is the latest version to download, namely: latest. Version tag information can be found in the mirror market.
docker pull $mirror-name:$tag
Note that if the downloaded image carries a version tag, the version tag is required for the use of this image in the future, otherwise it will be downloaded again due to the different versions.
Viewing and deleting mirrors
View the mirror
View all images to use:
docker images
A single image can also be viewed in the following ways:
docker images $mirror-name
Delete the mirror
We can delete the image in the following ways, but at this time we need to ensure that no container uses this image:
docker rmi $mirror-name
View container
View the started container
docker ps
View all containers
docker ps -a
View container log
Use the following methods to view the operation history and output of the container:
docker logs $container-name
Start the container
Generate containers
A container based on a certain image can be generated in the following way. Note that if the image is not in the host, it will be downloaded first. Be sure to pay attention to whether the mirror label is correct.
docker run $mirror-name:$tag
Use this command to automatically start the container after creation.
Add a custom name to the container
pass docker ps -aYou can see the container's ID and name, both of which can be used as identifications for subsequent operations such as deletion, startup, closing and setting of the container. When using ID, just enter the first few digits of the ID (which can be distinguished from other containers).
Docker will randomly generate a 64-bit length string as an ID for it. Of course, we can also manually specify the name of the container by following the following method, where $container-name is the specified container name.
docker run --name $container-name $mirror-name
Start the container
docker start $container-name
Close the container
docker stop $container-name
Create containers interactively
The container can be created interactively by the following methods, and of course, it can also be created in the$mirror-name The front plus --name xxx To specify the name of the container, in interactive mode, you can enterexit quit:
docker run -it $mirror-name
Create containers in the background operation mode
We can use the -d operation to make the container run in the background:
docker run -d $mirror-name
Container status issues
After the container is started, the container will automatically close if there is no active foreground process. To keep the container started, you can force it to execute a foreground process.
You can create a centos image that does not automatically close in the following ways:
docker run -it --name mycentos centos docker start mycentos // You can see that the container is not closed automaticallydocker ps
Container performs operations
We can perform some operations on the already started container in the following ways, where$container-name It can be the name of the container or the ID of the container:
docker exec $container-name echo "hello" && echo "world"
You can also enter interactive mode by:
docekr exec -it $container-name bash
Among them, && plays the role of connecting between operations. In addition, we can also make the container perform some operations when creating it:
docker run $mirror-name echo "hello world"
View container details
The detailed information of the container can be viewed in the following ways, which is presented in JSON format:
docker inspect $container-name
Delete container
Can berm Then add one or more container names or container IDs for batch deletion.
docker rm $container-name-1 $container-name-2 ...
All containers can be deleted using the following methods:
docker rm $(docker ps -aq)
Docker Network
Network Category
View Network Category
The category of the network isnone,host,bridge There are three types, which can be viewed in the following ways:
docker network ls
none network
As the name implies, such networks mean that containers are individuals and do not communicate with external ones.
host network
This type of network means that the container shares the network with the host (the machine where Docker is installed).
Bridge-type network
This is the default network type of containers. The bridge mode means that containers can communicate with each other, while external communication requires the help of hosts. This form is usually reflected in the mapping of port numbers.
View network category details
docker network inspect $network-name
This way you can view the network categories in JSON format,Containers You can see a list of containers using the current network type in the entry. NoteContainers Only those containers that have been started will be displayed.
Create a network
A network can be created by, where,$network-driver Represents the network category, i.e.none orbridge orhost,and$network-nameFor a custom network name:
docker network create --driver $network-driver $network-name
If --driver $network-driver is omitted, a network of bridge type is created by default.
Specify a network for the container
We can create a custom network environment and put some containers into this network to manage network connectivity between containers. This simulation of LAN segments is actually implemented by internal DNS. The following lists how to add or remove a container to a network.
Add containers to a network
The container can be transferred in the following ways$container-name join in$network-name In the network. Note that a container can belong to multiple networks.
docker network connect $network-name $container-name
After that, when the container starts, we candocker network inspect $network-name ofContainers I saw this container in it.
Remove containers from a network
docker network disconnect $network-name $container-name
Specify the network when container generation
We can also specify the network when the container is generated, using the following method:
docker run --network $network-name $mirror-name
Test network connectivity
We can query the container's IP address through the following methods:
- Use in container interaction mode
ip addr; - use
docker inspect $container-name - use
docker inspect $container-name | grep IPAddress
Can be used laterping Network connection status during the command test capacity. Noping The command container needs to be installediputils。
Delete the network
docker network rm $network-name
Docker storage
Sometimes, we need to map part of the storage of the container into the host machine to back up or manage configuration files, log files, data files, etc.
Specify the data volume
When creating, we can specify a directory in the system as a data volume of a directory in the container, where --volume Available -v abbreviation:
docker run --volume /my/mac/dir:/container/dir $mirror-name
At this time, /container/dir inside the container will form a mapping with /my/mac/dir of the host.
Of course, we can also map files to files.
docker run --volume /my/mac/file:/container/file $mirror-name
When specifying a data volume, the host host directory can be omitted. At this time, Docker will automatically specify a host space for mapping:
docker run --volume /container/dir $mirror-name
In addition, you can also choose the read-only method, so that the modification of files or directories can only be performed in the host. Just add :ro:
docker run --volume /my/mac/dir:/container/dir:ro $mirror-name
We can pass docker inspect $container-name, and inMounts See details of the data volume in
View data volumes
We can view the data volume through the following command:
docker volume ls
When the container is deleted, the data volumes on the host will not be deleted. At this time, you can view data volumes that are not used by the container through the following instructions. Note that only those data volumes automatically specified by Docker will be displayed here, that is, data volumes that do not manually specify the host mapping directory:
docker volume ls -f dangling=true
By the way, if you need to delete the data volumes together when deleting the container, you can use the following instructions:
docker rm -v $container-name
Data volume inheritance
Sometimes we may need to select the data volume of the container when creating a container, such as when facing the need for multiple containers to share the project directory space. At this time, we can achieve it in the following ways:
docker run --volumes-from $container-name $mirror-name
Deletion of data volumes
You can delete the data volume in the following way, where $volume-id can be viewed through docker volume ls:
docker volume rm $volume-id
Add data volumes to the created container
Once the container is created, adding data volume mapping will be more troublesome.
Moreover, this is not recommended here. The recommended way is to create the container again with this image after submitting the container as a mirror.
Docker port
Bind port
We can bind the port of the container to a port of the host, and have completed the requirements of certain applications, such as binding the 12345 port of the host to the 80 port of the container, so we are good at localhost:12345 Access is equivalent to accessing the container port 80.
Port binding can be implemented in the following ways, where $host-port is the port of the host host, and$container-port is the port of the container, such as12345:80:
docker run -p $host-port:$container-port nginx
We can also specify only the port number of the container, and at this time Docker will automatically assign the port number on a host.
docker run -p $container-port nginx
For Nginx, the official image specifies exposing ports 80 and 443 for http and https requests when making. For such ports exposed in the image, you can specify all of them when creating:
docker run -P nginx
At this time, Docker will automatically allocate the two ports on the host to map ports 80 and 443 of the container respectively. The number of automatically allocated corresponds to the number of ports exposed in the image.
View port
We candocker ps -a In-housePORTSThe port mapping is seen in the column. Note that only the running containers will have actual port mappings.
In addition, we can also use the following directive to view the port mapping of a container:
docker port $container-name
docker-compose
When creating a container, multiple parameters may need to be restricted, such as specifying a network, specifying a data volume, specifying a port, etc. Moreover, sometimes we may need to use multiple containers to jointly support the application, such as Nginx containers, php & php-fpm containers, MySQL containers, Redis containers, etc.
If you use various parameters every time and start the container in a certain order (there may be a sequence between containers, such as starting PHP first and then starting Nginx containers), it will cause a lot of cumbersome operations. To solve this problem, we can use docker-compose.
Execute the following command to view the instructions that docker-compose can execute:
docker-compose --help
YAML
docker-compose depends on a file to specify container data volumes, networks, etc.
The .yml file follows the YAML syntax, which is a syntax that uses indentation.
Sample
Here is a simple example to illustrate the usage of docker-compose
version: '2.0' services: # Enable a container with nginx and named web1 web1: image: nginx # Enable ports 80 and 443, the actual mapped port is specified by Docker ports: - "80" - "443" # Add this container to mynetwork networks: - "mynetwork" # Specify that the container is to be started after the web2 container is started and before it stops depends_on: - web2 web2: image: nginx ports: - "33333:80" networks: - "mynetwork" - "bridge" volumes: - "/mnt" networks: # Create a network with the driver as bridge, named mynetwork mynetwork: driver: bridge
Where, the actual name of the container is.yml file directory name_.yml file specified name_serial number,likemydir_web1_1. However, inside the container, it can be usedmydir_web1_1 Can also be used web1 As a domain name access to another host, this is crucial for multiple containers to jointly support web services later.
More .yml The writing method of the file can be referenced[YAML template file][7]
Use of docker-compose
Generate containers
First, we need to have a or and enter the directory where the file is located, generate and start with the following command:
docker-compose up
Docker will The content in the creates networks, data volumes, and containers.
Of course, parameters can also be added -d Make it run in the background after it is generated:
docker-compose up -d
stop
Stop the container can be used:
docker-compose stop
run
Run the container again to use
docker-compose start
View log
docker-compose logs
delete
The following command can be used to delete the container, but the previously created network will not be deleted
docker-compose rm
If you want to delete both containers and networks, you can use:
docker-compose down
Note that the deletion of data volumes still requires the method of deleting data volumes before.
Generate & submit mirrors
Generate a mirror
We have made modifications to containers using a certain image. For example, install nginx in a container created with centos image. At this time, we can generate this container into a new image, and then we can create other containers through this new image, and these containers have also installed nginx.
Generating images can be done in the following ways:
docker commit -m $commit-msg -a $author $container-id $namespace/$mirror-name:$tag
like:
docker commit -m 'install nginx' -a 'dailybird' abcd1234 dailybird/nginx:test
Then you can view the created image through docker images.
Submit image
We can submit the image to the official repository, so that we can get the image we made ourselves just like the way we first obtained the image.
First, we need to register an account on the Docker Hub:/
Then log in with the following command:
docker login
After that, you will be prompted to enter your username and password. After the login is successful, you will push it in the following way:
docker push $namespace/$mirror-name:$tag
Since the speed of accessing Docker Hub in China is slow, we can also use DaoCloud or Alibaba Cloud's Docker services. The specific push method can access the URL given before, and refer to the method in it.
Dockerfile
It is certainly feasible to create a mirror using existing containers, but when we need to modify the image again, we need to generate the container again, modify the configuration or install the software, and submit the image again. In addition, there are two problems in continuously modifying the submission based on the original submission mirror:
- The accumulated modification entries are not intuitive enough, and you may not know what modifications to the original mirror afterwards;
- In Docker's view, the process of continuous modification is an incremental update process. This time the modification is equivalent to adding a read-only layer to record the modification situation of this time based on the previous one. The number of read-only layers is limited, which means that the number of operations in this modification and submission method is limited.
So, is there a better way to achieve mirror generation? analogy, We can use another configuration file-like method to guide the generation of images, which isDockerfile。
Dockerfile can specify the source of the original image of the new image, the operations on the original image, environment variables, and instructions executed when creating a container.
Sample
# The original image based on the new imageFROM centos:centos6.8 # Indicate the maintainerMAINTAINER dailybird <dailybird@> # Set some environment variables, use \ to indicate that multiple settings are connectedENV NGINX_VERSION 1.11.11 \ TEST_ENV hello # Specify the exposed port number,EXPOSE 80 443 # Modifications based on the original imageRUN yum install -y wget iputils \ && wget /download/nginx-1.11. # When creating and starting with this image, the instructions executed by the container are usually used to start the service.CMD ["echo", "hello world"]
For example, using the following configuration, you can install nginx in centos:
FROM centos:centos6.8
MAINTAINER dailybird <dailybird@>
EXPOSE 80 443
RUN cd / \
&& mkdir data \
&& cd data \
&& mkdir nmp \
&& cd nmp \
&& yum install -y wget pcre-devel gcc gcc-c++ \
ncurses-devel perl make zlib zlib-devel \
openssl openssl--devel iputils \
&& wget /download/nginx-1.11. \
&& tar zxf nginx-1.11. \
&& cd nginx-1.11.11 \
&& ./configure --prefix=/usr/local/nginx \
&& make && make install && make clean \
For more Dockerfile instructions, please refer to the Dockerfile instructions.
Dockerfile usage
Create images using Dockerfile
First, we need to create a new name calledDockerfile file (without a suffix), and write some configuration content. Then in the directory of the file, create the image with the following instructions:
docker build --tag $namespace/$mirror-name:$tag $dockerfile-dir
in,$dockerfile-dir for Dockerfile The directory in which you are located, for example, execute:
docker build --tag dailybird/nginx-demo:demo ./
After waiting for a while, you can pass docker images I saw the newly created image.
Dockerfile in docker-compose
When we need to start a new image, we can create this image first and then Passed in the fileimage Specify a new image; you can also merge these two steps directly in the following ways:
version: '2.0' services: web1: The parameter after # build is the directory location where the Dockerfile file is located, replacing the original image build: ./ ports: - "80" networks: - "mynetwork" # ... # Other configurations
After that, the container can be created with the following instructions:
docker-compose build docker-compose up
Or, execute directly:
docker-compose up --build
At this time, Docker will automatically create a mirror and create a container.
postscript
There is also a lot of content about Docker, such as backup, cluster, plug-ins, etc. But let's leave these for further research before writing.
Question memorization
Permissions issues
Sometimes you may encounter the following Docker error:
WARNING: Error loading config file:/home/user/.docker/ - stat /home/user/.docker/: permission denied
At this point, it can be solved by:
sudo chmod -R g+rwx /your/path/to/.docker/
The above is all the content of this article. I hope it will be helpful to everyone's study and I hope everyone will support me more.