十分钟了解Docker(我的Docker学习笔记)
Posted Jingyao2021
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了十分钟了解Docker(我的Docker学习笔记)相关的知识,希望对你有一定的参考价值。
Docker学习笔记
碎碎念
最近再学云原生技术与应用,之前没接触过,所以打算从Docker开始好好入个门。文本仅涉及Docker相关的基础概念,Docker如何理解、有什么用之类;最后通过虚拟机中的Ubuntu下载Docker,实际操作熟悉Docker常用的一些命令。
背景知识
对于我们计算机的学生来说,90%的难题大概都在安装软件、配置环境上;并且如果中途出差错、自己装好了想要帮同学装或者换电脑了,所有的一切都要重新来一遍。
要是各种环境配置也能存在软件的安装包中该多好啊,这样我们只要把安装包复制过来,安装完毕后所有的环境配置就像软件功能一样带好了。
虚拟机(Virtual Machine)就是一种解决方式,它可以带环境安装。但是由于虚拟机是操作系统级别的,VM有一些众所周知的毛病:比如需要独占部分内存和硬盘空间;并且由于虚拟机是让我们在一种系统中例如Windows运行其他的系统例如Linux,操作系统的启动过程还是需要较长时间的。
因此Linux容器这种虚拟化技术就成了新的更好的选择,它是一种特殊的被隔离的进程,通过操作系统层的虚拟化实现隔离,能接触到的资源都是虚拟的,由于是进程级别的,所以不存在类似虚拟机(OS级别)的问题(额外的操作系统开销),能够很好的提高资源利用率,并且提升诸如I/O等方面的性能。
Docker是什么
Docker是Linux容器的一种封装,Go语言开发、基于轻量级虚拟化技术的容器引擎项目,遵从Apache 2.0协议开源。
VM 和 Container的对比:
Docker有什么用
Docker可以在容器内部快速自动化部署应用,并可以通过内核虚拟化技术 (namespaces及cgroups等)来提供容器的资源隔离与安全保障等。
- 更低的资源损耗
- 更快的启动速度
- 更好的应用耦合
- 更强的弹性伸缩
Docker原理
取消了客户端操作系统层;
Docker有三个基本元素
- Docker Containers容器
- Docker Images容器镜像
- DockerFile文件指令集
Docker Container负责应用程序的运行,包括操作系统、用户添加的文件以及元数据;Docker根据image文件生成容器的实例;Docker根据Dockerfile生成二进制的image文件。
Docker核心组件
Docker实践
Install Docker Engine on Ubuntu
跟着官方文档安装,不管是Wins, Mac还是Linux,都有对应的文档,我的系统版本为:
(base) zou@zou-virtual-machine:/proc$ cat version
Linux version 4.15.0-142-generic (buildd@lgw01-amd64-036) (gcc version 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04)) #146-Ubuntu SMP Tue Apr 13 01:11:19 UTC 2021
使用官方安装脚本一键安装:
(base) zou@zou-virtual-machine:~$ curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
# Executing docker install script, commit: 93d2499759296ac1f9c510605fef85052a2c32be
+ sudo -E sh -c 'apt-get update -qq >/dev/null'
W: Target Sources (restricted/source/Sources) is configured multiple times in /etc/apt/sources.list:2 and /etc/apt/sources.list:7
W: Target Sources (restricted/source/Sources) is configured multiple times in /etc/apt/sources.list:2 and /etc/apt/sources.list:7
+ sudo -E sh -c 'DEBIAN_FRONTEND=noninteractive apt-get install -y -qq apt-transport-https ca-certificates curl >/dev/null'
+ sudo -E sh -c 'curl -fsSL "https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg" | gpg --dearmor --yes -o /usr/share/keyrings/docker-archive-keyring.gpg'
gpg: WARNING: unsafe ownership on homedir '/home/zou/.gnupg'
+ sudo -E sh -c 'echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu bionic stable" > /etc/apt/sources.list.d/docker.list'
+ sudo -E sh -c 'apt-get update -qq >/dev/null'
W: Target Sources (restricted/source/Sources) is configured multiple times in /etc/apt/sources.list:2 and /etc/apt/sources.list:7
W: Target Sources (restricted/source/Sources) is configured multiple times in /etc/apt/sources.list:2 and /etc/apt/sources.list:7
+ sudo -E sh -c 'DEBIAN_FRONTEND=noninteractive apt-get install -y -qq --no-install-recommends docker-ce-cli docker-scan-plugin docker-ce >/dev/null'
+ version_gte 20.10
+ '[' -z '' ']'
+ return 0
+ sudo -E sh -c 'DEBIAN_FRONTEND=noninteractive apt-get install -y -qq docker-ce-rootless-extras >/dev/null'
+ sudo -E sh -c 'docker version'
Client: Docker Engine - Community
Version: 20.10.8
API version: 1.41
Go version: go1.16.6
Git commit: 3967b7d
Built: Fri Jul 30 19:54:08 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.8
API version: 1.41 (minimum version 1.12)
Go version: go1.16.6
Git commit: 75249d8
Built: Fri Jul 30 19:52:16 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.9
GitCommit: e25210fe30a0a703442421b0f60afac609f950a3
runc:
Version: 1.0.1
GitCommit: v1.0.1-0-g4144b63
docker-init:
Version: 0.19.0
GitCommit: de40ad0
================================================================================
To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:
dockerd-rootless-setuptool.sh install
Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.
To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/
WARNING: Access to the remote API on a privileged Docker daemon is equivalent
to root access on the host. Refer to the 'Docker daemon attack surface'
documentation for details: https://docs.docker.com/go/attack-surface/
================================================================================
- 配置国内的镜像源
Ubuntu下配置Docker国内镜像源 - 测试Docker是否成功安装
常规通过查看版本检查安装:
(base) zou@zou-virtual-machine:~$ sudo docker version
Client: Docker Engine - Community
Version: 20.10.8
API version: 1.41
Go version: go1.16.6
Git commit: 3967b7d
Built: Fri Jul 30 19:54:08 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.8
API version: 1.41 (minimum version 1.12)
Go version: go1.16.6
Git commit: 75249d8
Built: Fri Jul 30 19:52:16 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.9
GitCommit: e25210fe30a0a703442421b0f60afac609f950a3
runc:
Version: 1.0.1
GitCommit: v1.0.1-0-g4144b63
docker-init:
Version: 0.19.0
GitCommit: de40ad0
- 尝试运行hello-world
(base) zou@zou-virtual-machine:~$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:393b81f0ea5a98a7335d7ad44be96fe76ca8eb2eaa76950eb8c989ebf2b78ec0
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
得到这样的结果,说明Docker就成功安装了。
常用命令操作实践
镜像相关
搜索镜像(大于5000颗星的)、拉取镜像、查看镜像:
(base) zou@zou-virtual-machine:~$ sudo docker search centos -f=STARS=5000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 6774 [OK]
(base) zou@zou-virtual-machine:~$ sudo docker pull centos
Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Downloading
latest: Pulling from library/centos
a1d0c7532777: Pull complete
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest
(base) zou@zou-virtual-machine:~$ ^C
(base) zou@zou-virtual-machine:~$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest feb5d9fea6a5 33 hours ago 13.3kB
centos latest 5d0da3dc9764 9 days ago 231MB
容器相关
启动容器(新建一个容器运行用run命令,启动centos并打开bash,-it参数表示进入容器交互)
(base) zou@zou-virtual-machine:~$ sudo docker run -it centos /bin/bash
[root@a8ee91177689 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
现在本机是wins环境,在虚拟机中运行的Ubuntu环境中用Docker启动并进入了一个centos容器,666,计算机真神奇,通过exit命令退出centos(容器停止运行);通过“Ctrl+p+q”保持容器继续运行地退出。
查看容器相关信息使用docker ps命令,默认只列出正在运行的,-a列出全部容器。
(base) zou@zou-virtual-machine:~$ sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a8ee91177689 centos "/bin/bash" 6 minutes ago Exited (127) 2 minutes ago hardcore_northcutt
31205c93b300 hello-world "/hello" 3 hours ago Exited (0) 3 hours ago serene_banach
对于已经存在的容器,启动start和暂停stop:
(base) zou@zou-virtual-machine:~$ sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0aeb03399b7 hello-world "/hello" 34 seconds ago Exited (0) 32 seconds ago hopeful_nobel
a8ee91177689 centos "/bin/bash" 21 minutes ago Exited (127) 17 minutes ago hardcore_northcutt
31205c93b300 hello-world "/hello" 3 hours ago Exited (0) About a minute ago serene_banach
(base) zou@zou-virtual-machine:~$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
(base) zou@zou-virtual-machine:~$ sudo docker start a8ee91177689
a8ee91177689
(base) zou@zou-virtual-machine:~$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a8ee91177689 centos "/bin/bash" 22 minutes ago Up 4 seconds hardcore_northcutt
(base) zou@zou-virtual-machine:~$ sudo docker stop a8ee91177689
a8ee91177689
(base) zou@zou-virtual-machine:~$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
查看容器内的进程信息(docker top containerID):
(base) zou@zou-virtual-machine:~$ sudo docker top a8ee91177689
UID PID PPID C STIME TTY TIME CMD
root 7293 7265 0 22:40 pts/0 00:00:00 /bin/bash
查看镜像和容器的详细信息(docker inspect [OPTIONS] container|image [container|image…])
Docker作业练习
这个是跟着b站狂神狂神的Docker课做的练习:
Docker练习:部署Tomcat
Docker练习:部署Nginx
学习参考资料
- 老师的PPT
- Docker–从入门到实践,挺好的的中文教程
- Docker入门教程–阮一峰
- Docker容器与容器云,浙江大学SEL实验室,人民邮电出版社,更适合当工具书
以上是关于十分钟了解Docker(我的Docker学习笔记)的主要内容,如果未能解决你的问题,请参考以下文章
14《每天5分钟玩转Docker容器技术》学习--一张图了解docker网络