动手玩转Docker
Posted 六月骄阳
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了动手玩转Docker相关的知识,希望对你有一定的参考价值。
在学习docker之前,先了解一下什么是docker,以及docker技术存在的意义。
Docker是PaaS供应商dotCloud开源的一个基于LXC 的高级容器引擎,源代码托管在 GitHub 上, 基于Go语言开发并遵从Apache 2.0协议开源。Docker提供了一种在安全、可重复的环境中自动部署软件的方式,它的出现拉开了基于云计算平台发布产品方式的变革序幕。
注:英文不好的话,就不要学习Docker了,下面粘贴一部分官方介绍:
Docker overview
Estimated reading time: 5 minutes
Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.
The Docker platform
Docker provides the ability to package and run an application in a loosely isolated environment called a container. The isolation and security allow you to run many containers simultaneously on a given host. Containers are lightweight because they don’t need the extra load of a hypervisor, but run directly within the host machine’s kernel. This means you can run more containers on a given hardware combination than if you were using virtual machines. You can even run Docker containers within host machines that are actually virtual machines!
Docker provides tooling and a platform to manage the lifecycle of your containers:
- Develop your application and its supporting components using containers.
- The container becomes the unit for distributing and testing your application.
- When you’re ready, deploy your application into your production environment, as a container or an orchestrated service. This works the same whether your production environment is a local data center, a cloud provider, or a hybrid of the two.
Docker Engine
Docker Engine is a client-server application with these major components:
-
A server which is a type of long-running program called a daemon process (the
dockerd
command). -
A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do.
-
A command line interface (CLI) client (the
docker
command).
The CLI uses the Docker REST API to control or interact with the Docker daemon through scripting or direct CLI commands. Many other Docker applications use the underlying API and CLI.
The daemon creates and manages Docker objects, such as images, containers, networks, and volumes.
Note: Docker is licensed under the open source Apache 2.0 license.
For more details, see Docker Architecture below.
What can I use Docker for?
Fast, consistent delivery of your applications
Docker streamlines the development lifecycle by allowing developers to work in standardized environments using local containers which provide your applications and services. Containers are great for continuous integration and continuous delivery (CI/CD) workflows.
Consider the following example scenario:
- Your developers write code locally and share their work with their colleagues using Docker containers.
- They use Docker to push their applications into a test environment and execute automated and manual tests.
- When developers find bugs, they can fix them in the development environment and redeploy them to the test environment for testing and validation.
- When testing is complete, getting the fix to the customer is as simple as pushing the updated image to the production environment.
Responsive deployment and scaling
Docker’s container-based platform allows for highly portable workloads. Docker containers can run on a developer’s local laptop, on physical or virtual machines in a data center, on cloud providers, or in a mixture of environments.
Docker’s portability and lightweight nature also make it easy to dynamically manage workloads, scaling up or tearing down applications and services as business needs dictate, in near real time.
Running more workloads on the same hardware
Docker is lightweight and fast. It provides a viable, cost-effective alternative to hypervisor-based virtual machines, so you can use more of your compute capacity to achieve your business goals. Docker is perfect for high density environments and for small and medium deployments where you need to do more with fewer resources.
Docker architecture
Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing your Docker containers. The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface.
好吧,我还是比较仁慈的,下面开始上中文
Docker产生的目的就是为了解决以下问题:
1) 环境管理复杂: 从各种OS到各种中间件再到各种App,一款产品能够成功发布,作为开发者需要关心的东西太多,且难于管理,这个问题在软件行业中普遍存在并需要直接面对。Docker可以简化部署多种应用实例工作,比如Web应用、后台应用、数据库应用、大数据应用比如Hadoop集群、消息队列等等都可以打包成一个Image部署。
2) 云计算时代的到来: AWS的成功, 引导开发者将应用转移到云上, 解决了硬件管理的问题,然而软件配置和管理相关的问题依然存在。Docker的出现正好能帮助软件开发者开阔思路,尝试新的软件管理方法来解决这个问题。
3) 虚拟化手段的变化: 云时代采用标配硬件来降低成本,采用虚拟化手段来满足用户按需分配的资源需求以及保证可用性和隔离性。然而无论是KVM还是Xen,在 Docker 看来都在浪费资源,因为用户需要的是高效运行环境而非OS, GuestOS既浪费资源又难于管理, 更加轻量级的LXC更加灵活和快速。如图所示:
4) LXC的便携性: LXC在 Linux 2.6 的 Kernel 里就已经存在了,但是其设计之初并非为云计算考虑的,缺少标准化的描述手段和容器的可便携性,决定其构建出的环境难于分发和标准化管理(相对于KVM之类image和snapshot的概念)。Docker就在这个问题上做出了实质性的创新方法。
1、Docker 概念
1.1 容器技术
Linux 容器技术很早就有了,比较有名的是被集成到主流 Linux 内核中的 LXC 项目。容器通过对操作系统的资源访问进行限制,构建成独立的资源池,让应用运行在一个相对隔离的空间里,同时容器间也可以进行通信。
容器技术对比虚拟化技术,容器比虚拟化更轻量级,对资源的消耗小很多。容器操作也更快捷,启动和停止都要比虚拟机快。但容器需要与主机共享操作系统内核,不能像虚拟机那样运行独立的内核。
Docker 是一个基于 LXC 技术构建的容器引擎,基于 GO 语言开发,遵循 Apache2.0 协议开源。Docker 的发展得益于为使用者提供了更好的容器操作接口。包括一系列的容器,镜像,网络等管理工具,可以让用户简单的创建和使用容器。
Docker 支持将应用打包进一个可以移植的容器中,重新定义了应用开发,测试,部署上线的过程,核心理念就是 Build once, Run anywhere。
Docker 容器技术的典型应用场景是开发运维上提供持续集成和持续部署的服务。
下面我们开始介绍 Docker 中的几个基本概念。
1.2 镜像
Docker 的镜像概念类似于虚拟机里的镜像,是一个只读的模板,一个独立的文件系统,包括运行容器所需的数据,可以用来创建新的容器。
镜像可以基于 Dockerfile 构建,Dockerfile 是一个描述文件,里面包含若干条命令,每条命令都会对基础文件系统创建新的层次结构。
用户可以通过编写 Dockerfile 创建新的镜像,也可以直接从类似 github 的 Docker Hub 上下载镜像使用。
1.3 容器
Docker 容器是由 Docker 镜像创建的运行实例。Docker 容器类似虚拟机,可以支持的操作包括启动,停止,删除等。每个容器间是相互隔离的,但隔离的效果比不上虚拟机。容器中会运行特定的应用,包含特定应用的代码及所需的依赖文件。
在 Docker 容器中,每个容器之间的隔离使用 Linux 的 CGroups 和 Namespaces 技术实现的。其中 CGroups 对 CPU,内存,磁盘等资源的访问限制,Namespaces 提供了环境的隔离。
1.4 仓库
如果你使用过 git 和 github 就很容易理解 Docker 的仓库概念。Docker 仓库相当于一个 github 上的代码库。
Docker 仓库是用来包含镜像的位置,Docker 提供一个注册服务器(Registry)来保存多个仓库,每个仓库又可以包含多个具备不同 tag 的镜像。Docker 运行中使用的默认仓库是 Docker Hub 公共仓库。
仓库支持的操作类似 git,创建了新的镜像后,我们可以 push 提交到仓库,也可以从指定仓库 pull 拉取镜像到本地。
以上是关于动手玩转Docker的主要内容,如果未能解决你的问题,请参考以下文章
动手实践 Linux VLAN - 每天5分钟玩转 OpenStack(13)
如何配置 Health Check?- 每天5分钟玩转 Docker 容器技术(107)