A summary of psychotic docker knowledge points

Docker Basics

Notes taken with Mad Video. Suitable for Linux basics (required) and SpringBoot. Video address:https://www.bilibili.com/video/BV1og4y1q7M4?p=6&spm_id_from=pageDriver

1. Learning Route of docker

  1. Overview of Docker
  2. Docker Installation
  3. Docker command
    • Mirror Command
    • Container commands
    • Operational commands
    • ...
  4. Docker Mirror
  5. Container data volume
  6. DockerFile
  7. Docker Network Principles
  8. IDEA Integration Docker
  9. Docker Compose
  10. Docker Swarm
  11. CI/CD Jenkine

2. Overview of Docker

1. Overview of Docker

One product: development - online environment! Application environment, application configuration!

  • (1) Problems arising:
    • I can run on my computer! Not on you!
    • Version updates make the server unavailable. For operations and maintenance, the challenge is enormous. (Development and Operations and Maintenance)
    • Configuring the environment is cumbersome. Every machine needs to deploy the environment (cluster Redis, ES, Hadoop...)! Time consuming and laborious.
    • Previous jars required environments (Redis + MySQL + jdk + ES) in addition to publishing a project jar, each of which required its own installation and configuration on the server. This configuration was too cumbersome to cross-platform. So here comes a question: can a project be installed and packaged with an environment?
    • Traditionally: Programming apes pack jar s, maintain deployment environments (self-configuring, cumbersome), configure, and so on.
    • Now: the ape packs the jar and deploys it online (most of the environmental authorities have already written their configuration, just install it), and a set of processes is done. (What the two people did before, can now be done by one person.)
  • (2) Solutions
    • Docker offers solutions to these problems.
    • Android process:
      • Android apes -> apk apps -> publish to app stores -> use by Zhang San -> download apk to use.
    • Docker usage process (similar to the Android usage process):
      • Program Ape -> Write Code and Provide Environment -> Package Project with Environment (also known as Mirror) -> Publish to Docker Warehouse () Store -> Operations and Maintenance download our mirror to run.
  • (3) Docker's ideas come from container
    • Assuming multiple applications are started, port conflicts need to be prevented, and port numbers need to be crossed
    • Isolation: Docker's core idea! Pack and pack! Each box is isolated from each other. Port conflicts and other issues need not be considered.
    • Docker makes the most of your server through isolation!
  • (3) All technologies are due to some problems that we need to solve before we can learn!

2. Docke History

  • In 2010, several IT young people set up dotCloudk, a company in the United States, to do some pass cloud computing services and container technology related to LXC (virtual machine)! For example, Linux virtual machine technology. They named their own technology (container technology) Docker!
  • Docker was just born without drawing attention from the industry!dotCloud, you won't survive!
  • So open source is proposed. Develop source code! In 2013, Docker is open source! More and more people are discovering the advantages of docker! It's on fire, Docker updates every month! On April 9, 2014, Docker 1.0 was released!
  • Why is Docker so hot?
    • Very lightweight. Before container technology came out, we all used virtual machine technology! Virtual machine: Install a Vmware in window s, through which we can virtualize one or more computers! Heavy! Occupy memory! Virtual machine is also a virtualization technology, Docker container technology, and a virtualization technology!
      • Vm: Linux CentOS native mirror (equivalent to a computer!) If isolation is required, multiple virtual machines need to be turned on!Run for a few minutes with a few gigabytes of memory
      • docker: Mirrors are isolated from each other. Mirrors (core environment 4m + jdk environment + mysq1 environment) are very compact. Just run the mirror!Small!M or KB level seconds in memory!
      • If the computer is not good, the virtual machines will get stuck, but Docker won't.
  • Talk about Docker
  • Use scenarios
    • Automated packaging and publishing of Web applications.
    • Automated testing and continuous integration, publishing.
    • Deploy and tune databases or other background applications in a service-oriented environment.
    • Build your own PaaS environment by compiling or extending existing OpenShift or Cloud Foundry platforms from scratch.

3. What Docke Can Do

  • virtual machine
    • Virtualization technology features: 1. Resource usage more 2. Redundant steps more 3. Slow startup 4. Use the same core environment
  • Containerization Technology
    • Containerized technology is not a complete operating system for simulation
  • Compare Docker to Virtual Machine:
    • Traditional virtual machines virtualize hardware, run a complete operating system, and then install and run software on this system.
    • Applications inside the Docker container run directly on the host's kernel, and the container does not have its own kernel or virtual hardware.
    • Each container is isolated from each other, and each container has its own file system that does not affect each other.
  • DevOps (Developing Operations)
    • Apply faster delivery and deployment
      • Traditional: a bunch of help documents, reference help documents, installation environments and programs
      • After using Docker: One-click run large packages as mirrors and release tests.
    • Easier upgrade and expansion
      • With Docker, our deployment apps are like building blocks.
        • After packaging the current environment and application, if you find that environment needs to be upgraded, you can upgrade the current package into a package.
        • The project is packaged as a mirror and needs to be expanded. Server A needs to be expanded, Server B needs to be expanded, Server A runs and Server B expands (other mirrors can be expanded on B), and containers can communicate directly with containers.
    • Simpler System Operations
      • After containerization, our development and testing environments are highly consistent. There will not be situations where your own computer can run and others cannot.
    • More efficient use of computing resources
      • Docker is a kernel-level virtual machine (running directly on top of the kernel) that can run many container instances on a single physical machine! Server performance can be squeezed to the extreme.

3. Docker Installation

1. Docker Terms

  • Image: A Docker image is like a template through which container services can be created. For example: Tomcat image==>run through run==>tomcat01 container (provider server), through which multiple containers can be created (either the final service runs or the project runs in the container).
  • Container: Docker uses container technology to run one or a group of applications independently, created by mirroring. Containers can stop, delete, and other basic commands. This container can now be understood as a recommended Linux system.
  • repository: A warehouse is where mirrors are stored. Warehouses are divided into private and shared warehouses. Docker Hub defaults to foreign countries. Ali Cloud... requires container servers (Configure Mirroring Acceleration)

2. Install Docker

  • Environmental preparation
    • Need a little bit of Linux base.
    • CentOS7 Mirror
    • Use Xshell (or FinalShell) to connect to the remote server for operation!
  • Environment View
    • When the Xshell is connected to the Linux environment, view the current environment
# The system core is more than 3.10
[root@haodop1 ~]# uname -r
  • View System
    • When the Xshell is connected to the Linux environment, view the current system
# File/etc/os-release storing system information 
[root@haodop1 ~]# cat /etc/os-release 
NAME="CentOS Linux"
VERSION="7 (Core)"
ID_LIKE="rhel fedora"
PRETTY_NAME="CentOS Linux 7 (Core)"
  • install
    #1. Uninstall older versions of Docker
    [root@haodop1 ~]# yum remove docker \
    >                   docker-client \
    >                   docker-client-latest \
    >                   docker-common \
    >                   docker-latest \
    >                   docker-latest-logrotate \
    >                   docker-logrotate \
    >                   docker-engine
    • Installation packages required
    #2. Installation packages required for installation
    [root@haodop1 ~]# yum install -y yum-utils
    • Configure the download path for the mirror
    #3. Default Docker's own warehouse mirror address, slow download abroad
    yum-config-manager \
        --add-repo \
    #Ali Cloud's warehouse mirror address, recommend this
    yum-config-manager \
        --add-repo \
    • Update package index
    [root@localhost ~]# yum makecache fast
     Plugins loaded: fastestmirror, langpacks
    Loading mirror speeds from cached hostfile
     * base: mirrors.tuna.tsinghua.edu.cn
     * extras: mirrors.tuna.tsinghua.edu.cn
     * updates: mirrors.tuna.tsinghua.edu.cn
    base                                                                                                                       | 3.6 kB  00:00:00     
    docker-ce-stable                                                                                                           | 3.5 kB  00:00:00     
    extras                                                                                                                     | 2.9 kB  00:00:00     
    updates                                                                                                                    | 2.9 kB  00:00:00     
    Metadata cache established
    • Install docker related content
    #4. Install docker-related content (latest version) docker-ce Community Edition (recommended) ee Enterprise Edition
    #During installation you will be prompted if you need to enter y to determine the installation
    yum install docker-ce docker-ce-cli containerd.io
    #Specify version at installation
    yum install docker-ce-<VERSION_STRING> docker-ce-cli-<VERSION_STRING> containerd.io
    • Start docker
    	#5. Start docker, docker is equivalent to a service
    	systemctl start docker
    	# Set boot-up self-start
    	systemctl enable docker
    • View docker version
    #6. View the docker version
    [root@localhost ~]# docker version 
    Client: Docker Engine - Community
     Version:           20.10.8  #version number
     API version:       1.41
     Go version:        go1.16.6
     Git commit:        3967b7d
     Built:             Fri Jul 30 19:55:49 2021
     OS/Arch:           linux/amd64
     Context:           default
     Experimental:      true
    Server: Docker Engine - Community  #Community Edition
      Version:          20.10.8
      API version:      1.41 (minimum version 1.12)
      Go version:       go1.16.6
      Git commit:       75249d8
      Built:            Fri Jul 30 19:54:13 2021
      OS/Arch:          linux/amd64  #Linux System
      Experimental:     false
      Version:          1.4.9
      GitCommit:        e25210fe30a0a703442421b0f60afac609f950a3
      Version:          1.0.1
      GitCommit:        v1.0.1-0-g4144b63
      Version:          0.19.0
      GitCommit:        de40ad0
    • Start test helloWord
    # 7. Start the official hello-world mirror
    [root@localhost ~]# docker run hello-world
    Unable to find image 'hello-world:latest' locally  #hello-world mirror not found trying to download
    latest: Pulling from library/hello-world #Remote Pull Mirror
    2db29710123e: Pull complete 
    Digest: sha256:393b81f0ea5a98a7335d7ad44be96fe76ca8eb2eaa76950eb8c989ebf2b78ec0
    Status: Downloaded newer image for hello-world:latest
    Hello from Docker!  #docker installed successfully
    This message shows that your installation appears to be working correctly.
    To generate this message, Docker took the following steps:
     1. The Docker client contacted the Docker daemon.
     2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
     3. The Docker daemon created a new container from that image which runs the
        executable that produces the output you are currently reading.
     4. The Docker daemon streamed that output to the Docker client, which sent it
        to your terminal.
    To try something more ambitious, you can run an Ubuntu container with:
     $ docker run -it ubuntu bash
    Share images, automate workflows, and more with a free Docker ID:
    For more examples and ideas, visit:
    • View all mirrors
    #8. View the downloaded hello-word image
    [root@localhost ~]# docker images
    REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
    hello-world   latest    feb5d9fea6a5   26 hours ago   13.3kB
    • Understanding Uninstall
     #1. Uninstall dependency
     sudo yum remove docker-ce docker-ce-cli containerd.io
     #2. Delete resources
     sudo rm -rf /var/lib/docker
     sudo rm -rf /var/lib/containerd
    • Default working path for docker: /var/lib/docker

2. Configure docker Ali Cloud Mirror Accelerator (bloggers don't have servers, they don't)

  • Enter the official website of Ali Yun and log on to Ali Yun
  • Search Container Mirror Service
  • Find Mirror Service
  • Configuration usage (needs to be accelerated with your own container service)
    sudo mkdir -p /etc/docker
    sudo tee /etc/ docker/daemon. json <<-' EOF '
    "registry- mirrors": ["https://qiyb9988.mirror. aliyuncs. com"]
    sudo systemct1 daemon-reload
    sudo systemct1 restart docker

3. Review the hello-word process

  • Command Download Process
  • Download Mirror Flowchart
  • No Mirror Found Throw Error
    #Mirror could not find error
    [root@localhost docker]# docker run  666666666
    Unable to find image '666666666:latest' locally
    docker: Error response from daemon: pull access denied for 666666666, repository does not exist or may require 'docker login': denied: requested access to the resource is denied.
    See 'docker run --help'.

4. How the underlying works

  • How does Docker work?
    • Docker is a Client-Server structured system. Docker's daemon runs on the host and accesses from the client through the Socker! Docker Server receives instructions from Docker-Client and executes them!
  • Why is Docker faster than VM Ware?
    • 1. Docker has fewer abstraction layers than virtual machines
    • 2. docker makes use of the host's kernel, VM needs Guest OS
    • 3. So when you create a new container, docker does not need to reload an operating system kernel like a virtual machine to avoid booting. Virtual machines load GuestOS at the minute level, while docker uses the host's operating system to omit this complex process, the second level!,
    • 4. The comparison between Docker and VM is as follows:

4. Common Docker Commands

Command Official Document Address

1. Help commands

  • Display docker version information
    [root@localhost docker]# docker version 
  • Show docker system information
    #Display the number of mirrors, the number of mirror boots, etc.
    [root@localhost docker]# docker info 
  • Display help documentation for a command (omnipotent commands, help commands)
    #Display help documentation for a command
    [root@localhost docker]# docker command--help
    [root@localhost docker]# docker images --help 
    Usage:  docker images [OPTIONS] [REPOSITORY[:TAG]]
    List images
      -a, --all             Show all images (default hides intermediate images)
          --digests         Show digests
      -f, --filter filter   Filter output based on conditions provided
          --format string   Pretty-print images using a Go template
          --no-trunc        Don't truncate output
      -q, --quiet           Only show image IDs

2. Mirror commands

  • docker images view mirrors on all local hosts
    [root@localhost docker]# docker images
    REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
    hello-world   latest    feb5d9fea6a5   27 hours ago   13.3kB
    REPOSITORY  Mirrored warehouse source
    TAG         Mirror Label
    IMAGE ID    mirrored id
    CREATED     Creation time of mirror
    SIZE        The size of the mirror
    # Optional parameters
    -a/--all List all mirrors
    -q/--quiet Show only mirrored id
    #Show all mirrors
    [root@localhost docker]# docker images -a
    REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
    hello-world   latest    feb5d9fea6a5   27 hours ago   13.3kB
    #Display ID s for all mirrors
    [root@localhost docker]# docker images -q
    #Display ID s for all mirrors
    [root@localhost docker]# docker images -aq
  • docker search Search Search mirror
    [root@localhost docker]# docker search mysql
    NAME                              DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
    mysql                             MySQL is a widely used, open-source relation...   11461     [OK]       
    mariadb                           MariaDB Server is a high performing open sou...   4351      [OK]       
    mysql/mysql-server                Optimized MySQL Server Docker images. Create...   848                  [OK]
    #Optional parameter -f, --filter filter condition  
     #Filter condition is STARS greater than 3000     
    [root@localhost docker]# docker search mysql -f=STARS=3000
    NAME      DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
    mysql     MySQL is a widely used, open-source relation...   11461     [OK]       
    mariadb   MariaDB Server is a high performing open sou...   4351      [OK]       
    #Filter condition is STARS greater than 5000   
    [root@localhost docker]# docker search mysql -f=STARS=5000
    NAME      DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
    mysql     MySQL is a widely used, open-source relation...   11461     [OK]  
  • docker pull mirror name [:tag] download mirror
    • Do not specify a version to download the latest version by default
      [root@localhost docker]# docker pull mysql
      Using default tag: latest     #latest is default if no tag is written
      latest: Pulling from library/mysql
      a330b6cecb98: Pull complete   #Hierarchical download, core of docker image - federated file system
      9c8f656c32b8: Pull complete 
      88e473c3f553: Pull complete 
      062463ea5d2f: Pull complete 
      daf7e3bdf4b6: Pull complete 
      1839c0b7aac9: Pull complete 
      cf0a0cfee6d0: Pull complete 
      1b42041bb11e: Pull complete 
      10459d86c7e6: Pull complete 
      b7199599d5f9: Pull complete 
      1d6f51e17d45: Pull complete 
      50e0789bacad: Pull complete 
      Digest: sha256:99e0989e7e3797cfbdb8d51a19d32c8d286dd8862794d01a547651a896bcf00c
      Status: Downloaded newer image for mysql:latest
      docker.io/library/mysql:latest   #True address of download source  
      #Docker pull mysq L is equivalent to docker pull docker.io/library/mysq l:latest
    • The specified version downloads the specified version (you must save and change the version before you can download it, there is no download that cannot be done, you can download it at Official Search Mirror Find mirror version information)
      [root@iZwz99sm8v95sckz8bd2c4Z ~]# docker pull mysql:5.7
      5.7: Pulling from library/mysql
      6ec7b7d162b2: Already exists
      fedd960d3481: Already exists
      7ab947313861: Already exists
      64f92f19e638: Already exists
      3e80b17bff96: Already exists
      014e976799f9: Already exists
      59ae84fee1b3: Already exists
      7d1da2a18e2e: Pull complete
      301a28b700b9: Pull complete
      529dc8dbeaf3: Pull complete
      bc9d021dc13f: Pull complete
      Digest: sha256:c3a567d3e3ad8b05dfce401ed08f0f6bf3f3b64cc17694979d5f2e5d78e10173
      Status: Downloaded newer image for mysql:5.7
  • docker rmi delete mirror
    • Delete by mirror id or name
    #Delete the specified mirror id
    [root@iZwz99sm8v95sckz8bd2c4Z ~]# Docker rmi-f mirror id
    #Delete multiple mirror IDS
    [root@iZwz99sm8v95sckz8bd2c4Z ~]# Docker rmi-f mirror id mirror id
    #Delete a mirror by its name
    [root@localhost docker]# docker rmi mysql
    • Delete all mirrors
    #Delete all mirror IDS $(...) for parameter information docker images -aq get so mirror IDS
    [root@iZwz99sm8v95sckz8bd2c4Z ~]# docker rmi -f  $(docker images -aq)

3. Container commands

Description: We have a mirror to create a container, linux, download a centos image to test learning

#Download a centOS image
[root@localhost ~]# docker pull centos
  • New and Run Container

    • Start container with run command
    docker run [Optional parameters] image
    #Parameter Description
    --name="Name"           Specify container name  tomcat01  tomcat01 Distinguish container names
    -d                     Run in background mode
    -it                    Run interactively,Enter the container to view the contents
    -p                     The port of the port host of the specified container maps to the container port
    	-p ip:Host Port:Container Port Configuration Host Port Maps to Container Port
    	-p Host Port:Container Ports (Common)
    	-p Container Port
    	Container port number
    -P                     Randomly specified port(Uppercase P)  Random Generation of Port Mapping
    #Test, start and enter container
    [root@localhost ~]# docker run -it centos /bin/bash
    #Host name changed to prove successful entry to container
    [root@f8ea34ea99d6 /]# 
    #Looking at centos inside the container, the base version, many commands are imperfect!
    [root@f8ea34ea99d6 /]# ls
    bin  etc   lib	  lost+found  mnt  proc  run   srv  tmp  var
    dev  home  lib64  media       opt  root  sbin  sys  usr
    #Host has more ls than what's in the container
    [root@localhost /]# ls
    bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
  • Exit Container

    [root@f8ea34ea99d6 /]# exit
  • Do not stop container exit

    • Use keyboard: Ctrl+P+Q
  • List containers that have been run

    #List running containers
    [root@localhost /]# docker ps
    #List containers that have been run
    [root@localhost /]# docker ps -a
     Parameter description:
                List containers currently running
    	-a      List the running records of all containers, including running and non-running
    	-n=?    Show recently created n Containers
    	-q      Display container number only
    CONTAINER ID   IMAGE          COMMAND       CREATED         STATUS                       PORTS     NAMES
    f8ea34ea99d6   centos         "/bin/bash"   6 minutes ago   Exited (127) 2 minutes ago             elegant_mahavira
    4662c9a87254   feb5d9fea6a5   "/hello"      2 hours ago     Exited (0) 2 hours ago                 friendly_kilby
    #Show containers recently created
    [root@localhost /]# docker ps -n=1
    CONTAINER ID   IMAGE     COMMAND       CREATED          STATUS                       PORTS     NAMES
    f8ea34ea99d6   centos    "/bin/bash"   11 minutes ago   Exited (127) 8 minutes ago             elegant_mahavira
  • Delete Container

    docker rm container id                 #Delete the specified container, cannot delete the running container, force the deletion to use rm-f
    docker rm -f $(docker ps -aq)   #Delete all containers
    docker ps -a -q|xargs docker rm #Delete all containers
    #Error deleting running container
    [root@localhost /]# docker rm 8eff292318fa
    Error response from daemon: You cannot remove a running container 8eff292318fa9abc1626e46e90f64af022c809498fdaa7015d46a6ac1d3a4ad1. Stop the container before attempting removal or force remove
    #Force Delete
    [root@localhost /]# docker rm -f 8eff292318fa
  • Start and stop containers (starting containers that have been previously started)

    docker start container id          #Start Container
    docker restart container id        #Restart Container
    docker stop container id           #Stop the currently running container
    docker kill container id           #Force stop of current container
    #Start Container
    [root@localhost ~]# docker run -it centos /bin/bash
    #Exit Container
    [root@237857fa7604 /]# exit
    #View all started containers
    [root@localhost ~]# docker ps -a
    CONTAINER ID   IMAGE     COMMAND       CREATED          STATUS                     PORTS     NAMES
    237857fa7604   centos    "/bin/bash"   15 seconds ago   Exited (0) 7 seconds ago             great_hellman
    #Start a container that has not been started by its launched container id
    [root@localhost ~]# docker start 237857fa7604
    #View Started Containers
    [root@localhost ~]# docker ps
    237857fa7604   centos    "/bin/bash"   56 seconds ago   Up 14 seconds             great_hellman
    #Stopped Started Ringer
    [root@localhost ~]# docker stop 237857fa7604
    #View Started Containers
    [root@localhost ~]# docker ps

4. Other Common Commands

  • Background startup container
    # Command docker run-d mirror name! -D: Start the container in the background
    [root@localhost ~]# docker run -d  centos
    #Problem docker ps, centos stopped
    [root@localhost ~]# docker ps
    #Causes of problems: Common pits, docker containers running in the background, must have a foreground process. When docker finds no foreground application, it stops automatically (not without service, but with no other instructions after startup, it ends itself)
    #When the nginx:nginx container starts and finds itself not servicing, it stops immediately, or there is no program.
  • Viewing logs
    [root@localhost ~]# docker logs --help 
    #Parameter parsing
          --details        #Show additional details provided to the log
      -f, --follow         #Trace Log Output
          --since string   #Display logs since timestamp
      -n, --tail string    #Display n logs without specifying to display all
      -t, --timestamps     #presentation time stamp
          --until string   #Display logs before timestamps (e.g., 2013-01-02T13:23:37Z) or relative timestamps (e.g., 42-meter run for 42 minutes)
    docker logs -tf container id
    docker logs -tf --tail number container id #Number is the number of log entries to display and does not specify the default display of all
    #The docker container must have a foreground process running in the background or it will stop automatically
    #Write a shell script to loop through the execution to keep the centos container running
    	[root@localhost ~]# docker run -d centos /bin/bash -c "while true;do echo yyds;sleep 5;done"
    #Viewing the currently running container stops automatically if no shell script is added
    [root@localhost ~]# docker ps 
    CONTAINER ID   IMAGE     COMMAND                  CREATED         STATUS         PORTS     NAMES
    e35123013dec   centos    "/bin/bash -c 'while..."   8 seconds ago   Up 7 seconds             objective_rosalind
    #Viewing the log automatically tracks the log for output
    [root@localhost ~]# docker log
    login   logout  logs    
    [root@localhost ~]# docker logs -tf --tail 10 e35123013dec
    2021-09-25T06:17:15.055348714Z yyds
    2021-09-25T06:17:20.082568234Z yyds
    2021-09-25T06:17:25.086254765Z yyds
    2021-09-25T06:17:30.090379614Z yyds
    2021-09-25T06:17:35.095466135Z yyds
    2021-09-25T06:17:40.099160475Z yyds
    2021-09-25T06:17:45.103262540Z yyds
  • View process information in container
    #Command: docker top container id
    [root@localhost ~]# docker top e35123013dec
    UID(Current User ID)   PID(process ID)    PPID(father ID)                C                   STIME               TTY                 TIME                CMD
    root                20073               20052               0                   14:17               ?                   00:00:00            /bin/bash -c while true;do echo yyds;sleep 5;done
    root                20383               20073               0                   14:20               ?                   00:00:00            /usr/bin/coreutils --coreutils-prog-shebang=sleep /usr/bin/sleep 5
    #Kill a process by its ID
  • View container metadata
    # docker inspect container id
    #This includes script information executed, Id generation of containers (which intercepts the previous section showing Id), status, from which mirror, some configurations, mount points (where data is stored on the host), environment variables, network configurations, and so on.
    [root@localhost ~]# docker inspect e35123013dec
            "Id": "e35123013dec93452c6b8886ada225584f17a668f4f3683ad18b26623a49d16c", #Id generation for containers (intercepts the previous section of Id)
            "Created": "2021-09-25T06:17:14.320046194Z",
            "Path": "/bin/bash",
            "Args": [
                "-c", #Executed script
                "while true;do echo yyds;sleep 5;done"
            "State": { #state
                "Status": "running",
                "Running": true,
                "Paused": false,
                "Restarting": false,
                "OOMKilled": false,
                "Dead": false,
                "Pid": 20073,
                "ExitCode": 0,
                "Error": "",
                "StartedAt": "2021-09-25T06:17:15.056344032Z",
                "FinishedAt": "0001-01-01T00:00:00Z"
            "Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",# From which mirror
            "ResolvConfPath": "/var/lib/docker/containers/e35123013dec93452c6b8886ada225584f17a668f4f3683ad18b26623a49d16c/resolv.conf",
            "HostnamePath": "/var/lib/docker/containers/e35123013dec93452c6b8886ada225584f17a668f4f3683ad18b26623a49d16c/hostname",
            "HostsPath": "/var/lib/docker/containers/e35123013dec93452c6b8886ada225584f17a668f4f3683ad18b26623a49d16c/hosts",
            "LogPath": "/var/lib/docker/containers/e35123013dec93452c6b8886ada225584f17a668f4f3683ad18b26623a49d16c/e35123013dec93452c6b8886ada225584f17a668f4f3683ad18b26623a49d16c-json.log",
            "Name": "/objective_rosalind",
            "RestartCount": 0,
            "Driver": "overlay2",
            "Platform": "linux",
            "MountLabel": "",
            "ProcessLabel": "",
            "AppArmorProfile": "",
            "ExecIDs": null,
            "HostConfig": {
                "Binds": null,
                "ContainerIDFile": "",
                "LogConfig": {
                    "Type": "json-file",
                    "Config": {}
                "NetworkMode": "default",
                "PortBindings": {},
                "RestartPolicy": {
                    "Name": "no",
                    "MaximumRetryCount": 0
                "AutoRemove": false,
                "VolumeDriver": "",
                "VolumesFrom": null,
                "CapAdd": null,
                "CapDrop": null,
                "CgroupnsMode": "host",
                "Dns": [],
                "DnsOptions": [],
                "DnsSearch": [],
                "ExtraHosts": null,
                "GroupAdd": null,
                "IpcMode": "private",
                "Cgroup": "",
                "Links": null,
                "OomScoreAdj": 0,
                "PidMode": "",
                "Privileged": false,
                "PublishAllPorts": false,
                "ReadonlyRootfs": false,
                "SecurityOpt": null,
                "UTSMode": "",
                "UsernsMode": "",
                "ShmSize": 67108864,
                "Runtime": "runc",
                "ConsoleSize": [
                "Isolation": "",
                "CpuShares": 0,
                "Memory": 0,
                "NanoCpus": 0,
                "CgroupParent": "",
                "BlkioWeight": 0,
                "BlkioWeightDevice": [],
                "BlkioDeviceReadBps": null,
                "BlkioDeviceWriteBps": null,
                "BlkioDeviceReadIOps": null,
                "BlkioDeviceWriteIOps": null,
                "CpuPeriod": 0,
                "CpuQuota": 0,
                "CpuRealtimePeriod": 0,
                "CpuRealtimeRuntime": 0,
                "CpusetCpus": "",
                "CpusetMems": "",
                "Devices": [],
                "DeviceCgroupRules": null,
                "DeviceRequests": null,
                "KernelMemory": 0,
                "KernelMemoryTCP": 0,
                "MemoryReservation": 0,
                "MemorySwap": 0,
                "MemorySwappiness": null,
                "OomKillDisable": false,
                "PidsLimit": null,
                "Ulimits": null,
                "CpuCount": 0,
                "CpuPercent": 0,
                "IOMaximumIOps": 0,
                "IOMaximumBandwidth": 0,
                "MaskedPaths": [
                "ReadonlyPaths": [
            "GraphDriver": {
                "Data": {
                    "LowerDir": "/var/lib/docker/overlay2/f988af69671f553e198b64f9b8a3e1f9e9094c885622b48a5c5e396f48c86123-init/diff:/var/lib/docker/overlay2/28328ab684924e5f92ae20e053f9bfd2aba2327ec445c419ce928e6d5eccae02/diff",
                    "MergedDir": "/var/lib/docker/overlay2/f988af69671f553e198b64f9b8a3e1f9e9094c885622b48a5c5e396f48c86123/merged",
                    "UpperDir": "/var/lib/docker/overlay2/f988af69671f553e198b64f9b8a3e1f9e9094c885622b48a5c5e396f48c86123/diff",
                    "WorkDir": "/var/lib/docker/overlay2/f988af69671f553e198b64f9b8a3e1f9e9094c885622b48a5c5e396f48c86123/work"
                "Name": "overlay2"
            "Mounts": [],  #mount point
            "Config": {
                "Hostname": "e35123013dec",
                "Domainname": "",
                "User": "",
                "AttachStdin": false,
                "AttachStdout": false,
                "AttachStderr": false,
                "Tty": false,
                "OpenStdin": false,
                "StdinOnce": false,
                "Env": [  #environment variable
                "Cmd": [
                    "while true;do echo yyds;sleep 5;done"
                "Image": "centos",
                "Volumes": null,
                "WorkingDir": "",
                "Entrypoint": null,
                "OnBuild": null,
                "Labels": {
                    "org.label-schema.build-date": "20210915",
                    "org.label-schema.license": "GPLv2",
                    "org.label-schema.name": "CentOS Base Image",
                    "org.label-schema.schema-version": "1.0",
                    "org.label-schema.vendor": "CentOS"
            "NetworkSettings": {  #network
                "Bridge": "",
                "SandboxID": "8145dbde5e6fcb66c2cc228e7afe51076ad22f43d497594d1f4a37c5e2eb9090",
                "HairpinMode": false,
                "LinkLocalIPv6Address": "",
                "LinkLocalIPv6PrefixLen": 0,
                "Ports": {},
                "SandboxKey": "/var/run/docker/netns/8145dbde5e6f",
                "SecondaryIPAddresses": null,
                "SecondaryIPv6Addresses": null,
                "EndpointID": "a08f621c7dc249b29984bbfc7a330aa8ab734e9a0e0664c30a562fcc334c5833",
                "Gateway": "",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "IPAddress": "",
                "IPPrefixLen": 16,
                "IPv6Gateway": "",
                "MacAddress": "02:42:ac:11:00:02",
                "Networks": {
                    "bridge": {
                        "IPAMConfig": null,
                        "Links": null,
                        "Aliases": null,
                        "NetworkID": "a2e4e02e76cee14c798b2b84b348e5212ceb491efefc91d6d8f58bc66a401eea",
                        "EndpointID": "a08f621c7dc249b29984bbfc7a330aa8ab734e9a0e0664c30a562fcc334c5833",
                        "Gateway": "",
                        "IPAddress": "",
                        "IPPrefixLen": 16,
                        "IPv6Gateway": "",
                        "GlobalIPv6Address": "",
                        "GlobalIPv6PrefixLen": 0,
                        "MacAddress": "02:42:ac:11:00:02",
                        "DriverOpts": null
  • Enter a running container
    • Often our containers run in the background and sometimes need to go into the container to modify the configuration
    • The docker exec opens a new terminal after it enters the container, where it can operate
    • docker attach enters the terminal that the container is executing and does not start a new process
    #Mode 1: Command: docker exec-it container id/bin/bash
    #View containers currently running
    [root@localhost ~]# docker ps
    CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS     NAMES
    e35123013dec   centos    "/bin/bash -c 'while..."   15 minutes ago   Up 15 minutes             objective_rosalind
    #Enter the running container through the bash window
    [root@localhost ~]# docker exec -it e35123013dec /bin/bash
    [root@e35123013dec /]# ls
    bin  etc   lib	  lost+found  mnt  proc  run   srv  tmp  var
    dev  home  lib64  media       opt  root  sbin  sys  usr
    #View the process of the current container
    [root@e35123013dec /]# ps -ef
    UID         PID   PPID  C STIME TTY          TIME CMD
    root          1      0  0 06:17 ?        00:00:00 /bin/bash -c while true;do echo yyds;sleep 5;done
    root        205      0  0 06:33 pts/0    00:00:00 /bin/bash
    root        241      1  0 06:35 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang=sleep /us
    root        242    205  0 06:35 pts/0    00:00:00 ps -ef
    # Mode 2: Command: docker attach container id
    #If there is a running and non-stopping service using exit does not trigger the stop container operation only exits the container to the host
    [root@e35123013dec /]# exit
    #View running containers
    [root@localhost ~]# docker ps
    CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS     NAMES
    e35123013dec   centos    "/bin/bash -c 'while..."   19 minutes ago   Up 19 minutes             objective_rosalind
    #Enter the terminal that the container is executing
    [root@localhost ~]# docker attach e35123013dec
  • Copy Container Files to Host
    Copying is a manual process that can be achieved in the future using volume-v technology.
    #Command: docker cp container id: path inside container destination host path
    #Start Container
    [root@localhost ~]# docker run -it centos /bin/bash
    #View files in containers
    [root@f6918c83c3f0 /]# ls
    bin  etc   lib	  lost+found  mnt  proc  run   srv  tmp  var
    dev  home  lib64  media       opt  root  sbin  sys  usr
    #Enter home directory
    [root@f6918c83c3f0 /]# cd /home/
    [root@f6918c83c3f0 home]# ls
    #create folder
    [root@f6918c83c3f0 home]# touch test.java
    #Exit Container Container Stop Running but Data Will Not Lose Container Not Deleted Just Stop
    [root@f6918c83c3f0 home]# exit 
    #View previously run containers
    [root@localhost ~]# docker ps -a
    CONTAINER ID   IMAGE     COMMAND                  CREATED              STATUS                       PORTS     NAMES
    f6918c83c3f0   centos    "/bin/bash"              About a minute ago   Exited (0) 6 seconds ago               vigilant_hawking
    #Copy Container Files to Host
    [root@localhost ~]# docker cp f6918c83c3f0:/home/test.java /home
    [root@localhost ~]# cd /home/
    [root@localhost home]# ls
    pj  test.java  Installation package

5. Summary of Commands

attach   Attach to a running container     #Current she11 attach connection specifies run image
build    Build an image from a Dockerfile  #Customize mirrors through Dockerfile
commit   Create a new image from a container changes  #Commit the current container as a new image
cp       Copy files/folders from the containers filesystem to the host path    #Copy the specified file or directory from the container to the host
create   Create a new container    #Create a new container, same as run, without starting the container
diff     Inspect changes on a container's fi lesys tem   #View docker container changes
events   Get real time events from the server     #Getting container real-time events from docker service
exec     Run a command in an existing container    #Run commands on existing containers
export    Stream the contents of a container as a tar. archive  #Export the content flow of a container as a tar archive file [corresponding import]
history   show the history of an image   #Show a mirror-forming history
images    List images    #List current system images
import    Create a new filesystem image from the contents of a tarba1l #Create a new file system image from the contents of the tar package [corresponding to export]
info     Display system-wide information    #Display system related information
inspect  Return 1ow- 1eve1 information on a container  #View Container Details
kil1     Ki11 a running container   # ki11 specifies docker container
load     Load an image from a tar archive     #Load a mirror from a tar package [corresponding save]
login    Register or Login to the docker registry server    #Register or log on to a docker source server
logout   Log out from a Docker registry server     #Exit from current Docker registry
logs     Fetch the logs of a container    #Output current container log information
port     Lookup the public-facing port which is NAT-ed to PRIVATE_ PORT    #View the container internal source port corresponding to the mapped port
pause    Pause a11 processes within a conta iner    #Pause Container
ps     	 List containers   #List Containers
pu11     Pu11 an image or a repository from the docker registry server      #Pull specified or library image from docker mirror source server
push     Push an image or a repository to the docker registry server      #Push specified mirror or library image to docker source server
restart  Restart a running contai ner   #Restart the running container
rm       Remove one or more containers   #Remove one or more containers
rmi      Renove one or more images   #Remove one or more mirrors [Containerless use this image to delete, otherwise delete related containers to continue or -f force deletion]
run      Run a command in a new container    #Create a new container and run a command
save     Save an image to a tar archive     #Save a mirror as a tar package [corresponding load]
search   Search for an image on the Docker Hub   #Search for mirrors in docker hub
start    Start a stopped containers    #Start Container
stop     Stop a running containers     #Stop Container
tag      Tag an image into a repository  #Label the mirror in the source
top      Lookup the running processes of a container   #View process information running in a container
unpause  Unpause a paused container    #Unpause Container
version  Show the docker version informati on   #View docker version number
wait     Block until a container stops,then print its exit code        #Intercept exit status value when container stops

6. Job exercises

  • Docker Install Nginx

    #1. Search Mirror Search recommends that you go to docker to search for help documents
    [root@localhost home]# docker search nginx
    NAME                              DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
    nginx                             Official build of Nginx.                        15529     [OK] 
    #2. Download mirror pull
    [root@localhost home]# docker pull nginx
    Using default tag: latest
    latest: Pulling from library/nginx
    a330b6cecb98: Already exists 
    e0ad2c0621bc: Pull complete 
    9e56c3e0e6b7: Pull complete 
    09f31c94adc6: Pull complete 
    32b26e9cdb83: Pull complete 
    20ab512bbb07: Pull complete 
    Digest: sha256:853b221d3341add7aaadf5f81dd088ea943ab9c918766e295321294b035f3f3e
    Status: Downloaded newer image for nginx:latest
    #View all mirrors
    [root@localhost home]# docker images 
    centos       latest    5d0da3dc9764   9 days ago    231MB
    nginx        latest    ad4c705f24d3   2 weeks ago   133MB
    #3. Running tests  
    #-d Background Run  
    #--name Specifies the name of the container  
    # -p Container exposed port number maps to port number on host host host host port number: container internal port number
    [root@localhost home]# docker run -d --name nginx01 -p:3344:80 nginx
    #View running containers
    [root@localhost home]# docker ps
    CONTAINER ID   IMAGE     COMMAND                  CREATED              STATUS              PORTS                                   NAMES
    9f7bd3098ee7   nginx     "/docker-entrypoint...."   About a minute ago   Up About a minute>80/tcp, :::3344->80/tcp   nginx01
    #4. Use the host to access Nginx
    [root@localhost home]# curl localhost:3344
    #Accessed html code proves successful
    <!DOCTYPE html>
    <title>Welcome to nginx!</title>
    • Port Exposure Processes
    • External access to Nginx
    # Enter the Nginx container
    [root@localhost home]# docker exec -it nginx01 /bin/bash
    #View the location of file storage for Nginx
    root@9f7bd3098ee7:/# whereis nginx
    nginx: /usr/sbin/nginx /usr/lib/nginx /etc/nginx /usr/share/nginx
    #Enter the directory of the Nginx configuration file
    root@9f7bd3098ee7:/# cd /etc/nginx/
    root@9f7bd3098ee7:/etc/nginx# ls
    conf.d	fastcgi_params	mime.types  modules  nginx.conf  scgi_params  uwsgi_params
    # Exit Container
    root@9f7bd3098ee7:/etc/nginx# exit 
    #View Executing Containers
    [root@localhost home]# docker ps
    CONTAINER ID   IMAGE     COMMAND                  CREATED       STATUS       PORTS                                   NAMES
    9f7bd3098ee7   nginx     "/docker-entrypoint...."   2 hours ago   Up 2 hours>80/tcp, :::3344->80/tcp   nginx01
    #Stop Container Access Nginx Again via Outside Network No Page
    [root@localhost home]# docker stop 9f7bd3098ee7
    • Think about it: Every time we change the nginx configuration file, we need to go inside the container? Very troublesome, if I can provide a mapping path outside the container, so that if I change the file name inside the container, I can automatically modify it? -v Data Volume!
  • Docker Install tomcat

    #Our previous startups were all in the background, after stopping the container, the container can still be found    
    #Docker run-it--rm, commonly used for testing, deleted when used
    $ docker run -it --rm tomcat:9.0
    # download
    docker pull tomcat
    # Start Run
    docker run -d -p 3355:8080 --name tomcat01 tomcat
    # No problem with test access Access 404 error due to nothing under webapps but tomcat started 
    # Enter Container
    [root@localhost home]# docker exec -it tomcat01 /bin/bash
    #View Container Files
    root@697daf09db74:/usr/local/tomcat# ls
    BUILDING.txt	 LICENSE  README.md	 RUNNING.txt  conf  logs	    temp     webapps.dist
    CONTRIBUTING.md  NOTICE   RELEASE-NOTES  bin	      lib   native-jni-lib  webapps  work
    #Enter webapps
    root@697daf09db74:/usr/local/tomcat# cd webapps
    #View the file without any files
    root@697daf09db74:/usr/local/tomcat/webapps# ls
    #Back to Upper, Catalog
    root@697daf09db74:/usr/local/tomcat/webapps# cd ..
    #Enter webapps.dist
    root@697daf09db74:/usr/local/tomcat# cd webapps.dist/
    #View Files Files such as root store access pages
    root@697daf09db74:/usr/local/tomcat/webapps.dist# ls
    ROOT  docs  examples  host-manager  manager
    #Return to upper directory
    root@697daf09db74:/usr/local/tomcat/webapps.dist# cd ..
    #Copy all files under webapps.dist to webapps and access them again
    root@697daf09db74:/usr/local/tomcat# cp -r webapps.dist/* webapps/
    # Problem found: 1, linux Less commands, 2, No webapps,Reason for Ali cloud mirroring. Default is the smallest mirror, all unnecessary are removed.# Ensure minimum runnable environment
    • No problem with test access Access 404 error due to nothing under webapps but tomcat started
    • Copy all files under webapps.dist (storing data such as welcome pages) to webapps and access them again
    • Think about it: We'll deploy the project in the future. Wouldn't it be a hassle to enter the container every time? If I could provide a mapping path outside the container, webapps, and we put the project outside, I'd be able to synchronize automatically to the inside!
  • Install es+kibana (kibana is a visual console for es)

    #es exposes many ports!
    # es is very memory intensive
    # es data is normally placed in a secure directory! Mount
    # --net somenetwork network configuration
    #Download and run the image
    [root@localhost ~]#docker run -d --name elasticsearch  -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.6.2
    #Access via is successful but is too laggy to access through the host machine
    [root@localhost ~]# curl localhost:9200
      "name" : "317bb9c437d5",
      "cluster_name" : "docker-cluster",
      "cluster_uuid" : "sqSb4TAxRVeiCw8bytyC8w",
      "version" : {
        "number" : "7.6.2",
        "build_flavor" : "default",
        "build_type" : "docker",
        "build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
        "build_date" : "2020-03-26T06:34:37.794943Z",
        "build_snapshot" : false,
        "lucene_version" : "8.4.0",
        "minimum_wire_compatibility_version" : "6.8.0",
        "minimum_index_compatibility_version" : "6.0.0-beta1"
      "tagline" : "You Know, for Search"
    #Start Linux and stuck docker stats to see the status of the cpu View esMemory usage Excessive causes the Linux card to shut down the increased memory limit
    [root@localhost ~]# docker stats 
    CONTAINER ID   NAME           CPU %     MEM USAGE / LIMIT    MEM %     NET I/O     BLOCK I/O    PIDS
    d0dcaee4e6ed   elasticaeach   0.01%     1.08GiB / 1.934GiB   55.85%    656B / 0B   116MB / 0B   15
    #Increase memory limit, modify profile-e environment configuration modification-e ES_JAVA_OPTS="-Xms64M-Xms512M" specifies maximum memory usage
    [root@localhost ~]#docker run -d --name elasticsearch02  -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms64M -Xms512M" elasticsearch:7.6.2
    #Looking at es, which limits memory size, you can see a significant reduction in the battle table
    [root@localhost ~]# docker stats 317bb9c437d5
    CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O     BLOCK I/O    PIDS
    317bb9c437d5   elasticsearch02   0.13%     696.2MiB / 1.934GiB   35.15%    656B / 0B   168MB / 0B   28
    #Just as accessible on the line
    [root@localhost ~]# curl localhost:9200
      "name" : "317bb9c437d5",
      "cluster_name" : "docker-cluster",
      "cluster_uuid" : "sqSb4TAxRVeiCw8bytyC8w",
      "version" : {
        "number" : "7.6.2",
        "build_flavor" : "default",
        "build_type" : "docker",
        "build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
        "build_date" : "2020-03-26T06:34:37.794943Z",
        "build_snapshot" : false,
        "lucene_version" : "8.4.0",
        "minimum_wire_compatibility_version" : "6.8.0",
        "minimum_index_compatibility_version" : "6.0.0-beta1"
      "tagline" : "You Know, for Search"

  • Job: Connect es using kibana? Think about how the network can be connected.

7. Visualization

  • portainer (use this first)
    docker run -d -p 8080:9000 \--restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
  • Rancher (CI/CD reuse)
  • What is portainer?
    Docker GUI management tool! Provide a background panel for us to operate!
     # Download Run portainer  
     #--restart-always permission settings
     # -v Volume Technology Container Mapping Path: Host Mapping Path
    ocker run -d -p 8080:9000 \--restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
  • Access Test:http://ip( own IP address): 8088 (remember to set up security group if it is Ali Cloud server)
    • Password settings will be made after entering. After successful settings, you can enter the interface directly
    • Login interface
    • Once in, select the local Click Connect button
    • Once in, there is a control panel
    • View warehouse details. Click on a detail to see the details.
  • Usually not used.

5. Docker Mirror Explanation

1. What is the mirror image

  • Meaning: Mirroring is a lightweight, executable, stand-alone package that packages software running environments and software developed based on them. It contains everything you need to run a software, including code, runtime, libraries, environment variables, and configuration files. For all applications, just package a docker image and you can run!
  • How to get a mirror:
    • Download from remote repository
    • Friend's copy for you
    • Make your own mirror DockerFile

2. Docker mirror loading principle

  • UnionFS (Federated File System)
    • Union File System (UnionFS) is a hierarchical, lightweight, and high performance file system that supports changes to the file system as a single submission overlay, while mounting different directories under the same virtual file system (unite several directories into a single virtual filesystem)Union file systems are the basis of Docker mirroring. Mirrors can be inherited by layers, and based on base mirrors (without parent mirrors), specific application mirrors can be made.
    • Features: Load multiple file systems at once, but from the outside, you can only see one file system. Joint loading will overlay the file system so that the final file system contains all the underlying files and directories
  • Dcoker Mirror Loading Principle
    • The docker's mirror actually consists of a layer-by-layer file system, UnionFS.
    • Bootfs (boot file system boot requires boot loading)Mainly contains bootloader and kernel. Bootloader mainly boots the kernel. Linux will load the bootfs file system when it is first started. At the bottom of the Docker image is bootfs. This layer is the same as our electronic box's Linux/Unix system, which contains boot loader and kernel. After boot loading is completed, the whole kernel is in memory, and the usage of memory is transferred from bootfs to bootfs.Give it to the kernel, and the system will uninstall bootfs as well.
    • rootfs (root file system), on top of bootfs. These include standard directories and files (containers are small virtual machine environments) such as / dev, /proc, /bin, /etc. on typical Linux systems. rootfs are operating system distributions such as Ubuntu, Centos, and so on.
    • Usually, the CentOS that we install into the virtual machine is several G's. Why is Docker only 200M here?
    • For a compact OS,rootfs can be very small and require only the most basic commands (including ls,cd,... And so on, including vim, vi, ll commands because it is a compact version), tools and libraries (because removing bootfs saves a lot of memory)Because the bottom layer uses Host's kernel directly, it only needs to provide rootfs itself. This shows that boots are basically the same for different Linux distributions, and rootfs differ, so different distributions can share bootfs.
    • The resulting virtual machine is at the minute level and the container is at the second level!

3. Hierarchical Understanding

  • We can go download a mirror and watch the log output of the download, you can see that the download is one layer at a time.
  • Think: Why should Docker mirrors use this hierarchical structure?
    • The best benefit, I think, is resource sharing! For example, if multiple mirrors are built from the same Base image, the host only needs to keep a base image on disk, and only one base image needs to be loaded in memory, so that all containers can be served and each layer of the image can be shared.
  • Viewing mirror layers can be done through docker inspect container id or name commands
    #View mirror information
    [root@localhost ~]# docker inspect redis
            "RootFS": {
                "Type": "layers",
                "Layers": [ #Each layer of the current mirrored layered file system
            "Metadata": {
                "LastTagTime": "0001-01-01T00:00:00Z"
  • Understand:
    • All docker mirrors start with a basic mirror layer, which is created when new content is modified or added.
    • For a simple example, add a new mirror based on Ubuntu Linux 16.04, which is the first layer of the new mirror; if you add a Python package to the mirror, a second mirror layer will be worn above the base mirror layer; if you continue to add a security patch, a third mirror layer will be created.
    • The image currently contains three mirroring layers, as shown below (this is a very simple example for demonstration).
    • It is important to understand that while adding additional mirroring layers, mirroring always maintains the current combination of all mirrors. A simple example is shown below, where each layer contains three files and the mirror layer contains six files from two mirroring layers. (The mirror layer is slightly different from the one in the figure, and the main purpose is to facilitate the display of the files.)
    • The figure below shows a slightly more complex three-tier image, with only six files externally visible as the top-level file 7 is an updated version of file 5.
      • In this case, the files in the upper mirror layer cover the files in the lower mirror layer. This allows the updated version of the file to be added to the mirror as a new mirror layer.
    • Docker solidly mirrors the stack of layers through a storage engine (the new version uses a snapshot mechanism) and ensures that multiple mirrors are exposed as a unified file system.
      • The storage engines available on Linux are AUFS, Overlay2, Device Maper, Btrfs, and ZFS. As the name implies, each storage engine is based on the corresponding file system or block device technology in Linux, and each has its own unique performance characteristics.
      • Docker supports only one storage engine on Windows, which implements layering and CoW on top of the NTFS file system.
    • The following image shows the same three layers of mirrors as the system display. All mirrors are stacked and merged to provide a unified view of the outside world.
    • Characteristic
      • Docker mirrors are read-only, and when the container is east, a new writable layer is loaded on top of the mirror!
      • This layer is what we usually call the container layer. Below the container is called the mirror layer.

4. commit mirror

  • Command: docker commit submission container becomes a new copy
# Commands work like GITS
docker commit -m="Descriptive Information" -a="author" container id Target Mirror Name:[TAG]
  • Practice Exercise
    • Since there is nothing in the webapps folder of the default Tomcat image, you need to copy the file from webapps.dist to the webapps folder. Make your own image by copying the file from webapps.dist to the webapps folder and submitting the image as a new image. Make the default Tomcat file available in the default webapps folder.

      # 1. Starting Tomact requires preventing port number conflicts
      [root@localhost ~]# docker run -it -p:8080:8080 tomcat
      [root@localhost ~]# docker ps 
      CONTAINER ID   IMAGE     COMMAND             CREATED              STATUS              PORTS                                       NAMES
      848e8f4fd37f   tomcat    "catalina.sh run"   About a minute ago   Up About a minute>8080/tcp, :::8080->8080/tcp   jovial_galileo
      # 2. Enter the container
      [root@localhost ~]# docker exec -it 848e8f4fd37f /bin/bash
      #View the current file
      root@848e8f4fd37f:/usr/local/tomcat# ls
      BUILDING.txt	 LICENSE  README.md	 RUNNING.txt  conf  logs	    temp     webapps.dist
      CONTRIBUTING.md  NOTICE   RELEASE-NOTES  bin	      lib   native-jni-lib  webapps  work
      #Enter the webapps directory
      root@848e8f4fd37f:/usr/local/tomcat# cd webapps
      #3. We found that this default tomcat has no webapps application. There are no files under the official mirror default webapps!
      root@848e8f4fd37f:/usr/local/tomcat/webapps# ls
      #Enter the webapps.dist directory
      root@848e8f4fd37f:/usr/local/tomcat/webapps# cd ../webapps.dist/
      # Configuration found with default tomcat
      root@848e8f4fd37f:/usr/local/tomcat/webapps.dist# ls
      ROOT  docs  examples  host-manager  manager
      root@848e8f4fd37f:/usr/local/tomcat/webapps.dist# cd ..
      #Copy files in to copy tomcat's configuration into webapps
      root@848e8f4fd37f:/usr/local/tomcat# cp -r webapps.dist/* webapps
      #4. Submit our changed tomcat  
      [root@localhost ~]# docker ps
      CONTAINER ID   IMAGE     COMMAND             CREATED          STATUS              PORTS                                       NAMES
      848e8f4fd37f   tomcat    "catalina.sh run"   11 minutes ago   Up About a minute>8080/tcp, :::8080->8080/tcp   jovial_galileo
      # Submit Mirror
      [root@localhost ~]# Docker commit-a="pj" -m="Added default configuration of Tomact" 848e8f4fd37f tomcat02:1.0
      #Looking at all the mirrors shows that the submitted tomcat is slightly larger than the original
      #Make the manipulated container a mirror by commit**! We can use the mirror we modified later, which is our own modified image
      [root@localhost ~]# docker images
      REPOSITORY            TAG       IMAGE ID       CREATED         SIZE
      tomcat02              1.0       c8a6ea9187d3   4 seconds ago   684MB
      tomcat                9.0       62146f8bda84   12 days ago     680MB	
  • The following figure is fully demonstrated
  • If you want to save the state of the current container, you can submit it via commit and get a mirror, just like snapshots when we were learning VM before!

6. Container Data Volume

1. What is a container volume?

  • docker's philosophy: package applications and environments into a single image!
  • Data in containers? If the data is all in containers, our containers will delete and the data will be lost! Requirement: Data can be persisted
    • MySQL data is stored in the container, if the container is deleted, it is equivalent to deleting the library and running away! Requirement: MySQL data can be stored locally!
  • There can be a technology for data sharing between containers! The data generated in Docker containers is synchronized locally! This is volume technology! That is, mounting directories, mounting directories in our containers on Linux!
  • In a word: container persistence and synchronization! Data can also be shared between containers!

2. Use data volumes

  • Volumes are designed for data persistence and are completely independent of the lifetime of containers, so Docker does not delete their mounted volumes when containers are deleted.
  • Mode 1: mount-v directly using the command
  • Docker run-it-v host directory: directory inside container
    #View the structure of the home directory
    [root@localhost home]# ls
    pj  Installation package
    #Start centOS mirror mapping host directory: to container directory -v/home/ceshi:/home
    [root@localhost ~]# docker run -it -v /home/ceshi:/home centos /bin/bash
    #Ctrl+q+p Exit Container View the home directory structure again and find that the mapping was successful
    [root@localhost home]# ls
    ceshi  pj  Installation package
  • Use the command: docker inspect container id to view mounts
    # View container details
    [root@localhost ceshi]# docker inspect ab60b4c10102
  • Synchronization of test files
  • Test again!
    1. Stop Container
    2. Host modify file
    3. Start Container
    4. The data in the container is still synchronized (ensuring the persistence of the data in the container)
  • Benefit: We only need local modifications for future modifications, and the container will synchronize automatically!

3. Actual Warfare: Install MySQL

  • Think: MySQL data persistence issues

  • Download MySQL Mirror

    [root@localhost ~]# docker pull mysql:5.7
    5.7: Pulling from library/mysql
    a330b6cecb98: Already exists 
    9c8f656c32b8: Pull complete 
    88e473c3f553: Pull complete 
    062463ea5d2f: Pull complete 
    daf7e3bdf4b6: Pull complete 
    1839c0b7aac9: Pull complete 
    cf0a0cfee6d0: Pull complete 
    fae7a809788c: Pull complete 
    dae5a82a61f0: Pull complete 
    7063da9569eb: Pull complete 
    51a9a9b4ef36: Pull complete 
    Digest: sha256:d9b934cdf6826629f8d02ea01f28b2c4ddb1ae27c32664b14867324b3e5e1291
    Status: Downloaded newer image for mysql:5.7
  • Case of officially launching MySQL mirror

    #-e configuration parameter MYSQL_ROOT_PASSWORD configures the initial password for mysql
    $ docker run --name some-mysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:tag
  • Start MySQL on your own (install and start mysql, you need to configure your password, that's important)

    #Run container, data mount is required 
    #-d Background Run
    #-p Port Mapping
    #-v Volume Mount
    #-e Environment Configuration MYSQL_ROOT_PASSWORD Configuration MySQL Initialization Password
    #-- name container name
    [root@localhost ~]# docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123 --name mysql01 mysql:5.7
  • After successful startup, we use sqlyog locally to test. sqlyog connects to 3310 of the server and 3306 mappings in the container

    • Database after connection
    • Check the mapping path of the host and see if the mapping is successful!
  • Create a database in a local test to see if our mapped path is ok!

    • Check to see if the corresponding host mapping directory has also been created.
  • Suppose we delete the container. We find that the volume we mounted locally is still not lost, which makes container data persistence possible!

    #View running containers
    [root@localhost data]# docker ps
    CONTAINER ID   IMAGE       COMMAND                  CREATED         STATUS         PORTS                                                  NAMES
    3645704371b8   mysql:5.7   "docker-entrypoint.s..."   9 minutes ago   Up 9 minutes   33060/tcp,>3306/tcp, :::3310->3306/tcp   mysql01
    #Delete mysql container
    [root@localhost data]# docker rm -f 3645704371b8
    #Delete succeeded
    [root@localhost data]# docker ps -a
    CONTAINER ID   IMAGE     COMMAND       CREATED        STATUS                        PORTS     NAMES
    • View the host mapping directory again without deleting the corresponding data.
  • Data persistence can be achieved by restarting the mirror and mapping to the / home/mysql/conf and / home/mysql/data directories

4. Named and anonymous mounts

  • Anonymous mount-v container path! You do not need to specify the host's mapping path.
    # -d Background Run
    # -P Random Mapping Port
    #--name Name the container
    #-v/etc/nginx Anonymous Mapping Port
    [root@localhost data]# docker run -d -P --name nginx01 -v /etc/nginx nginx
    • View all volumes (use the command: docker volume --help to see how to use them)

      [root@localhost data]# docker volume ls
      # VOLUME NAME is mounted anonymously using random strings with no specific name  
      #Each volume name maps a real path
      local     31e97fb797063258778239d55f1f1bb64d702d4b687c4ee057d69c483a9e7a22
      local     6491eddb64a35d6827420e6d0eef23d91c1eed1ee543223cc8a0706efb1e5df6
    • We found here that this is an anonymous mount. We only wrote paths inside the container at -v, not outside!

  • Named mount via-v volume name: container path
    # v juming:/etc/nginx named mount 
    #Add/juming:/etc/nginx This belongs to the specified directory mount host/juming path mapped to container path/etc/nginx 
    #Without/without juming:/etc/nginx this named mount is the container path with a specific name
    [root@localhost data]# docker run -d -P -v juming:/etc/nginx --name nginx02 nginx
    #View the volume name to see its own named mount path
    [root@localhost data]# docker volume ls
    local     31e97fb797063258778239d55f1f1bb64d702d4b687c4ee057d69c483a9e7a22
    local     6491eddb64a35d6827420e6d0eef23d91c1eed1ee543223cc8a0706efb1e5df6
    local     juming
    • Take a look at this volume d (see the path of the specific mapping by command: docker volume inspect volume name)
    #View the directory of volume name mappings for named mounts
    [root@localhost data]# docker volume inspect juming 
            "CreatedAt": "2021-09-28T23:51:48+08:00",
            "Driver": "local",
            "Labels": null,
            "Mountpoint": "/var/lib/docker/volumes/juming/_data", #Directory mapped to host
            "Name": "juming",
            "Options": null,
            "Scope": "local"
  • Volumes in all docker containers, without a specified directory, are in/var/lib/docker/volumes/xxx/_data (xxx is the volume name)
  • We can easily find one of our volumes by using named mounts, most of which are named mounts.
  • View Docker's overall catalog
  • How to determine whether to mount anonymously or anonymously, or specify a path to mount! (Both enable data persistence)
    • -v container path#Anonymous mounting randomly generates a string corresponding to a host directory (/var/lib/docker/volumes/xxx/_data)
    • -v Volume Name: Path in Container #Named Mount uses its own defined string to correspond to a host directory
    • -v/Host Path: Container Path#Specify Path Mount! Map to Container Path using Host Path
  • extend
    • Change Read and Write Permissions by Path in-v Container: ro rw
    ro readonly  # read-only
    rw readwrite # Read-write
    docker run -d -P --name nginx03 -v juming:/etc/nginx:ro nginx
    docker run -d -P --name nginx04 -v juming:/etc/nginx:rw nginx
    • Once container permissions are set, containers limit what we can mount!
    • Any time ro sees ro, it means that this path can only be operated on by the host machine, and there is no operation inside the container!

5. Beginning Dockerfile

  • Create a mirror from a dockerfile. Dockerfile is the build file used to build a docker image! This script generates a mirror from one layer to another, and the script is a command (the dockerfile must be in full English characters).
    # Enter home directory
    [root@localhost ~]# cd /home/
    #Create a directory to store dockerfile files
    [root@localhost home]# mkdir docker-test-volume
    [root@localhost home]# ls
    ceshi  docker-test-volume  mysql  pj  Installation package
    [root@localhost home]# cd docker-test-volume/
    #Create a dockerfile with a random name suggesting that the Dockerfile directive must be fully capitalized 
    [root@localhost docker-test-volume]# vim dockerfile1
    #View dockerfile file contents (content directive (uppercase) parameters in the file)  
    #Every command here is the mirror floor!
    [root@localhost docker-test-volume]# cat dockerfile1 
    # Base Mirror
    FROM centos
    # Mounted volume location requires/starts with absolute location
    VOLUME ["/volume01","/volume02"]
    # Output after download and mount is complete
    CMD echo "----end----"
    # mmc
    CMD /bin/bash
    #Compile dockerfile file file
    # -f dockerfile directory
    # -t Name the current dockerfile generation
    [root@localhost docker-test-volume]# docker build -f dockerfile1 -t ph/centos:1.0 .
    #Follow the aliased dockerfile file step by step
    Sending build context to Docker daemon  2.048kB
    Step 1/4 : FROM centos  
     ---> 5d0da3dc9764
    Step 2/4 : VOLUME ["volume01","volume02"]
     ---> Running in 2c458fcdc8ae
    Removing intermediate container 2c458fcdc8ae
     ---> 631358566fa1
    Step 3/4 : CMD echo "----end----"
     ---> Running in 6a8f03bac65c
    Removing intermediate container 6a8f03bac65c
     ---> de22d35e4d83
    Step 4/4 : CMD /bin/bash
     ---> Running in bc7e3194d393
    Removing intermediate container bc7e3194d393
     ---> 728356244f4f
    Successfully built 728356244f4f
    Successfully tagged ph/centos:1.0
    [root@localhost docker-test-volume]# docker images
    REPOSITORY            TAG       IMAGE ID       CREATED         SIZE
    ph/centos             1.0       728356244f4f   3 minutes ago   231MB
  • Start the mirror you created yourself. View the directory structure to see the mounted directory.
    #Start the mirror created by dockerfile
    [root@localhost docker-test-volume]# docker run -it 2b17f24d5ded /bin/bash
  • View mount directory (command: docker inspect container id)
    [root@localhost docker-test-volume]#docker inspect 6aa1775dfa5c
  • Test to see if the file just synchronized
  • This method is used a lot because we usually build our own mirrors! Assume that the volume was not mounted when the mirror was built, mount the-v volume name manually: the path inside the container!

6. Data Volume Container

  • Synchronize data between containers!

  • Mount the data volume with the name of the container by giving different container commands.

  • Start with the mirror we just wrote, start three containers, and synchronize the data between them.

    #Start the first container (by creating a mirror name, you must carry the version number)
    [root@localhost ~]# docker run -it --name centos01 pj/centos:latest
  • After startup, Ctrl+q+p exits the current container and starts the second container. Data sharing between containers is achieved by using the--volumes-front container name (equivalent to java inheritance, a parent-child, centos01 parent, centos2 child, the child owns the content of the parent and the parent owns the content of the child).

     [root@localhost ~]#docker run -it --name centos02 --volumes-from centos01 pj/centos:latest
  • Ctrl+q+p exits the current container, enters centOS1, and creates files in the volume folder to see if sharing is possible.

    #Enter the execution command window of the current container
    [root@localhost ~]# docker attach centos01
    #Enter mounted volume volumen01 directory
    [root@48800552857b /]# cd volume01
    #View catalog files
    [root@48800552857b volume01]# ls
    #create a file
    [root@48800552857b volume01]# touch test.java
  • Ctrl+q+p exits the current container and enters centOS2 to see if the directory exists.

    #Enter the execution command window of the current container
    [root@localhost ~]# docker attach centos02
    #Enter mounted volume volumen01 directory
    [root@b0700a8bdb77 /]# cd /volume01
    #View catalog files
    [root@b0700a8bdb77 volume01]# ls
  • Create a third container. Data binding with centos01. View the data status of this container.

    [root@localhost ~]# docker run -it --name cenos03 --volumes-from centos01 pj/centos:latest
    [root@bb6c760d96a4 /]# cd /volume01
    [root@bb6c760d96a4 volume01]# ls
  • Create a file in centos03

    [root@bb6c760d96a4 /]# cd /volume01
    [root@bb6c760d96a4 volume01]# ls
    [root@bb6c760d96a4 volume01]# touch test03.java
  • Ctrl+q+p exits the current container and enters centos01 to view the data.

    [root@localhost ~]# docker attach centos01
    [root@48800552857b volume01]# ls
    test.java  test03.java
  • They all have centos01 containers associated with them. If you delete centos01, will you lose the container data of centos02, centos03? The answer is No.

    # View currently running containers
    [root@localhost ~]# docker ps
    CONTAINER ID   IMAGE              COMMAND                  CREATED          STATUS          PORTS     NAMES
    bb6c760d96a4   pj/centos:latest   "/bin/sh -c /bin/bash"   5 minutes ago    Up 5 minutes              cenos03
    b0700a8bdb77   pj/centos:latest   "/bin/sh -c /bin/bash"   29 minutes ago   Up 29 minutes             centos02
    48800552857b   pj/centos:latest   "/bin/sh -c /bin/bash"   30 minutes ago   Up 30 minutes             centos01
    #Stop centos01 container
    [root@localhost ~]# docker stop 48800552857b
    #Delete centos01 container
    [root@localhost ~]# docker rm -f 48800552857b
    # Enter the centos02 container to see that the data still exists
    [root@localhost ~]# docker attach centos02
    [root@b0700a8bdb77 volume01]# ls
    test.java  test03.java
  • Schematic diagram. Viewing the information of the two containers through the docker inspect container id, you can see that the two mounted directories are the same, enabling data synchronization between containers.

  • Multiple mysql s for data sharing

    docker run -d -p 3306:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql01 mysql:5.7
    docker run -d -p 3307:3306 -e MYSQL_ROOT_PASSWORD=123456 --name mysql02 --volumes-from mysql01 mysql:5.7
  • Conclusion:

    • The life cycle of a data volume container lasts until no container is used (all containers are deleted before they end) through the transfer of configuration information between containers.
    • But once you persist locally, the local data will not be deleted at this time!

7. DockerFile

1. Introduction to DockerFile

  • dockerfile is a file used to build a docker image! Command (command needs uppercase) parameter script!
  • Construction steps:
    1. Write a dockerfile
    2. docker build s are built as a mirror
    3. Doker run mirror
    4. DockerHub, Ali Cloud Warehouse
  • View officially built dockerfile (centos example)

  • But many of the official mirrors are basic packages and many of the functions are not available. We usually build our own mirrors! Now that the official can make mirrors, we can also (use a variety of environments)!

2. DockerFile construction process

  • Fundamentals:
    1. Each reserved keyword (instruction) must be a capital letter
    2. Each dockerfile is executed from top to bottom
    3. Each instruction creates and submits a new mirror layer!
    4. #indicates a comment
  • Dockerfile is development-oriented. To publish projects and mirror them in the future, we need to write a dockerfile, which is very simple!
  • Docker mirroring is becoming a standard for enterprise delivery and must be mastered!
  • Steps: development, deployment, operation and maintenance, all necessary!
    • DockerFile: Build a file that defines all the steps, compared to the source code.
    • DockerImages: Build a generated image through DockerFile to ultimately publish and run the product.
    • Docker container: A container is a mirror that runs to provide services.


8. Docker Network

Tags: Docker Container jar

Posted on Tue, 28 Sep 2021 13:07:10 -0400 by siko