Docker基础培训

image
image
Docker Registries:Docker
registries hold images. These are public or private stores from which you upload or download images. The public Docker registry is called Docker Hub.
秘密▲
使用Docker：Working with Containers
Compile error？
OS version？
Dependency？
App Development &Operations
App Development & Operations
Docker
App Development & Operations
Configuration？
Machine halt？ App version？
Docker LXC（Linux Containers） Union FS Cgroups Linux Kernel Namespaces
Cgroups：实现了对资源的配额和 度量。 UnionFS：是一种支持将不同目录 挂载到同一个虚拟文件系统下(unite several directories into a single virtual filesystem)的文件系统 LXC：Linux Container，提供了一 种操作系统级的虚拟化方法。借助于 namespace的隔离机制和cgroup限 额功能来管理container
DOCKER 基础培训
主讲人：陈力 日期：2014-8-10 TD RNC无线软件部
秘密▲
了解Docker
Docker is an open platform for developing, shipping, and running applications. At its core, Docker provides a way to run almost any application securely isolated in a container. 建立一个APP的开发和运维环境 你需要考虑？ 快速建立N个这样的APP开发和运维环境 你应该考虑？
秘密▲
了解Docker
Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing your Docker containers. Both the Docker client and the daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate via sockets or through a RESTful API.
Docker has exposed port 5000 (the default Python Flask port) on local docker host port （ from the range 49000 to 49900 ） 49155.
Tips：如果是在虚拟机上使用docker，local docker host为虚拟机的ip地址
秘密▲
了解Docker
Docker images:A Docker image is registry image image
a read-only template. For example, an image could contain an Ubuntu operating system with Apache and your web application installed. Images are used to create Docker containers.
秘密▲
秘密▲
Refresher on Docker
典型的Linux启动到运行需要两个FS ：bootfs + rootfs 。 bootfs 主要包含 bootloader 和 kernel, bootloader主要是引导加载kernel, 当boot成功后 kernel 被加载到内存中后 bootfs就被 umount了；rootfs (root file system) 包含的就是典型 Linux 系统中的 /dev, /proc,/bin, /etc 等 标准目录和文件。 在docker中，对 rootfs先以readonly方式加载并检查，接下来利用 union mount 将一个 readwrite 文件系统挂载在 readonly 的rootfs之上，并且允许再次将下层的 file system设定为 readonly 并且向上叠加, 这样一组readonly和一个writeable的结构构成一个container的运行目 录, 每一个被称作一个Layer。每一个对readonly层文件/目录的修改都只会存在于上层的 writeable层中。由于不存在竞争, 多个container可以共享readonly的layer。所以docker将 readonly的层称作 "image" - 对于container而言整个rootfs都是read-write的，但事实上所有的 修改都写入最上层的writeable层中, image不保存用户状态，可以用于模板、重建和复制。 从一个image启动一个container时，docker会先加载其下层image直到base image，用 户的进程运行在writeable的layer中。所有image中的数据信息以及ID、网络和lxc管理的资源 限制等具体container的配置，构成一个docker概念上的container。
如果要获取最新的docker版本，你需要location到docker repository，按如下方式执行 curl脚本即可：
Docker当前最新版本为1.1.2
秘密▲
Dockerizing Applications: A "Hello world"
Hello world
docker run : The combination runs containers. ubuntu:14.04 : This is the source of the container we ran. Docker calls this an image. In this case we used an Ubuntu 14.04 operating system image.【也可以直接写ubuntu，这样获取的 是ubuntu:latest image】 /bin/echo ‘Hello world‘ :told Docker what command to run inside our new container When our container was launched Docker created a new Ubuntu 14.04 environment and then executed the/bin/echo command inside it. We saw the result on the command:Hello world
秘密▲
Dockerizing Applications: A "Hello world"
Let's try running some commands inside our container
A Daemonized Hello world
-d flag tells Docker to run the container and put it in the background, to daemonize it. 1e5535038e28………: This really long string is called a container ID. It uniquely identifies a container so we can work with it.
接下来，你可以使用更多的docker命令来操纵container, just try them! docker ps：List containers; docker logs <container>:Fetch the logs of a container； docker stop <container>:Stop a running container；等等
App Development & Operations
Hale Waihona Puke Baidu
秘密▲
了解Docker
Why not VMs？用户需要的是高效运行环境而非OS, GuestOS既浪费资源又 难于管理，轻量级的Container更加灵活和快速。
VS
秘密▲
了解Docker
Namespaces：LXC所实现的隔离性 主要是来自kernel的namespace, 其 中pid, net, ipc, mnt, uts 等 namespace将container的进程, 网络, 消息, 文件系统和hostname 隔离开
An Interactive Container
two flags: -t and -i. The -t flag assigns a pseudo-tty or terminal inside our new container and the -i flag allows us to make an interactive connection by grabbing the standard in (STDIN) of the container. /bin/bash.：This will launch a Bash shell inside our container.
安装Docker
秘密▲
准备一个Ubuntu Trusty 14.04 (LTS) (64-bit)版本，如ubuntu-14.04.1-server-amd64.iso Ubuntu Trusty comes with a 3.13.0 Linux kernel, and a docker.io package which installs Docker 0.9.1 and all its prerequisites from Ubuntu‘s repository. 因此，你很容易得 到docker的0.9.1版本，如下：
Docker containers:Each container
is created from a Docker image. A Docker container holds everything that is needed for an application to run
image
image
秘密▲
使用Docker：Working with Containers
Running a Web Application in Docker
-P flag： tells Docker to map any required network ports inside our container to our host. This lets us view our web application. training/webapp： is a pre-built image we've created that contains a simple Python Flask web application. python app.py： launches our web application.