Introduction to Docker
Docker is a powerful tool for efficiently developing, packaging, and deploying applications.Docker is a container management service.Docker was released in 2013. It is open source and available for different platforms such as Windows, macOS, and Linux.Docker is rapidly delivering, testing, and deploying code. This reduces the delay between writing code and running it in a production environment. You can create self-contained environments called containers. It can run consistently across different platforms.
Docker is a set of Platform-as-a-Service (PaaS) products that use operating system-level virtualization to deliver software in packages called containers. Containers are isolated from each other and bundled with their own software, libraries, and configuration files; they can communicate with each other through well-defined channels. All containers run from a single operating system kernel and therefore use fewer resources than virtual machines.
Docker is an open source containerization platform that allows you to package your application and all its dependencies into a standardized unit called a container. Containers are lightweight, which makes them portable, and they are isolated from the underlying infrastructure and other containers. You can run a docker image as a docker container on any computer with docker installed, without relying on the operating system.
Why is Docker popular?
Docker is popular for its impact on software development and deployment. Here are some of the main reasons for docker's popularity:
- portability (programming language): Docker helps developers package their applications with all their dependencies into a single lightweight container. It helps ensure consistent performance across different computing environments.
- repeatability: By encapsulating the application and its dependencies in a container, it ensures that the software setup remains consistent across development, test and production environments.
- efficiency: Docker optimizes resource utilization through its container-based architecture. It allows developers to run multiple isolated applications on a single host system.
- scalability: Docker's scalability features help developers more easily handle their applications as workloads increase.
Key Components of Docker
Here are some of the key components of Docker:
- Docker Engine: It is the core part of Docker that handles the creation and management of containers.
- Docker Image: It is a read-only template used to create containers with application code and dependencies.
- Docker Hub: It is a cloud-based repository for finding and sharing container images.
- Dockerfile: This is a script with instructions for building a docker image.
- Docker Registry : It is a storage distribution system for docker images where you can store images in public and private mode.
Docker architecture and how Docker works?
Docker uses a client-server architecture.Docker clients communicate with the docker daemon, which helps in building, running, and distributing docker containers.Docker clients run on the same system as the daemon, or we can remotely connect a Docker client to the Docker daemon. The docker client and daemon can interact with each other with the help of UNIX sockets or REST APIs on the network.
Docker Daemon
The Docker daemon manages all services by communicating with other daemons. It manages Docker objects such as images, containers, networks, and volumes with the help of Docker's API requests.
Docker Client
With the help of the docker client, docker users can interact with docker. docker commands use the Docker API. docker clients can communicate with multiple daemons. When a docker client runs any docker command on a docker terminal, the terminal sends commands to the daemon. the Docker daemon obtains these commands from the docker client within command shapes and REST API requests.
The main goal of the docker client is to provide a way to direct the extraction of images from the docker registry and run them on the docker host. The common commands used by the client are docker build, docker pull, and docker run.
Docker Host
A Docker host is a machine responsible for running multiple containers. It includes the Docker daemon, images, containers, networking, and storage.
Docker Registry
All docker images are stored in the docker registry. There is a public registry, called docker hub, that anyone can use. We can also run our private registry. With the help of docker run or docker pull command, we can extract the required images from the configured registry. With the help of docker push command, the image is pushed to the configured registry.
Docker Objects
Whenever we use docker, we create and use images, containers, volumes, networks, and other objects. Now, we'll discuss docker objects: -
Docker Images
The image contains instructions for creating a Docker container. It is just a read-only template. It is used to store and deliver applications. Images are an important part of the docker experience because they support collaboration between developers in any way that wasn't possible before.
Docker Containers
Containers are created from docker images as they are ready-made applications. With the help of Docker API or CLI, we can start, stop, delete or move containers. Containers can only access those resources defined in the image, unless other access rights are defined during the building of the image in the container.
Docker Storage
We can store data in the writable layer of the container, but it requires a storage driver. The storage driver controls and manages images and containers on the Docker host.
The following are common methods of data persistence in Docker:
- Data Volumes: A data volume is a special type of directory that bypasses the container file system and stores data on the host. Data volumes can be shared by one or more containers and persist between containers. Using data volumes makes it easy to back up, restore, and migrate data.
- Bind Mounts: Bound mounts allow files or directories on the host to be mounted directly to the container. In this way, the container can access the data in the host's filesystem and changes to the data are reflected on the host.
- Named Volumes: A named volume is a volume of data with a name that can be shared across multiple containers and can be easily managed and used. By assigning a name to a volume, you can refer to it directly when you create a container, and Docker automatically creates and manages the volume.
- Data Volume Containers (DVCs): Data volume containers are a special type of container used to store and manage data volumes. Other containers can mount these data volume containers with the --volumes-from option to share and persist data.
Docker Networking
Docker networks provide complete isolation for Docker containers. This means that users can link docker containers to multiple networks. It requires very few operating system instances to run workloads.
Network Mode Description
network paradigm | configure | clarification |
---|---|---|
bridge | --network=bridge | Assign IPs to each container. and connect the containers to the docker0 virtual bridge, which is the default mode |
host | --network=host | Instead of creating its own NIC, configuring IPs, etc., the container uses the IP and port of the host machine |
none | --network=none | The container turns off the network function and does not make any network settings |
container | --network=container | Instead of creating its own NIC and IP, the container shares the IP and port with a specified container |
custom | --network=new_bridge | Assign IPs to each container. And connect the containers to a customized virtual bridge |
Docker Installation Methods
Preparing the environment
System Requirements: Docker supports 64-bit versions of CentOS 7/8 and requires a kernel version of at least 3.10. CentOS 7 meets the minimum kernel requirements, but some features (such as the overlay2 storage tier driver) are not available due to the lower kernel version, and some features may be less stable.
For upgrading the Linux kernel refer to theCentOS 7 kernel upgrades (yum and compilation)》
[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
[root@localhost ~]# uname -r
3.10.0-1160.el7.x86_64
[root@localhost ~]# setenforce 0
[root@localhost ~]# sed - '7s/enforcing/disabled/' /etc/selinux/config
[root@localhost ~]# swapoff -a
[root@localhost ~]# sed - 's/.*swap.*/#&/' /etc/fstab
[root@localhost ~]# systemctl stop firewalld && systemctl disable firewalld
[root@localhost ~]# firewall-cmd --state
not running
# Replacement of Ali source
[root@localhost ~]# mv /etc// /etc//
[root@localhost ~]# curl -o /etc// /repo/
[root@localhost ~]# curl -o /etc// /repo/
Online YUM Installation
Time: 2024-09
# Uninstall an older version
[root@localhost ~]# yum remove docker docker-client docker-client-latest docker-common docker-latest \
docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine
# Install the required packages。yum-utils offers yum-config-manager
[root@localhost ~]# yum install -y yum-utils
# increase yum software source(choose three)
[root@localhost ~]# yum-config-manager --add-repo /docker-ce/linux/centos/ # ariyuan (geology)
yum-config-manager --add-repo /docker-ce/linux/centos/ # Tsinghua University source
yum-config-manager --add-repo /linux/centos/ # official source(slower)
# List the versions available in the repository。By version number(high to low)
[root@localhost ~]# yum list docker-ce --showduplicates | sort -r
* updates:
Loading mirror speeds from cached hostfile
Loaded plugins: fastestmirror
* extras:
docker-ce.x86_64 3:26.1.4-1.el7 docker-ce-stable
docker-ce.x86_64 3:26.1.3-1.el7 docker-ce-stable
docker-ce.x86_64 3:26.1.2-1.el7 docker-ce-stable
docker-ce.x86_64 3:26.1.1-1.el7 docker-ce-stable
docker-ce.x86_64 3:26.1.0-1.el7 docker-ce-stable
docker-ce.x86_64 3:26.0.2-1.el7 docker-ce-stable
docker-ce.x86_64 3:26.0.1-1.el7 docker-ce-stable
docker-ce.x86_64 3:26.0.0-1.el7 docker-ce-stable
docker-ce.x86_64 3:25.0.5-1.el7 docker-ce-stable
docker-ce.x86_64 3:25.0.4-1.el7 docker-ce-stable
docker-ce.x86_64 3:25.0.3-1.el7 docker-ce-stable
docker-ce.x86_64 3:25.0.2-1.el7 docker-ce-stable
docker-ce.x86_64 3:25.0.1-1.el7 docker-ce-stable
docker-ce.x86_64 3:25.0.0-1.el7 docker-ce-stable
docker-ce.x86_64 3:24.0.9-1.el7 docker-ce-stable
docker-ce.x86_64 3:24.0.8-1.el7 docker-ce-stable
# Install the latest version
[root@localhost ~]# yum install docker-ce docker-ce-cli
# If you select the version to install for exampledocker-ce-24.0.9
yum install docker-ce-<VERSION_STRING> docker-ce-cli-<VERSION_STRING>
# If you select the test version of the Docker Please execute the following command
yum-config-manager --enable docker-ce-test
# validate (a theory)
[root@localhost ~]# docker -v
Docker version 26.1.4, build 5650f9b
# increase国内镜像加速(Reboot required for each modification docker)
[root@localhost ~]# cat > /etc/docker/ <<EOF
{
"registry-mirrors": [
"",
"",
"",
"",
"",
"",
".",
""
]
}
EOF
# activate (a plan)
[root@localhost ~]# systemctl daemon-reload && systemctl start docker
# beta (software) Docker Is it installed correctly?
[root@localhost ~]# docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
d195baed67eb: Pull complete
Digest: sha256:be06e3c4ce8780c0f87fbf66ec9b34623ba2fd14caa5559be5b593653821b814
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
/
For more examples and ideas, visit:
/get-started/
If you can output the above information normally,Then the installation is successful。
Binary offline installation
Time: 2024-09
Download Docker Address
- Ali's address [/docker-ce 】
- Address of Tsinghua University【/docker-ce 】
- Official address [ 】
# downloading Docker docker-23.0. e.g. (Current version docker-27.2.)
[root@localhost ~]# wget /docker-ce/linux/static/stable/x86_64/docker-23.0.
[root@localhost ~]# tar -xf docker-23.0.
[root@localhost ~]# cp docker/* /usr/bin/
[root@localhost ~]# docker -v
Docker version 23.0.6, build ef23cbc
[root@localhost ~]# docker -h
# commander-in-chief (military)dockerregister as Systemd (used form a nominal expression) service
[root@localhost ~]# cat > /etc/systemd/system/ <<EOF
[Unit]
Description=Docker Application Container Engine
Documentation=
After=
Wants=
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H unix:///var/run/ --selinux-enabled=false --default-ulimit nofile=65536:65536
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=
EOF
# If you need to enable remote servicesExecStartattribute is modified to the following command:
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/ --selinux-enabled=false --default-ulimit nofile=65536:65536
# -H tcp://0.0.0.0:2375 Open Remote Connection Command
# Add file executable permissions
[root@localhost ~]# chmod +x /etc/systemd/system/
# Add domestic mirror acceleration(Reboot required for each modification docker)
[root@localhost ~]# mkdir /etc/docker
[root@localhost ~]# cat > /etc/docker/ <<EOF
{
"registry-mirrors": [
"",
"",
"",
"",
"",
"",
".",
""
]
}
EOF
# activate (a plan)
[root@localhost ~]# systemctl daemon-reload && systemctl start docker
# beta (software) Docker Is it installed correctly?
[root@localhost ~]# docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
d195baed67eb: Pull complete
Digest: sha256:be06e3c4ce8780c0f87fbf66ec9b34623ba2fd14caa5559be5b593653821b814
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
/
For more examples and ideas, visit:
/get-started/
If you can output the above information normally,Then the installation is successful。