cool hit counter Probably one of the articles that makes the concept of Docker the clearest_Intefrankly

Probably one of the articles that makes the concept of Docker the clearest

This article is just a more detailed introduction to the concept of Docker, and does not cover something like the installation of a Docker environment and some common operations and commands of Docker.

It takes about 15 minutes to read this article, and by reading it you will know the following concepts.

  • container
  • What is Docker?
  • Docker ideas, features
  • What are the main problems solved by Docker containers
  • Containers vs. Virtual Machines
  • Dockerbasic concept: Mirror (Image), container(Container), Repository (Repository)

Docker is the world's leading software container platform , so to understand the concept of Docker we must start with containers.

one start with Recognizing containers commencement

1.1 What is a container?

Let's start with the more official explanation of containers

in a nutshell Containers. container It is the packaging of software into standardized chemical unit, for the development of、 Delivery and deployment。

  • Container images are lightweight, executable standalone packages , contains everything you need to run the software: code, runtime environment, system tools, system libraries and settings.
  • Containerized software for Linux and Windows-based applications that run consistently in any environment.
  • container Gives software independence that insulate them from external environmental differences (e.g., differences in development and preview environments), thus helping to reduce conflicts between teams running different software on the same infrastructure.

Again, let's look at the more general explanation of containers

If I need to describe a container in layman's terms, I think a container is a place to store things, just as a school bag can hold all kinds of stationery, a wardrobe can hold all kinds of clothes, and a shoe rack can hold all kinds of shoes. What we now call containers store things that are probably more oriented towards applications like websites, programs or even system environments.

Recognizing containers

1.2 Illustrating Physical Machines, Virtual Machines and Containers

with respect to virtual machine together with container The comparison is covered in detail later in, Here are just a few pictures from the internet to deepen your understanding of physical machine、 virtual machine together with container The understanding of these three。

physical machine

physical machine

Virtual machine.

virtual machine



Using these three abstract diagrams above, we can probably generalize by analogy that Containers virtualize the operating system rather than the hardware, and containers share the same set of operating system resources with each other. Virtual machine technology is the process of virtualizing a set of hardware and then running a full operating system on it. Therefore the isolation level of the container will be slightly lower.

I believe that through the above explanation you have a preliminary understanding of the concept of containers, which is both strange and familiar, and below we will talk about some concepts of Docker.

II A few more concepts of Docker

Some concepts of Docker

2.1 What is Docker?

To be honest about what Docker is is not too good, below I explain to you what Docker really is through four points.

  • Docker is the world's leading software container platform。
  • Docker Using Google's Go language Development implementation, based on Linux kernel The cgroup, namespace, and AUFS classes of theUnionFS and other technologies. The encapsulated isolation of processes is a virtualization technique at the operating system level. Since the isolated process is independent of the host and other isolated in process, hence the term container. Docke's original implementation was based on LXC.
  • Docker's ability to automate repetitive tasks, such as building and configuring development environments, frees developers to focus on what really matters: building great software.
  • Users can easily create and use containers to put their applications into containers. Containers can also be versioned, copied, shared, and modified, just like managing regular code.
What is Docker

2.2 Docker thinking

  • container (for shipping)
  • Standardization. ① Transportation method ② Storage method ③ API interface
  • segregate

2.3 Features of Docker containers

  • lightweight

Multiple Docker containers running on a single machine can share that machine's OS kernel; they can be started quickly and take up very few compute and memory resources. The image is constructed through the file system layer and shares some public files. This minimizes disk usage and allows for faster image downloads.

  • standardized

Docker containers are based on open standards and can run on all major Linux versions, Microsoft Windows, and any infrastructure including VMs, bare metal servers, and clouds.

  • security

Docker The application that gives the segregate Sex is not limited to each other segregate, Also independent of the underlying infrastructure。Docker The default provides the strongest segregate, Hence the problem with the application, Also just a single container existing issues whereas It won't affect the whole machine.。

2.4 Why use Docker

  • Docker's images provide a complete runtime environment in addition to the kernel, ensuring a consistent application environment so that there are no more problems like "this code is fine on my machine"; - a consistent runtime environment
  • Start-up times of seconds, or even milliseconds, can be achieved. Significant time savings in development, testing, and deployment. --Faster start-up time
  • Avoid public servers where resources will be vulnerable to other users. --Segregation
  • Adept at handling concentrated bursts of server usage pressure; - Resilient scaling for fast expansion
  • It is easy to take an application that is running on one platform and migrate it to another platform without having to worry about changes in the operating environment causing the application to not run properly. --Ease of migration
  • Using Docker allows for continuous integration, continuous delivery, and deployment through custom application images. --Continuous delivery and deployment

Whenever we talk about containers, we have to make a comparison with virtual machines. As far as I'm concerned, it doesn't matter who will replace who for both, but that both can coexist in harmony.

III Containers vs. Virtual Machines

   In brief. Containers and virtual machines have similar advantages of resource isolation and allocation, but differ in functionality because containers virtualize the operating system, not the hardware, and are therefore easier to port and more efficient.

3.1 Comparison chart between the two

  Traditional virtual machine technology virtualizes a set of hardware and then runs a full operating system on it, on which the required application processes are then run; whereas the application processes within the container run directly on the host's kernel, there is no kernel of its own within the container, and no hardware virtualization is performed. So containers are lighter than traditional virtual machines.

Containers vs. Virtual Machines

3.2 Summary of Containers and Virtual Machines (VMs)

Containers and Virtual Machines (VMs) Summary
  • A container is an application layer abstraction for packaging code and dependent resources together. Multiple containers can run on the same machine, sharing the OS kernel, but each running as separate processes in user space . Compared to virtual machines, the Containers take up less space (container images are usually only a few tens of megabytes in size), the Startup in a flash
  • virtual machine (VM) is a physical hardware layer abstraction, For turning one server into multiple servers。 The hypervisor allows multiple VMs to run on a single machine. Each VM contains a complete set of operating systems, one or more applications, necessary binaries and library resources, so Takes up a lot of space . And VM It also starts very slowly

   Through the official Docker website, we know so many advantages of Docker, but there is no need for people to completely dismiss the virtual machine technology, as there are different usage scenarios for both. Virtual machines are better at completely isolating the entire operating environment。 for example, Cloud service providers typically use virtual machine technical segregate Different users。 but (not) Docker Usually used for segregate Different applications , such as front-end, back-end, and database.

3.3 container together with virtual machine (VM) The two can coexist

As far as I'm concerned, it doesn't matter who will replace who for both, but that both can coexist in harmony.

The two can coexist

There are three basic concepts in Docker that are very important, and understanding them will lead to understanding the entire lifecycle of Docker.

IV Basic Docker Concepts

Docker includes three basic concepts

  • Mirror (Image)
  • container(Container)
  • Repository (Repository)

By understanding these three concepts, you understand the entire lifecycle of Docker

Docker includes three basic concepts

4.1 Image - a special file system

   The operating system is divided into kernel and user space。 as far as sth is concerned Linux with regard (preceding phrase), After the kernel starts, will mount root The file system provides user space support for its。 but (not)Docker Mirror (Image), It's the equivalent of a root file system。

   A Docker image is a special filesystem that contains some configuration parameters (such as anonymous volumes, environment variables, users, etc.) prepared for runtime, in addition to providing files for programs, libraries, resources, configuration, etc. needed for container runtime. Mirrors do not contain any dynamic data, and their contents are not changed after they are built.

   Docker is designed to take full advantage of the Union FS The technology that will be designed to Architecture of Tiered Storage . The image is actually composed of multiple layers of file system federation.

   When a mirror is built, it is built layer by layer, with the former layer being the basis for the latter. No further changes occur after each layer is built, and any changes on the latter layer only occur on its own layer.  For example, an operation that deletes a file on the previous level does not actually delete the file on the previous level, but only marks the file as deleted on the current level. The file will not be visible when the final container is run, but the file will actually follow the image all the time. Therefore, extra care needs to be taken when building the image, each layer tries to contain only what needs to be added to that layer, and any extras should be cleaned up before the end of that layer's build.

   The feature of tiered storage also makes it easier to reuse and customize images. It is even possible to build a new image using a previously built image as a base layer and then further add new layers to customize what you need.

4.2 Container - the entity that mirrors the runtime

   Mirror (Image) harmony container(Container) commercial sector, It's like object-oriented programming in kind harmony an actual example the same as, Mirroring is statically defined, Containers are entities that mirror the runtime. Containers can be created, started, stopped, deleted, suspended, etc.

   container The essence of the process, But unlike processes that execute directly at the host, container process runs on its own separate namespace。 As mentioned earlier mirroring uses tiered storage, container And so it is.。

   The container storage layer has the same life cycle as the container, and when the container dies, the container storage layer dies with it. As a result, any information saved in the container storage layer is lost with the container deletion.

   As required by Docker best practices, the A container should not write any data into its storage layer , container The storage layer is to be kept stateless。All file writing operations should use a volume, or a bound host directory , reads and writes at these locations skip the container storage layer and occur directly to the host (or network storage), which has higher performance and stability. Data volumes have a container-independent life cycle; they do not die out when the container dies. Therefore. After using a data volume, containers can be deleted and re-run at will without losing data.

4.3 Repository (Repository)—— A centralized place to store image files

   Once the image is built, it can easily be run on the current host, but the If we need to use this image on other servers, we need a centralized service for storing and distributing images, and Docker Registry is such a service.

   an Docker Registry can contain more than one Repository (Repository); Each repository can contain multiple tags(Tag); Each tag corresponds to a mirror。 that's why: Image repositories are used by Docker to centrally store image files similar to the code repositories we used to use before.

   Usually. A repository will contain images of different versions of the same software whereas Labels are commonly used to match various versions of this software . We can get to the bottom of this by< Warehouse Name>:< label> format to specify exactly which version of this software is mirrored. If no label is given, latest will be used as the default label....

Here's an addition. Docker Registry Public Services and private Docker Registry concrete concepts:

   Docker Registry Public Services It is a Registry service that is open to users and allows them to manage mirrors. Generally such public services allow users to upload and download public mirrors for free, and may offer a paid service for users to manage private mirrors.

   The most commonly used Registry public service is the official Docker Hub This is also the default Registry, and has a large number of high quality official mirrors at . In-country visitsDocker Hub It may be slow There are also some cloud providers in China that offer public services similar to Docker Hub. for example Timeless Cloud Mirror Library NetEase Cloud Mirroring Service DaoCloud Mirror Marketplace Ali cloud mirror repository etc.

   In addition to using the public service, users can also use the Build a private Docker Registry locally . Docker officially provides a Docker Registry image that can be used directly as a private Registry service. The open source Docker Registry image only provides a server-side implementation of the Docker Registry API, which is sufficient to support docker commands and does not affect usage. However, it does not include a graphical interface, and advanced features such as mirror maintenance, user management, and access control.

With the concepts of Docker basically out of the way, let's finally talk about: Build, Ship, and Run.

V. A final word: Build, Ship, and Run

If you search the official Docker website, you will find the following words.“Docker - Build, Ship, and Run Any App, Anywhere” . So what exactly is Build, Ship, and Run doing?

build ship run
  • Build (build image) : Images are like containers of files and runtime environments and other resources.
  • Ship (transport mirror) : Transported between the mainframe and the warehouse, which is like a super dock here.
  • Run (run the image) : A running image is a container, container That's where you run the program.。

The Docker run process is also about going to the repository and pulling the image locally, then running the image with a single command to turn it into a container. So, we also often refer to Docker as a dock worker or dock loader, which is the same as the Chinese translation of Docker for porter.

VI. Summary

This article focuses on some common concepts in Docker in detail, but does not cover Docker installation, image usage, container operation, etc. This is the part of the stuff that the reader can hopefully master on their own by reading the books with the official documentation. If you find the official documentation a chore to read, here is a recommended book, "Getting Started with Docker Technology and Hands-on, Second Edition".

If you found my article helpful, Welcome to follow my WeChat public number:" Java Interview Passbook"( A WeChat public website with temperature, advertising-free, Mere technical sharing, Looking forward to working with you on your progress~~~ Stick to the original, Share the beautiful article, Share variousJava Learning Resources。 You can follow it if you want., The public page is just a place for me to record my words and my life, It's not about the benefits.。)

My Public

1、The caliber of explanation for recent complaints of content lagging in Lovecraft and others
2、Poetry artificial intelligence a bowl of yangchun noodles above
3、What the hell is a digital signature anyway
4、Tyros Tutorial Compilation with New Years Super Pack
5、Saihan District Finance Bureau organized a party group to study the implementation of cyber security responsibility system

    已推荐到看一看 和朋友分享想法
    最多200字,当前共 发送