Everything You Wanted to Know About DOCKER COMPONENTS
Docker, a new container technology, is hotter than hot because it makes it possible to get far more apps running on the same old servers and it also makes it very easy to package and ship programs. Here’s what you need to know about it.
Introduction to docker and virtualization
Docker is an open source engine that can automatically deploy applications to containers. Compared with virtualization, it has the characteristics of light weight and rapid deployment and deletion, which can make software development bias toward the direction of microservice architecture. Both resource costs and management methods have too many advantages over traditional virtualization, but they have higher requirements for the operating environment.
The components of docker include the following four:
(1) Client and server of docker;
(2) Docker images (images);
(3) registry (warehouse, such as the official docker hub)
(4) Docker container (container, regarded as a “system” of image instantiation)
As Docker has three basic components: warehouse, image and container, and the relationship between them can be described simply by the following picture:
1. Mirror
Before Docker runs the container, a corresponding image needs to exist locally.
Images can be used to create Docker containers. An image can contain a complete operating system environment and other applications required by the user. There are a large number of ready-made images in docker hub for download. The docker image is only readable, one image can create multiple containers.
2. Container
Docker uses containers to develop and run applications.
Containers are instances created by images. It can be started, started, stopped and deleted. Each container is an isolated platform that guarantees safety.
3. Warehouse
A warehouse is a place where image files are stored centrally.
Each warehouse contains multiple images, and each image has a different tag.
The largest public warehouse isDockerThe Hub stores a large number of images for users to download. Domestic public warehouses include DockerPool, etc., can provide more stable and fast access for mainland users. Of course, users can also create a private warehouse in the local network.
Because docker is a C/S architecture, it must have a client and a server. Here the client is the docker command, that is, various commands executed by the user, such as docker pull, docker build, docker run, etc. After executing the command, the server is the docker deamon, receiving and responding to commands from various clients. Taking the pull image as an example here, it is divided into two cases, namely, there is a mirror to be pulled locally (red process) and no mirror to be pulled locally (black process).
For the local pull image, use the image to instantiate it as a container; if the local image does not exist, search from the container warehouse, download it to the local after searching, and then use the image to create A container.
Docker technologies include:
(1) A native Linux container;
(2) Linux kernel namespace, used to isolate file system, process and network;
(3) File system isolation;
(4) Process isolation: each container runs in its own root file system;
(5) Network isolation: The virtual network interface and IP address between the containers are separated;
(6) Resource isolation grouping: use cgroups to independently allocate resources such as cpu and memory to each docker container;
(7) Realistic copy: the file system is created by copy-on-write, which means that the file system is hierarchical, fast, and takes up little disk space;
(8) Log: You can use docker log to view;
Architecture comparison between docker and virtual machine:
Comparing the differences between the two images, the Guest OS layer and Hypervisor layer of the virtual machine on the left are replaced by the Docker Engine layer in Docker. The guest OS of the virtual machine is the operating system installed in the virtual machine. It is a complete operating system kernel; the hypervisor layer of the virtual machine can be simply understood as a hardware virtualization platform. It exists as a kernel-mode driver in the Host OS.
To sum up a sentence: docker is fast and easy to port, but the security is low; the virtual machine is slow and difficult to port, but the security is high.
But with the future development, docker should be able to overcome these problems.
Containers, however, use shared operating systems. That means they are much more efficient than hypervisors in system resource terms. Instead of virtualizing hardware, containers rest on top of a single Linux instance.
On the other hand, if all you want to do is get the most server application instances running on the least amount of hardware, you couldn’t care less about running multiple operating system VMs. If multiple copies of the same application are what you want, then you’ll love containers.
Thanks for reading this post, if you like to follow me up.(pankajconnect.com)
