概述

Docker Engine

  1. a daemon process (the dockerd command)

  2. A REST API

  3. A command line interface (CLI) client (the docker command).

Docker Engine Components
Figure 1. Docker Engine Components

The daemon creates and manages Docker objects, such as images, containers, networks, and volumes.

What can I use Docker for?

  1. Fast, consistent delivery of your applications

  2. Responsive deployment and scaling

  3. Running more workloads on the same hardware

Docker Architecture

Docker Architecture
Figure 2. Docker Architecture

The Docker daemon

  1. listens for Docker API requests

  2. manages Docker objects

The Docker client

The docker command uses the Docker API.

Docker registries

A Docker registry stores Docker images.

Docker Hub is a public registry.

Docker objects

  1. image

  2. container

  3. network

  4. volume

  5. plugin

  6. other objects

IMAGES

An image is a read-only template with instructions for creating a Docker container.

CONTAINERS

A container is a runnable instance of an image.

Example

docker run -i -t ubuntu /bin/bash

  1. Docker pulls the ubuntu image from your configured registry, docker pull ubuntu;

  2. Docker creates a new container, docker container create;

  3. Docker allocates a read-write filesystem to the container, as its final layer.

  4. Docker creates a network interface to connect the container to the default network

  5. Docker starts the container and executes /bin/bash.

  6. type exit to terminate the /bin/bash command, the container stops but is not removed.

SERVICES

Services allow you to scale containers across multiple Docker daemons, which all work together as a swarm with multiple managers and workers.

The underlying technology

Namespaces

Docker uses a technology called namespaces to provide the isolated workspace called the container.

  1. The pid namespace: Process isolation (PID: Process ID).

  2. The net namespace: Managing network interfaces (NET: Networking).

  3. The ipc namespace: Managing access to IPC resources (IPC: InterProcess Communication).

  4. The mnt namespace: Managing filesystem mount points (MNT: Mount).

  5. The uts namespace: Isolating kernel and version identifiers. (UTS: Unix Timesharing System).

Control groups

A control group (cgroup) limits an application to a specific set of resources.

Union file systems

Union file systems, or UnionFS, are file systems that operate by creating layers, making them very lightweight and fast.

Docker Engine can use multiple UnionFS variants, including AUFS, btrfs, vfs, and DeviceMapper.

Container format

Docker Engine combines the namespaces, control groups, and UnionFS into a wrapper called a container format. The default container format is libcontainer.

支付宝

微信

感谢您的支持,😜