Simple tutorial for the docker beginner.
Frank
In Linux, Logical Volume Manager (LVM) is a device mapper target that provides logical volume management for the Linux kernel. Most modern Linux distributions are LVM-aware to the point of being able to have their root file systems on a logical volume.
在linux中LVM是kernel提供邏輯卷軸管理的功能,負責device mapper,大多數現代Linux發行版都支持LVM,可以將其根文件系統放在邏輯卷上。
(form Wiki)
#
fdisk -lOverlayFS是一個面向Linux的檔案系統服務,其實現一個面向其他檔案系統的聯合掛載。
可以想成是我們在操作git
$
docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
5ba4f30e5bea: Pull complete
9d7d19c9dc56: Pull complete
ac6ad7efd0f9: Pull complete
e7491a747824: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:46fb5d001b88ad904c5c732b086b596b92cfb4a4840a3abd0e35dbb6870585e4
Status: Downloaded newer image for ubuntu:latestsystemd is a software suite that provides an array of system components for Linux operating systems.
Its main aim is to unify service configuration and behavior across Linux distributions; systemd's primary component is a "system and service manager"—an init system used to bootstrap user space and manage user processes. It also provides replacements for various daemons and utilities, including device management, login management, network connection management, and event logging.
systemd是一個軟件套件,為Linux操作系統提供了一系列系統組件。它的主要目的是統一Linux發行版之間的服務配置和行為。
Namespaces are a feature of the Linux kernel that partitions kernel resources such that one set of processes sees one set of resources while another set of processes sees a different set of resources.
namespace是Linux kernel的一項功能,該功能對kernel resources進行分區,以使一組processes看到一組resources,而另一組processes看到另一組resources。
Namespace Constant Isolates
Cgroup CLONE_NEWCGROUP Cgroup root directory
IPC CLONE_NEWIPC System V IPC, POSIX message queues
Network CLONE_NEWNET Network devices, stacks, ports, etc.
Mount CLONE_NEWNS Mount points
PID CLONE_NEWPID Process IDs
User CLONE_NEWUSER User and group IDs
UTS CLONE_NEWUTS Hostname and NIS domain name
$
docker run -it --rm busybox /bin/sh
psother terminal
$
ps -ef |grep busycgroups (control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.
cgroups(控制組)是Linux kernel的一項功能,可限制,計算比重和隔離進程集合的資源使用(CPU,記憶體,硬碟I / O,網路等)。
#
mount -t cgroup
cd /sys/fs/cgroup/cpu
mkdir testlimit
ls testlimit/
cat /sys/fs/cgroup/cpu/testlimit/cpu.cfs_quota_us
cat /sys/fs/cgroup/cpu/testlimit/cpu.cfs_period_us
echo 30000 > /sys/fs/cgroup/cpu/testlimit/cpu.cfs_quota_us // cpu usage 30%
while : ; do : ; done &
top -p {PID}
echo {PID} > /sys/fs/cgroup/cpu/testlimit/tasks
top -p {PID}A hypervisor (or virtual machine monitor, VMM) is computer software, firmware or hardware that creates and runs virtual machines.
hypervisor 是用來建立與執行虛擬機器的軟體或韌體,分為 type 1 and type 2。
(form Wiki)
Docker is a set of platform as a service (PaaS) products that uses OS-level virtualization to deliver software in packages called containers.
Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels. All containers are run by a single operating system kernel and therefore use fewer resources than virtual machines.
(form Wiki)
A container runs natively on Linux and shares the kernel of the host machine with other containers. It runs a discrete process, taking no more memory than any other executable, making it lightweight.
By contrast, a virtual machine (VM) runs a full-blown “guest” operating system with virtual access to host resources through a hypervisor. In general, VMs incur a lot of overhead beyond what is being consumed by your application logic.
(form official)
Docker used LXC as its default execution environment.
LXC(Linux Container) is a userspace interface for the Linux kernel containment features. Through a powerful API and simple tools, it lets Linux users easily create and manage system or application containers.
$
docker run -d busybox sleep 1000;
pstree -a
Docker Engine:
┌─Docker Daemon
│ └─Docker Server(Host)
│ └─Docker Engine API(SDK) -- Docker registries(Docker Hub)
└─Docker Client
As the docker deamon running in the systemD, then the Docker client can be used by us.
$
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine;
sudo yum install -y yum-utils;
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo;
sudo yum install docker-ce docker-ce-cli containerd.io;$
sudo groupadd docker;
sudo usermod -aG docker $USER;reboot or relogin;
$
sudo systemctl enable --now docker.service;
docker run hello-world