Learning Docker--chapter 1

CONTENTS:

(1) An introduction to Docker

(2) Docker on Linux

(3) Differentiating between containerization and virtualization

(4) Installing the Docker engine

(5) Understanding the Docker setup

(6) Downloading the first image

(7) Running the first container

(8) Running a Docker container on Amazon Web Services

(9) Troubleshooting the Docker container

(1) An introduction to Docker

Virtualization technology has serious drawbacks, such as performance degradation due to the heavyweight nature of virtual machines, the lack of application portability, slowness in provisioning of IT resources, and so on. Therefore, the Docker initiative has been designed for making the containerization paradigm easier to grasp and use. Docker enables the containerization process to be accomplished in a risk-free and accelerated fashion. (My: Virtualization have some disadvantages and developers want to design Docker to deal with these disadvantages)

Docker is an open source containerization engine, which automates the packaging, shipping, and deployment of any software applications that are presented as lightweight, portable, and self-sufficient containers, that will run virtually anywhere. (My: The definition of Docker)

A Docker container is a software bucket comprising everything necessary to run the software independently. There can be multiple Docker containers in a single machine and containers are completely isolated from one another as well as from the host machine.

In other words, a Docker container includes a software component along with all of its dependencies(binaries, libraries, configuration files, scripts, jars, and so on).The Docker container has its own process space and network interface. It can run things as root, and have its own /sbin/init, which can be different from the host machines.

The Docker solution primarily consists of the following components:

• The Docker engine
• The Docker Hub

The Docker engine is for enabling the realization of purpose-specific as well as generic Docker container. The Docker Hub is a repository of the Docker images that can be combined in different ways for producing publicly findable, network-accessible, and widely usable containers. (My: Docker engine is a tool and Docker Hub is a repository.)

(2) Docker on Linux

The preceding diagram vividly illustrates how future IT systems would have hundreds of application-aware containers, which would be capable of facilitating their seamless integration and orchestration for deriving modular applications. These contained applications could fluently run on converged, federated, virtualized, share, dedicated, and automated infrastructures.

(3) Differentiating between containerization and virtualization

In the containerization paradigm, some of underutilized capabilities of the Linux kernel have been rediscovered.

The following table gives a direct comparison between virtual machines and containers:

Virtual Machines(VMs)	Containers
Represents hardware-level virtualization	Represents operating system virtualization
Heavyweight	Lightweight
Slow provisioning	Real-time provisioning and scalability
Limited performance	Native performance
Fully isolated and hence more secure	Process-level isolation and hence less secure

The convergence of containerization and virtualization

Traditional hypervisors, which represent hardware virtualization, directly secure the environment with the help of the server hardware. That is, VMs are completely isolated from the other VMs as well as from the underlying systems. But for containers, this isolation happens at the process level and hence, they are liable for any kind of security incursion. Furthermore, some vital features that are available in the VMs are not available in the containers. For instance, there is no support for SSH, TTY, and the other security functionalities in the containers. On the other hand, VMs are resource-hungry and hence, their performance gets substantially degraded. Indeed, in containerization parlance, the overhead of a classic hypervisor and a guest operating system will be eliminated to achieve bare mental performance. Therefore, a few VMs can be provisioned and made available to work on a single machine. Thus, on one hand, we have the fully isolated VMs with average performance and on the other hand, we have the containers that lack some of the key features, but are blessed with high performance. (My: VMs are completely isolated from the other VMs, Container are liable for security incursion. Container don’t have some vital features that are available in the VMs. VMs with average performance, but container with high performance by lacking of some of key features.)

(4) Installing the Docker engine

Ellipsis.(省略)

(5) Understanding the Docker setup

$ sudo docker version

These following output lines means:

• The client version
• The client API version
• The server version
• The server API version

If we dissect the internals of the docker version subcommand, then it will first list the client-related information that is stored locally. Subsequently, it will make a REST API call to the server over HTTP to obtain the server-related details.

$ sudo docker –D info

This command lists details, such as the Containers, Images, Storage Driver, Location, Executive Driver, Kernel Version, the Operating System, the number of CPUs, the Total Memory, and Name, the new Docker hostname.

Client server communication

On Linux installations, Docker is usually programmed for carrying out server-client communication by using the Unix socket (/var/run/docker.sock). Docker has IANA( The Internet Assigned Numbers Authority) registered port, which is 2375. However, for security reasons, this port is not enabled by default.

(6)     Downloading the first Docker image

$ sudo docker pull busybox

Once the images have been downloaded, they can be verified by using the docker images subcommand, as shown here:

$ sudo docker images

(7) Running the first Docker container

$ sudo docker run busybox echo “Hello World!”

“Hello World!”

 

In the preceding example, the docker run subcommand has been used for creating a container and for printing Hello World! by using the echo command.

(8) Running a Docker container on Amazon Web Services

Ellipsis.(省略). I don’t have Amazon’s account. /(ㄒoㄒ)/~~

(9)     Troubleshooting

Most of the time, you will not encounter any issues when installing Docker. However, unplanned failures might occur. Therefore, it is necessary to discussing the troubleshooting techniques and tips. The first tip is that the running status of Docker should be checked by using the following command:

$ sudo service docker status

 

If the docker service is running, then this command will print the status as start/running along with its process ID. If you are still experiencing issues with the Docker setup, then you could open the Docker log by using the /var/log/upstart/docker.log file for further investigation.

Summary

Containerization is going to be a dominant and decisive paradigm for enterprise as well as cloud IT environment in the future because of its hitherto unforeseen automation and acceleration capabilities. There are several mechanisms in place for taking the containerization movement to greater heights. However, Docker has zoomed ahead of everyone in this hot race, and it has successfully decimated the previously-elucidated barriers.

感谢《Learning Docker》，转载请注明出处，O(∩_∩)O谢谢