Docker Overview

  Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.

  Docker是一个用于开发、发布和运行应用程序的开放平台。Docker能够将你的应用程序从你的基础设施中分离出来,这样你就可以快速交付软件。使用Docker,您可以以管理应用程序的方式管理基础设施。通过利用Docker的快速交付、测试和部署代码的方法,您可以显著减少编写代码和在生产环境中运行代码之间的延迟。

 

The Docker platform

  Docker provides the ability to package and run an application in a loosely isolated environment called a container. The isolation and security allow you to run many containers simultaneously on a given host. Containers are lightweight and contain everything needed to run the application, so you do not need to rely on what is currently installed on the host. You can easily share containers while you work, and be sure that everyone you share with gets the same container that works in the same way.

  Docker provides tooling and a platform to manage the lifecycle of your containers:

  • Develop your application and its supporting components using containers.
  • The container becomes the unit for distributing and testing your application.
  • When you’re ready, deploy your application into your production environment, as a container or an orchestrated service. This works the same whether your production environment is a local data center, a cloud provider, or a hybrid of the two.

 

 

  Docker能够在一个称为容器的松散隔离环境中打包和运行应用程序。隔离性和安全性允许您在给定的主机上同时运行许多容器。容器是轻量级的,包含运行应用程序所需的所有内容,因此不需要依赖主机上当前安装的内容。您可以在工作中轻松地共享容器,并确保与您共享的每个人都获得以相同方式工作的相同容器。

  Docker提供了工具和平台来管理你的容器的生命周期:

    使用容器开发你的应用程序及其所支持的组件。

    容器是分发和测试应用程序的最小单元。

    准备好后,将应用程序部署到生产环境中,作为容器或编排的服务。无论您的生产环境是本地数据中心、云提供商还是两者的混合,它都以相同方式工作

 

 

What can I use Docker for?

 

  Fast, consistent delivery of your applications


  
Docker streamlines the development lifecycle by allowing developers to work in standardized environments using local containers which provide
your applications and services. Containers are great for continuous integration and continuous delivery (CI/CD) workflows.


  Consider the following example scenario:

  • Your developers write code locally and share their work with their colleagues using Docker containers.
  • They use Docker to push their applications into a test environment and execute automated and manual tests.
  • When developers find bugs, they can fix them in the development environment and redeploy them to the test environment for testing and validation.
  • When testing is complete, getting the fix to the customer is as simple as pushing the
    updated image to the production environment.

  

  快速、一致地交付应用程序

 

  Docker简化了开发生命周期,允许开发人员使用提供应用程序和服务的本地容器在标准化环境中工作。容器非常适合持续集成和持续交付(CI/CD)工作流。

 

  考虑以下示例场景:

 

  • 开发人员在本地编写代码,并使用Docker容器与同事分享他们的工作。
  • 他们使用Docker将他们的应用程序推送到测试环境,并执行自动和手动测试。
  • 当开发人员发现bug时,他们可以在开发环境中修复bug,并将其重新部署到测试环境中进行测试和验证。
  • 当测试完成后,向客户提供修复就像将更新后的映像推送到生产环境一样简单。

 

 

  Responsive deployment and scaling

 

  Docker’s container-based platform allows for highly portable workloads. Docker containers can run on a developer’s local laptop, on physical or virtual machines in a data center, on cloud providers, or in a mixture of environments.

   Docker’s portability and lightweight nature also make it easy to dynamically manage workloads, scaling up or tearing down applications and services as business needs dictate, in near real time.

 

 

  响应迅速的部署和扩展

 

  Docker基于容器的平台允许高度可移植的工作负载。Docker容器可以运行在开发人员的本地笔记本电脑上、数据中心的物理机或虚拟机上、云提供商上或混合环境中。

  Docker的可移植性和轻量级特性也使得动态管理工作负载变得非常容易,可以根据业务需求,几乎实时地扩展或缩减应用程序和服务。

 

 

  Running more workloads on the same hardware


  Docker is lightweight and fast. It provides a viable, cost-effective alternative to hypervisor-based virtual machines, so you can use more of your compute capacity to achieve your business goals. Docker is perfect for high density environments and for small and medium deployments where you need to do more with fewer resources.

 

  在相同硬件上运行更多工作负载

 

  Docker轻巧快速。它为基于系统管理程序的虚拟机(传统的虚拟机)提供了一个可行、经济高效的替代方案,因此您可以使用更多的计算容量来实现业务目标。Docker非常适合高密度环境以及需要用更少资源做更多事情的中小型部署环境中。

 

 

  Docker architecture

 

  Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing your Docker containers. The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface. Another Docker client is Docker Compose, that lets you work with applications consisting of a set of containers.

Docker Overview

 

 

  Docker架构

  Docker使用客户机-服务器架构。Docker客户端与Docker守护进程通信,Docker守护进程负责构建、运行和分发Docker容器。Docker客户端和守护程序可以在同一系统上运行,也可以将Docker客户端连接到远程Docker守护程序。Docker客户端和守护进程通过UNIX套接字或网络接口使用REST API进行通信。另一个Docker客户端是Docker Compose,它允许您处理由一组容器组成的应用程序。

 

 

  The Docker daemon

  The Docker daemon (dockerd) listens for Docker API requests and manages Docker objects such as images, containers, networks, and volumes. A daemon can also communicate with other daemons to manage Docker services.

  Docker守护程序(dockerd)侦听Docker API请求,并管理Docker对象,如镜像、容器、网络和卷。守护进程还可以与其他守护进程通信来管理Docker服务。

 

  The Docker client

  The Docker client (docker) is the primary way that many Docker users interact with Docker. When you use commands such as docker run, the client sends these commands to dockerd, which carries them out. The docker command uses the Docker API. The Docker client can communicate with more than one daemon.

  Docker 客户端 (docker) 是 Docker 用户与 Docker 交互的主要方式。 当您使用诸如 docker run 之类的命令时,客户端会将这些命令发送到 Docker守护程序,后者会执行这些命令。 docker 命令使用 Docker API。 Docker 客户端可以与多个守护进程通信。

 

  Docker registries

  A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker is configured to look for images on Docker Hub by default. You can even run your own private registry.

  When you use the docker pull or docker run commands, the required images are pulled from your configured registry. When you use the docker push command, your image is pushed to your configured registry.

 

  Docker仓库存储Docker镜像。Docker Hub是一个公开的仓库,任何人都可以使用,Docker的默认配置是在Docker Hub上查找镜像。您甚至可以运行自己的私有仓库。

  当使用docker pull或docker run命令时,将从您之前配置的仓库中拉取您所需要的镜像。当你使用docker push命令,将镜像推送到之前配置的仓库中。

 

  

  Docker objects

  When you use Docker, you are creating and using images, containers, networks, volumes, plugins, and other objects. This section is a brief overview of some of those objects.

  使用Docker时,您就要创建和使用镜像、容器、网络、卷、插件和其他对象。本节简要概述了其中一些对象。

  

  Images

  An image is a read-only template with instructions for creating a Docker container. Often, an image is based on another image, with some additional customization. For example, you may build an image which is based on the ubuntu image, but installs the Apache web server and your application, as well as the configuration details needed to make your application run.
  You might create your own images or you might only use those created by others and published in a registry. To build your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the image and run it. Each instruction in a Dockerfile creates a layer in the image. When you change the Dockerfile and rebuild the image, only those layers which have changed are rebuilt. This is part of what makes images so lightweight, small, and fast, when compared to other
virtualization technologies.

 

  镜像是一个只读模板,带有创建Docker容器的指令。通常,一个镜像基于另一个镜像,加上一些额外的定制。例如,您可以构建一个基于ubuntu的映像,但是在此镜像中却安装Apache web服务器和您的应用程序,以及运行应用程序所需的配置细节。

  您可以创建自己的镜像,也可以只使用其他人创建并在仓库中发布的镜像。要构建您自己的映像,您可以创建一个Dockerfile,它使用简单的语法来定义创建和运行映像所需的步骤。Dockerfile中的每个指令都会在镜像中创建一层。当您更改Dockerfile并重建镜像时,只会重建那些已经更改的层。与其他虚拟化技术相比,这就是镜像如此轻便、小巧和快速的一部分原因。

 

  

  Containers

  A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state.

  By default, a container is relatively well isolated from other containers and its host machine. You can control how isolated a container’s network, storage, or other underlying subsystems are from other containers or from the host machine.

  A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that are not stored in persistent storage disappear.

 

  容器是镜像的可运行实例。您可以使用Docker API或CLI创建、启动、停止、移动或删除容器。您可以将容器连接到一个或多个网络,为其附加存储,甚至可以基于它当前状态创建新的镜像。

  默认情况下,一个容器可以较好地与其他容器及其主机进行隔离。您可以控制容器的网络、存储或其他底层子系统与其他容器或主机的隔离程度。

  容器由它的镜像以及您在创建或启动它时提供给它的配置参数定义。当移除容器时,没有被持久化存储的容器状态,对其所做的任何更改都会消失。

 

  Example docker run command

  The following command runs an ubuntu container, attaches interactively to your local command-line session, and runs /bin/bash.

  $ docker run -i -t ubuntu /bin/bash


  When you run this command, the following happens (assuming you are using the default registry configuration):
    1. If you do not have the ubuntu image locally, Docker pulls it from your configured registry, as though you had run docker pull ubuntu manually.
    2. Docker creates a new container, as though you had run a docker container create command manually.
    3. Docker allocates a read-write filesystem to the container, as its final layer. This allows a running container to create or modify files and directories in its local filesystem.
    4. Docker creates a network interface to connect the container to the default network, since you did not specify any networking options. This includes assigning an IP address      to the container. By default, containers can connect to external networks using the host machine’s network connection.
    5. Docker starts the container and executes /bin/bash. Because the container is running interactively and attached to your terminal (due to the -i and -t flags), you can provide      input using your keyboard while the output is logged to your terminal.
    6. When you type exit to terminate the /bin/bash command, the container stops but is not removed. You can start it again or remove it.

 

  以下命令运行一个ubuntu容器,以交互方式连接到本地命令行会话,并运行/bin/bash。

  运行此命令时,会发生以下情况(假设您使用的是默认仓库配置):

    1. 如果本地没有ubuntu映像,Docker会从您配置的仓库中拉取它,就像您已经手动运行了docker pull ubuntu一样。

    2. Docker创建一个新的容器,就像您手动运行docker容器创建命令一样。

    3. Docker将读写文件系统分配给容器,作为它的最后一层。这允许正在运行的容器在其本地文件系统中创建或修改文件和目录。

    4. Docker会创建一个网络接口,将容器连接到默认网络,因为您没有指定任何网络参数。其中包括为容器分配一个IP地址。默认情况下,容器可以使用主机的网络连接连接到外部网络。

    5. Docker启动容器并执行/bin/bash。由于容器以交互方式运行并已经连接到您的终端(由于-i和-t参数),您可以使用键盘提供输入,同时将输出返回到您的终端。

    6. 当您键入exit 终止 /bin/bash 命令时,容器会停止,但不会被移除。您可以重新启动或删除它。

  

  The underlying technology

  

  Docker is written in the Go programming language and takes advantage of several features of the Linux kernel to deliver its functionality. Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container.

  These namespaces provide a layer of isolation. Each aspect of a container runs in a separate namespace and its access is limited to that namespace.

 

  底层技术

  Docker是用Go编程语言编写的,它利用了Linux内核的几个特性来提供它的功能。Docker使用一种称为命名空间的技术来提供称为容器的独立工作空间。运行容器时,Docker会为该容器创建一组命名空间。

  这些命名空间提供了一层隔离。容器的每个方面都在一个单独的命名空间中运行,它的访问仅限于该命名空间。

 

 

Docker Overview

上一篇:面向对象高级编程


下一篇:JVM垃圾回收机制