要了解一样东西,最简单的入门方法无非是去使用它,跟它交互,一步步填补概念和纠正已有认知。从今天开始踏上Docker之路!

安装

ubuntu 16.04上的安装还是比较方便的,根据官方文档,添加APT源,然后直接apt-get install docker-engine就ok了。具体命令如下:

$ sudo apt-get update
$ sudo apt-get install apt-transport-https ca-certificates
$ sudo apt-key adv \
               --keyserver hkp://ha.pool.sks-keyservers.net:80 \
               --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
$ echo "deb https://apt.dockerproject.org/repo ubuntu-xenial main" | sudo tee /etc/apt/sources.list.d/docker.list
$ sudo apt-get update
$ sudo apt-get install linux-image-extra-$(uname -r) linux-image-extra-virtual
$ sudo apt-get install docker-engine

小试

开启docker服务

docker daemon负责接收docker工具发过来的命令,然后做相应的操作,因此首先要开启它:

$ sudo service docker start

hello world

docker提供了一个最基本的hello world镜像,用来验证docker安装是否就绪。利用docker命令运行它:

$ sudo docker run hello-world

如果正常一切正常,应该有如下输出:

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker Hub account:
 https://hub.docker.com

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

可以看到,docker为了运行hello world例程,经过了一下几个步骤:

  1. Docker客户端(也就是Docker命令)连接Docker Daemon
  2. Docker Daemon从Docker Hub(也就是Docker应用仓库)中下载hello-world镜像
  3. Docker Daemon根据hello-world镜像建立一个Container实例,该实例会运行可执行文件并输出上述打印
  4. Docker Daemon把输出定向给Docker客户端,显示在终端

深入一点

hello-world生命周期很短,输出消息后就退出了,看不到太多东东。根据上面的提示,我们可以在容器里运行个ubuntu镜像玩玩:

 $ docker run -it ubuntu bash

其中-it是用来生成交互的伪终端与Container交互,ubuntu是镜像名。和hello-world例子不一样,这个例子多了参数bash,这是用来指明要在Docker中运行的进程,因此上面命令的意思是说,给我创建一个ubuntu容器,并运行bash shell。

如果不加结尾的bash,我们发现效果与bash相同,也就是说缺省情况下ubuntu镜像就会启动一个bash命令行.

把bash改成我们想要的命令,就可以在容器中运行它。换成ls试试:

 $ docker run -it ubuntu ls
bin   dev  home  lib64	mnt  proc  run	 srv  tmp  var
boot  etc  lib	 media	opt  root  sbin  sys  usr

还可以给命令加参数:

$ sudo docker run -it ubuntu ls -lrt
total 64
drwxr-xr-x   8 root root 4096 Sep 13  2015 lib
drwxr-xr-x   2 root root 4096 Apr 12  2016 home
drwxr-xr-x   2 root root 4096 Apr 12  2016 boot
drwxr-xr-x   2 root root 4096 Dec 13 20:23 srv
drwxr-xr-x   2 root root 4096 Dec 13 20:23 opt
drwxr-xr-x   2 root root 4096 Dec 13 20:23 mnt
drwxr-xr-x   2 root root 4096 Dec 13 20:23 media
drwxr-xr-x   2 root root 4096 Dec 13 20:24 lib64
drwx------   2 root root 4096 Dec 13 20:24 root
drwxr-xr-x   2 root root 4096 Dec 13 20:24 bin
drwxrwxrwt   2 root root 4096 Dec 13 20:24 tmp
drwxr-xr-x  11 root root 4096 Dec 15 17:45 usr
drwxr-xr-x   2 root root 4096 Dec 15 17:45 sbin
drwxr-xr-x  13 root root 4096 Dec 15 17:45 var
drwxr-xr-x   6 root root 4096 Dec 15 17:45 run
dr-xr-xr-x  13 root root    0 Dec 28 17:01 sys
drwxr-xr-x  45 root root 4096 Dec 28 17:35 etc
dr-xr-xr-x 221 root root    0 Dec 28 17:35 proc
drwxr-xr-x   5 root root  380 Dec 28 17:35 dev

docker的容器本质上是提供了一个与主机环境隔离的执行环境,普通Linux上的1号进程是特殊的init,而容器环境下的1号进程就是启动容器时指定的应用。譬如,用ps命令试试看:

$ sudo docker run ubuntu:latest ps
  PID TTY          TIME CMD
    1 ?        00:00:00 ps

可以看到,ps命令在容器里的PID就是1。 当然除了rootfs不同、进程PID编号不同,容器还在进程间通信、用户、文件系统挂载点、主机名称及物理资源(CPU、MEM、网络)等方面进行隔离和限制,后面逐步探索。