The function of Docker is very similar to VM (virtual machine), but Docker is not a VM.
This is how Docker relates to the Linux core.

 

Docker workflow (Build, Ship & Run)
1. Build an image:	Use a plain text file called Dockerfile to specify what we want to be bundled into the image, such as: basic OS, library, application, etc. The built image is a read-only template, we can change the container, And generate a new image through the commit container.
2. Ship the image:	Through Docker Hub or your private repository, you can use docker to publish this application or development environment very easily, Basically, there are already a large number of official (official) pre-built images here, which can be used at any time.
3. Run a container:	To be able to run the container on a host, we need to install Docker, It can be deployed as a microservice (different containers run different services), My D-Laravel Project is a development environment for the Laravel platform, which uses the microservice architecture.

In the figure below, use Dockerfiler to create an image, usually grabbing a ready-made official image,
Use docker run to automatically grab the image and generate the container,
We can put more things into the container,
Then commit this container to become a new image, and then update push to DockerHub,
available for others to use.

The source of the slideshow above

Docker Engine uses the new features of Linux Kernel (core) Namespaces and Control groups ,
Used to isolate the workspace, we call it a container (Container), so there is no need to install an entire operating system like a VM.

Control groups are referred to as Cgroups here, and Cgroups allow you to run in the user-defined task group (execution sequence) of the system,
allocate resources (such as CPU time, system memory, network bandwidth, or a combination of these resources),
Namespaces : Used to isolate and virtualize a series of execution programs ( processes ).

Create a Container

Build a container with the docker run command
After we have installed Docker, we can execute the following commands (for example, in the Ubuntu Linux environment, sudo is required)

sudo docker run alpine echo Hello World

The Docker image built above using alpine linux is only 5mb in size.
If we have not installed this image, it will be installed automatically. If it is installed, Docker will execute it directly to create this container.
In the above example no tag is specified, the latest version (latest) will be used.
If we want to specify the version, we can add : 3.5, such as alpine: 3.5.

If you don’t want to type sudo every time, you can execute the following command to add your user to the docker group.

sudo usermod -aG docker ${USER}

For example, my host in AWS EC2, the default user is ubuntu, then is changed to ubuntu, after execution,
Log out and log in to the bash test, and you will find that you don't need to type sudo.

docker run hello-world

In the above test, use the image of hello-word to display the data.

The actual execution below does not require sudo, and it is also found in the picture below. When the hello-world image does not exist on our computer,
Docker will automatically download it for us.

Docker Client and Daemon.

1. Client/Server architecture.
2. Client obtains user input and sends it to Daemon.
3. Daemon builds, runs and distributes containers.
4. Client and Daemon can be executed on the same host or different hosts.
5. There are two types of client: command line client and GUI (Kitematic).

The following commands are used to check the versions of Client and Server:

docker version

Docker Containers and Images.

images
- is a read-only template used to create Containers.
- Created by yourself or by another Docker user.
-Stored in Dockerhub or your own local Registry locally.

Containers
-Isolated application platform
-Container is where all your applications are executed and installed
-Container is based on one or more image files (Images)

Registry and Repository

Taking Docker Hub as an example, there are many Repos in Reigistry, and there will be many images in Reigistry.

Think of Dockerhb as an App Store for Docker.

Benefits of Docker

Seperation of concerns.
- Developers can concentrate on their Apps (Developers focus on building their apps).
- System admins focus on deployment.

Fast development cycle
- If necessary, you can easily start a new container and run more applications on the host.

How to check which images are installed on the host

Installed images can be viewed using docker images images. When no tag is specified, the latest version will be used by default.

Create and execute Container(creating a container)

E.g:

docker run ubuntu:14.04 echo "Hello World"

Container with Terminal
- Use the -i and -t flags
-i means tell docker to connect to the STDIN of the container.
-t flag, will get a pseudo-terminal.

When the program (process) in the container is stopped, the container will be stopped at the same time.
For example: Enter bash and leave.

docker run -it centos

So the following command looks like this:

docker run centos echo "TEST"

After the process is executed, the container stops.
If you enter docker ps, you will not see the echo "TEST" above the contaienr process.

Container ID

Use the following command to see the containers and container id in execution

docker ps

List all containers, if used

docker ps -a

You can see all previously created and stopped containers.

Running in Detached Mode

Use -d to enter detached mode

docker run -d centos ping 127.0.0.1 -c 1000

we can fight
docker ps
Check, the status of this container will be executing.


Execute docker logs to see the result. If you add -f, it is equivalent to the tail -f command.

docker logs c0299f4dc228 -f

docker run -d -P nginx can perform port mapping
Then use docker ps view


As you can see above, 32856 of the local host (host) is established.

Commit container

First use docker ps -a to find out all containers

For example, in the image above I have two containers
Then use the docker commit command to create a new image, as follows
docker commit c0299f4dc228 my_new_image

remember? The image is read-only, and only the container can be written. It is very useful for debugging and testing.
Through commit, I want to keep the latest state in the image, so that when I run this image next time,
The resulting container will be the state of our last commit.

We can use docker images to see if there is this my_new_image.

Generally speaking, we should use Dockerfile to manage the changes of our image .

Build images with Dockerfile

You can git clone this repo to test.
https://github.com/DevinY/fpm
After entering the cloned fpm working directory,
cd 7.1/apache (enter the 7.1/apache folder)
In this folder, there will be a Dockerfile.
We can use the following command to build our own image. In the command below, there is a (dot) at the end. It means to view the Dockerfile in the current directory and use it to build the image.
docker build -t testimage:1.0 .

How to use the Dockerfile to rebuild the image, you can refer to the video link below:
How to rebuild new php-fpm image for D-Laravel to use.

Execute a stopped container

We can use docker start to execute the stopped container,
First, list all containers as follows:
1. docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8d2f21c4b5fc alpine "echo Hello World" 7 minutes ago Exited (0) 2 minutes ago nervous_mestorf

2. We can re-execute echo Hello World through CONTAINER ID or Name, and add -a because,
The standard output in the container should be forwarded so that the Hello World can be displayed on the screen.
docker start -a 8d2f21c4b5fc
hello world

(Digression: If you use docker-compose, the container will be created and executed when docker-compose up -d , and the container will be removed when docker-compose down )

Docker rm remove Container
Use the docker rm command to remove the container.
We can specify the Container id or name to delete the container.
1. docker ps -a (list all containers)
2. docker rm
The Container must be in the stopped state before it can be deleted. I cannot remove it if the STATUS is still Up.

How to get Terminal access.

The command is as follows:

docker exec -i -t [container ID] /bin/bash

For example, if I want to enter the web container of D-Laravel, I can use the following command (Container ID or name are OK)
docker exec -ti dlaravel_web_1 bash
Here dlaravel_web_1 is the name of the Container
 

login docker

If you have a registered dockerhub account, you can use
docker login

To push our image to dockerhub, we need to register an account on dockerhub first.

docker push deviny/centos:6.6
The push refers to a repository [docker.io/deviny/centos]

network
The local host will open 8080 on the left, and nginx is the container using port 80,
The meaning of the command below means that we can open the webpage service of nginx by opening the browser localhost:8080 .

docker run -d -p 8080:80 nginx

Mount a Volume

-Volumes are mounted when creating or executing a container.
-Can be mapped to a host directory
-The path of the volume must be an absolute path (Volume paths specified must be absolute)

Execute a new container and mount data/myvolume to the file system of the container (the folder we want to mount is the absolute path on the host)
docker run -d -P -v /myvolume nginx

Execute a new container and map (map) the /data/src folder from the host (host) to the /test/src folder in the container.
docker run -i -t -v /data/src:/test/src nginx

Creating a Link

( Officially listed as deprecated and will be removed in the future )

Warning : The --link flag is a deprecated legacy feature of Docker. It may eventually be removed.

Docker container networking

User-defined Network, Docker official document reference

Docker will be connected to the default bridge by default, and the containers can communicate with each other through IP.
If you want to make those container names (container name) can be resolved into IP,
We need to use user-defined networks (user-defined network)

User-defined networks Exercise:

Allow Containers to ping each other's Container Name under the same network
1. Create a user-defined network (here I name it dodoro_net )
docker network create --driver bridge dodoro_net

# list network commands
docker network ls

2. Let the two Containers be in the same user-defined network ( dodoro_net ), you can use the container name (container name) to ping each other
1. Create the container of the first database, and use --network, set the network to dodoro_net
docker run --network=dodoro_net --name db -e MYSQL_ROOT_PASSWORD=secret -d mysql:5.7.17

2. Create a second PHP-Apache contaner, also use the same dodoro_net network
docker run --network=dodoro_net -d --name website php:7.1.6-apache

3. Enter the website container, ping the container name of mysql, in step 1, I named the container of the database as db.
docker exec -ti website bash

4. Inside the website container.
ping db
 

As mentioned in the note above, using docker rm [container id或name] can be used to remove the stopped container ,
So how to remove the image ?
You can use rmi (it’s right to think of it as Remove Image , you must first remove the stopped related container before you can remove the image)
docker rmi [Image ID]  

re-establishment

I hope you can really understand the purpose of these commands:
docker run (create and execute container)
docker start (start one or more stopped containers)
docker exec (Execute a command in the container being started)

HELP

How to get help with commands? For example, if we want to know how to use docker start, we can execute the following command:
docker help start