Docker Foundation


Three core of docker

  • Image

Docker image is equivalent to a root file system.
Like the official image ubuntu:1 6.04 It contains a complete set of root file system of the smallest system of Ubuntu 16.04.

  • Container

The relationship between image and container is just like the class and object in object-oriented programming,
Image is a static definition, and container is the entity of image runtime. Containers can be created, started, stopped, deleted, suspended, etc.

The warehouse can be regarded as a code control center to store the image.

Docker service related commands (CentOS as an example)

  • Start docker service
systemctl start docker
  • Stop docker service
systemctl stop docker
  • Restart docker service
systemctl restart docker
  • View docker service status
systemctl status docker
  • Set the power on to start the docker service
systemctl enable docker

Common commands of docker image

  • search
Docker search keyword
  • download
Docker pull image name [: tag]
  • View local image
docker images [OPTIONS] [REPSSITORY[:TAG]]

Parameter Description:
    --All, - a false list all images (including intermediate image layer)
    --Digests false displays the summary information
    --Filter, - f displays the image that meets the condition
    --Format displays images through go language template files
    --No TRUNC false does not truncate the output and displays the complete image information
    -Quiet, - Q false displays only the image ID
  • Delete local mirror
docker rmi [OPTIONS] IMAGE [IMAGE...]

Parameter Description:
    --Force, - f false force delete
    --Do you want to remove the process image of this image

Delete all mirrors
    docker rmi -f $(docker images)
  • Save image
docker save [OPTIONS] IMAGE [IMAGE...]

Parameter Description:
    --Output, - O writes to a file instead of stdout
  • Load image
docker load [OPTIONS]

Parameter Description:
    --Input, - I is loaded from a file instead of stdin
    --Quiet, - Q false silent load

Docker container related commands

  • View containers
Docker PS # view running containers
Docker PS - a # view all containers
  • Create and start the container
Docker run parameter

Parameter Description:
-i: Keep the container running. Usually used with - T. After adding the IT parameters, the container will automatically enter the container after it is created, and it will automatically close after it is exited.

-t: Reallocate pseudo input terminals to the container, usually used with - I.

-d: Run the container in guard (background) mode. To create a container to run in the background, you need to use docker exec to enter the container. After exiting, the container does not close.

-The container created by it is generally called interactive container, and the container created by - ID is generally called Guardian container
--Name: name the container you created.

-P port mapping eg: - P 3307:3306 indicates that the host 3307 port corresponds to the container 3306 port
  • Enter the container
The docker exec parameter # exits the container, and the container will not close
  • Stop container
Docker stop container name
  • Start container
Docker start container name
  • Delete container: if the container is running, the deletion fails. You need to stop the container to delete it
Docker RM container name
  • View container information
Docker inspect container name

Data volume of docker container

Data volume concept


  1. After the docker container is deleted, the data generated in the container will be destroyed
  2. Can docker container and external machine exchange files directly?
  3. Do you want data interaction between containers?

Data volume

  • A data volume is a directory or file in the host
  • When the container directory and data volume directory are bound, the other party’s modification will be synchronized immediately
  • A data volume can be mounted by multiple containers at the same time
  • A container can also mount multiple data volumes

Docker Foundation

Data volume function

  • Container data persistence
  • Indirect communication between external machine and container
  • Data exchange between containers

Configure data volumes

  • When creating a boot container, use the – V parameter to set the data volume
Docker run... - V Host Directory (file): in container directory (file)
  • matters needing attention:
  1. Directory must be an absolute path
  2. If the directory does not exist, it is created automatically
  3. Multiple data volumes can be mounted

Docker Foundation

Data volume container

Data volume container is a normal container, which is specially used to provide data volume for other containers to mount.

Configure the data volume container

1. For example, create startup C3Data volume container, use the – V parameter to set the data volume

docker run -it --name=c3 -v /volume centos:7 /bin/bash

2. Create the C1 C2 container and use the — volumes from parameter to set the data volume

docker run it - name= =c1 --volumes-from c3 centos:7 /bin/bash
docker run it - name= =c2 --volumes-from c3 centos:7 /bin/bash

Summary of data volume

  1. Data volume concept

A directory or file of the host

  1. Data volume function

    • Container data persistence
    • Data exchange between client and container
    • Data exchange between containers
  2. Data volume container

Create a container, mount a directory, and let other containers inherit from the container (- – volume from).
Data volume configuration in a simple way

Image making

How to make docker image?
1. Turning container into image

Docker commit container ID image name: version number
Docker save - O compressed file name image name: version number
Docker load - I compressed file name


keyword effect remarks
FROM Specifies the parent image Specifies which image the dockerfile is built on
MAINTAINER Author information Used to indicate who wrote this docker file
LABEL label The label used to mark dockerfile can be used instead of maintainer. Finally, it can be viewed in the basic information of docker image
RUN Execute the order Execute a command, default is / bin / sh, format: run command or run [“command”, “Param1”, “param2”]
CMD Container start life Provides the default command to start the container, which is used with entrypoint. The format is CMD command Param1 param2 or CMD [“command”, “Param1”, “param2”]
ENTRYPOINT entrance It is usually used in containers that are closed after execution
COPY Copy file When building, copy the file to the image
ADD Add file When building, add files to the image, not only limited to the current build context, but also from the remote service
ENV environment variable Specify the environment variable when building, which can be overridden by – e when starting the container, with the format env name = value
ARG Construction parameters Build parameters: parameters used only during build. If env exists, the value of Env with the same name always covers Arg parameters
VOLUME Define data volumes that can be mounted externally Specify the image directories of the build to be mounted to the file system when they can be started. When starting the container, use – V binding in the format of volume [“directory”]
EXPOSE Exposed port Define the port to listen to when the container is running, start the container, use – P to bind the exposed port, format: expose 8080 or expose 8080 / UDP
WORKDIR working directory Specify the internal working directory of the container. If it is not created, it will be created automatically. If the absolute address is specified / used, if it is not at the beginning of /, it is the relative path of the previous workdir path
USER Specify the executing user Specify the user when the user is running run CMD enterprise during build or startup
HEALTHCHECK health examination It is basically useless to specify the command to monitor the health monitoring of the current container, because many times, the application has its own health monitoring mechanism
ONBUILD trigger When the image with the onbuild keyword is used as the basic image, the onbuild command will be executed after the execution of from, but the current image will not be affected, and it is not very useful
STOPSIGNAL Send semaphore to host The stop signal instruction sets the system call signal that will be sent to the container to exit.
SHELL Specifies the shell to execute the script Specifies the shell to use when run CMD entrypoint executes the command

Docker private warehouse

Construction of private warehouse

  • 1. Pull private warehouse image
docker pull registry
  • 2. Start private warehouse container
docker run -id --name=registry -p 5000:5000 registry
  • 3. Open the browser and enter the address http: / / private warehouse server IP: 5000 / V2/_ Catalog, see{"repositories":[]}Indicates that the private warehouse has been built successfully
  • 4. Modification daemon.json
vim /etc/docker/daemon.json

Add a key to the above file, save and exit. This step is used to let docker trust the private warehouse address; pay attention to modify the private warehouse server IP to its own private warehouse server real IP

{"insure registers": ["private warehouse server IP: 5000"]}
  • 5. Restart docker service
systemctl restart docker
docker start registry

Comparison between docker container virtualization and traditional virtual machine


  • Containers and virtual machines have similar advantages in resource isolation and allocation


  • Container virtualization is operating system, virtual machine virtualization is hardware.
  • Traditional virtual machine can run different operating systems, container can only run the same type of operating system
characteristic container virtual machine
start-up Second level Minute level
Hard disk usage MB in general Generally GB
performance Close to the original weaker than
System support A single machine supports thousands of containers Usually dozens