Video Address

What is docker?

Docker is an [open source] ( application container engine that allows developers to package their applications and dependencies Packaged into a portable container and then published to any popular [Linux] ( machine, you can also implement [virtualization] (https://baike. The container is completely using [sandbox] ( mechanism, there will be no interface between each other.

docker installation

## The following is only for the docker installation instructions under centos7. For other operating systems, please refer to the docker official website:
##Download and install docker
Curl -sSL | sh
##Set the docker image pull accelerator (domestic users)
Curl -sSL | sh -s
#说明 This address is replaced by your application for daocloud

## Start the docker service and set the boot
Systemctl enable docker.service && service docker start

Basic use

  1. View the docker version using the docker version command
[root@localhost ~]# docker version
 Version: 17.09.0-ce
 API version: 1.32
 Go version: go1.8.3
 Git commit: afdb6d4
 Built: Tue Sep 26 22:41:23 2017
 OS/Arch: linux/amd64

 Version: 17.09.0-ce
 API version: 1.32 (minimum version 1.12)
 Go version: go1.8.3
 Git commit: afdb6d4
 Built: Tue Sep 26 22:42:49 2017
 OS/Arch: linux/amd64
 Experimental: false
  1. Simply pull and run the nginx image to get a taste of docker’s charm:
# 1. Pull the nginx image
[root@localhost ~]# docker pull nginx
Using default tag: latest
Latest: Pulling from library/nginx
E7bb522d92ff: Pull complete
6edc05228666: Pull complete
Cd866a17e81f: Pull complete
Digest: sha256:285b49d42c703fdf257d1e2422765c4ba9d3e37768d6ea83d7fe2043dad6e63d
Status: Downloaded newer image for nginx:latest

# 2. Run the nginx image
[root@localhost ~]# docker run -d --name mynginx -p 8080:80 nginx

# 3. Access the nginx server
[root@localhost ~]# curl localhost:8080

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and Working. Further configuration is required.

For online documentation and support please refer to
Commercial support is available at

Thank you for using nginx.

basic concept

First of all, congratulations on the successful operation of the docker container! Before really getting into docker, let’s take a look at some of the concepts of docker:


We all know that the operating system is divided into kernel and user space. For Linux, after the kernel is booted, the root filesystem is mounted to provide user space support. The Docker image is equivalent to a root filesystem. For example, the official image ubuntu:16.04 contains a complete set of Ubuntu 16.04 minimal system root file system.

Docker image is a special file system, in addition to providing the program, library, resource, configuration and other files required by the container to run, it also contains some configuration parameters (such as anonymous volume, environment variables, users, etc.) prepared for the runtime. ). The image does not contain any dynamic data and its content will not be changed after it is built.


The relationship between the image (Image) and the container (Container) is like the class and instance in object-oriented programming. The mirror is a static definition, and the container is the entity of the mirror runtime. Containers can be created, started, stopped, deleted, paused, and more.

The essence of a container is a process, but unlike a process that is executed directly by the host, the container process runs on its own separate [namespace] ( So the container can have its own root filesystem, its own network configuration, its own process space, and even its own user ID space. The processes inside the container are run in an isolated environment and are used as if they were operating under a host-independent system. This feature makes container-packaged applications more secure than running directly on the host. Because of this isolation, many people often confuse containers and virtual machines when they first learn Docker.

As mentioned earlier, mirroring uses tiered storage, as is the container. Each container runtime is a mirror-based layer on which to create a storage layer of the current container. We can call this storage layer for the container runtime read and write as the container storage layer**.

The container storage layer has the same life cycle as the container. When the container dies, the container storage layer also dies. Therefore, any information stored in the container’s storage tier will be lost as the container is deleted.

As required by Docker best practices, containers should not write any data to their storage tier, and the container storage tier should remain stateless. All file write operations should use [Volume] (, or bind the host directory to read at these locations. Writes skip the container storage layer and read and write directly to the host (or network storage), which is more performance and stability.

The life cycle of a data volume is independent of the container, the container dies, and the data volume does not die. Therefore, after the data volume is used, the data is not lost after the container is deleted or re-run.


Once the image is built, it can be easily run on the current host. However, if you need to use this image on other servers, we need a centralized storage and distribution service, [Docker Registry] (https:// is such a service.

A Docker Registry can contain multiple repositories (Repository); each repository can contain multiple tags (Tag); each tag corresponds to a mirror.

Typically, a repository will contain images of different versions of the same software, and tags are often used for each version of the software. We can specify which version of the software is mirrored by the format of :. If no label is given, latest will be used as the default label.

Take [Ubuntu Mirror] ( as an example. ubuntu is the name of the repository, which contains different version tags, such as 14.04, 16.04. We can specify which version of the image is required by ubuntu:14.04 or ubuntu:16.04. If the tag is omitted, such as ubuntu, it will be treated as ubuntu:latest.

Warehouse names often come in the form of a two-part path, such as jwilder/nginx-proxy, which often means the username in the Docker Registry multi-user environment, which is often the corresponding software name. But this is not absolute, depending on the software or service of the specific Docker Registry you are using.

Related ppt

GDE Error: Error retrieving file - if necessary turn off error checking (404:Not Found)
Last modified: 2019年3月29日



😎 小伙子写的不错



😮 💡 😡

Leave a Reply to zhouzhipeng Cancel reply

Your email address will not be published.