About Docker:
Docker helps developers build, share, run, and verify applications anywhere — without tedious environment configuration or management.
Docker Desktop: The #1 Containerization Tool for Developers | Docker
Docker History
Docker != Containers
•1979 (!) chroot was introduced (Unix V7
•2000 FreeBSD jails
•2001 Linux Vserver
•2005 Open VZ
•2006 Process Containers
•2008 LXC
•2013 Docker
•ChatGPT into Docker history
Docker Images:
- Read only templates for creating containers
- Includes all necessary files for running an application
- Build time structures, as opposed to the run time structure of containers
Networking
“Network type" = Bridge
•The default network driver. If you don’t specify a driver, this is the type of network you are creating. Bridge networks are com monly used
when your application runs in a container that needs to communicate with other containers on the same host
• Outside communication:
• Containers can access outside resources
• Outside hosts cannot connect directly to a container
• Needs port forwarding
- Remove network isolation between the container and the Docker host, and use the host’s networking directly
- Less scalable
- Networking just like any app running directly but with other isolation types
- Overlay networks connect multiple Docker daemons together and enable Swarm services and containers to communicate across nodes. This strategy removes the need to do OS level routing
- The overlay extends across the Docker hosts… how do we talk to other machines?
“Network type Macvlan"
networks allow you to assign a MAC address to a container, making it appear as a physical device on your network. The Docker
daemon routes traffic to containers by their MAC addresses. Using the macvlan driver is sometimes the best choice when dealing with legacy
applications that expect to be directly connected to the physical network, rather than routed through the Docker host’s network stack
Working with networks
Expose <port> [/tcp | udp ]
dockerfile instruction
informs docker that container listens on specific port
Docker container run p <[ ext_port :] int_port
Maps an external port on the host IP address to an internal port on the container IP
Commands :
docker network ls
docker network inspect
docker network create [ d driver] name
certain network types require prerequisites (macvlan promiscuous mode, overlay swarm)
docker network rm
Persisting Data
- Keeps data that the container has modified
- Makes each container unique
- Sits on top of the union FS
- Linux: / var / docker
- Windows: C: ProgramData Docker windows filter
- Remember that union file systems use a copy on write mechanism
- Files are copied to this layer before being changed
- is tightly coupled to the container, and disappears when the container is deleted
- is tightly coupled to the host machine making it difficult to move the data somewhere else
- sits on a union FS, which is written to via a storage driver incurs a performance penalty
A volume can be mounted into multiple containers
What happens when the mount directory in the container already has data in it?
If the volume is not empty, its contents will obscure the existing data (similar to the Linux mount command). If the volume is empty, the data in the container is propagated (copied) into the volume
Niciun comentariu:
Trimiteți un comentariu