Docker容器技术与实践

Docker容器技术与实践第一部分Docker介绍及原理什么是Docker?Docker是一个构建在LXC之上，基于进程容器的轻量级VM解决方案，实现了一种应用程序级别的资源隔离及配额。Docker起源于PaaS提供商dotCloud基于go语言开发，遵从Apache2.0开源协议。StaticwebsiteWebfrontendUserDBQueueAnalyticsDBBackgroundworkersAPIendpointnginx1.5+modsecurity+openssl+bootstrap2postgresql+pgv8+v8hadoop+hive+thrift+OpenJDKRuby+Rails+sass+UnicornRedis+redis-sentinelPython3.0+celery+pyredis+libcurl+ffmpeg+libopencv+nodejs+phantomjsPython2.7+Flask+pyredis+celery+psycopg+postgresql-clientDevelopmentVMQAserverPublicCloudDisasterrecoveryContributor’slaptopProductionServersTheChallengeMultiplicityofStacksMultiplicityofhardwareenvironmentsProductionClusterCustomerDataCenterDoservicesandappsinteractappropriately?CanImigratesmoothlyandquickly?TheMatrixFromHellStaticwebsiteWebfrontendBackgroundworkersUserDBAnalyticsDBQueueDevelopmentVMQAServerSingleProdServerOnsiteClusterPublicCloudContributor’slaptopCustomerServers??????????????????????????????????????????MultiplicityofGoodsMultipilicityofmethodsfortransporting/storingDoIworryabouthowgoodsinteract(e.g.coffeebeansnexttospices)CanItransportquicklyandsmoothly(e.g.fromboattotraintotruck)CargoTransportPre-1960Alsoamatrixfromhell??????????????????????????????????????????MultiplicityofGoodsMultiplicityofmethodsfortransporting/storingDoIworryabouthowgoodsinteract(e.g.coffeebeansnexttospices)CanItransportquicklyandsmoothly(e.g.fromboattotraintotruck)Solution:IntermodalShippingContainer…inbetween,canbeloadedandunloaded,stacked,transportedefficientlyoverlongdistances,andtransferredfromonemodeoftransporttoanotherAstandardcontainerthatisloadedwithvirtuallyanygoods,andstayssealeduntilitreachesfinaldelivery.StaticwebsiteWebfrontendUserDBQueueAnalyticsDBDevelopmentVMQAserverPublicCloudContributor’slaptopDockerisashippingcontainersystemforcodeMultiplicityofStacksMultiplicityofhardwareenvironmentsProductionClusterCustomerDataCenterDoservicesandappsinteractappropriately?CanImigratesmoothlyandquickly…thatcanbemanipulatedusingstandardoperationsandrunconsistentlyonvirtuallyanyhardwareplatformAnenginethatenablesanypayloadtobeencapsulatedasalightweight,portable,self-sufficientcontainer…DockereliminatesthematrixfromHellStaticwebsiteWebfrontendBackgroundworkersUserDBAnalyticsDBQueueDevelopmentVMQAServerSingleProdServerOnsiteClusterPublicCloudContributor’slaptopCustomerServersWhyDevelopersCareBuildonce…(finally)runanywhere*Aclean,safe,hygienicandportableruntimeenvironmentforyourapp.Noworriesaboutmissingdependencies,packagesandotherpainpointsduringsubsequentdeployments.Runeachappinitsownisolatedcontainer,soyoucanrunvariousversionsoflibrariesandotherdependenciesforeachappwithoutworryingAutomatetesting,integration,packaging…anythingyoucanscriptReduce/eliminateconcernsaboutcompatibilityondifferentplatforms,eitheryourownoryourcustomers.Cheap,zero-penaltycontainerstodeployservices?AVMwithouttheoverheadofaVM?Instantreplayandresetofimagesnapshots?That’sthepowerofDocker*Withthe0.7release,wesupportanyx86serverrunningamodernLinuxkernel(3.2+generally.2.6.32+forRHEL6.5+,Fedora,&related)WhyDevopsCares?Configureonce…runanythingMaketheentirelifecyclemoreefficient,consistent,andrepeatableIncreasethequalityofcodeproducedbydevelopers.Eliminateinconsistenciesbetweendevelopment,test,production,andcustomerenvironmentsSupportsegregationofdutiesSignificantlyimprovesthespeedandreliabilityofcontinuousdeploymentandcontinuousintegrationsystemsBecausethecontainersaresolightweight,addresssignificantperformance,costs,deployment,andportabilityissuesnormallyassociatedwithVMsWhyitworks—separationofconcernsDantheDeveloperWorriesaboutwhat’s“inside”thecontainerHiscodeHisLibrariesHisPackageManagerHisAppsHisDataAllLinuxserverslookthesameOscartheOpsGuyWorriesaboutwhat’s“outside”thecontainerLoggingRemoteaccessMonitoringNetworkconfigAllcontainersstart,stop,copy,attach,migrate,etc.thesameway认识DockerNamespaces(IBM)Cgroups(Google)LXCtoolsTheLinuxKernelGitSELinux(RedHat)SolarisZonesBSDJails+++Docker如何和Linux内核打交道?DockerVSVMDocker的原理LinuxKernelrootnamespaceXnamespaceinitpid=1bashpid=2Docker文件系统第二部分Docker基本操作Docker三大核心容器Container镜像images仓库RepositoriesdockerHub(publicregistry)Docker-registry(privateregistry)WhatarethebasicsoftheDockersystem?SourceCodeRepositoryDockerfileForADockerEngineDockerContainerImageRegistryBuildDockerHost2OS(Linux)ContainerAContainerBContainerCContainerAPushSearchPullRunHost1OS(Linux)Docker操作-仓库Docker操作-镜像Docker操作-容器Docker操作-DockerfileDockerfile介绍Docker操作-APIPydockerapi操作第三部分Docker实践案例待解决的问题1、如何实现自动发现？2、如何支持多台主宿机？3、容器服务的高可用如何保障？5、如何实现资源最大化利用？4、如何保证容器服务负载均衡？案例架构说明HTTPrequestEtcdmasterEtcdslaveServer_1Server_2DockerREST-APIHaproxy.cfg架构 流程 快递问题件怎么处理流程河南自建厂房流程下载关于规范招聘需求审批流程制作流程表下载邮件下载流程设计 Confdhaproxy.cfgDocker[Shell]DockerrunCurletcdsetEtcdConfd