docker官方一个很好的入门教程Overview of the get started guide | Docker Docs

Overview

A container is a sandboxed process running on a host machine that is isolated from all other processes running on that host machine. That isolation leverages kernel namespaces and cgroups.

如果对OS熟悉的话,可以类比成一个从镜像文件构建的文件系统(多了隔离性)

Core

核心只有 containerimage

简单来说,容器是镜像的一个实例,修改容器再把内容全部写入镜像,就像一个U盘,不管放到哪台电脑一插即用

就ubuntu镜像来说,可以理解为把其iso文件pull下来运行,你可以在ubuntu容器里各种操作,退出时把数据写入iso文件(对于应用源文件来说)

所谓的用户数据容器是只在临时空间存储的,如果直接放入image中会产生严重的安全问题(普通数据通过挂载等方式,仅在本地使用)

Important Conception

fundamental

container & image & docker workflow

Dockerfile:构建镜像的文本文件,container --> image

storage?

一般情况下,容器只操作一个临时空间,数据无法持久化存储

一个基本解决方式,利用宿主机的磁盘,将数据文件挂载上去,下一次容器实例化时就可以从之前的位置继续操作

docker volume create <datasetfile>

docker run -dp <HOST:CONTAINER> --mount type=volume,src=<datasetfile>,target=<path/to/file> <image-name>

you can learn how to bind mount:使用绑定挂载 |Docker 文档,more flexble.

Multi-Container

通过构建容器网络使容器间可以进行交互

Commands

common

docker ps:show containers in use

docker image ls:list your images

docker stop <the-container-id>:stop container

docker rm <the-container-id>:remove container

docker build -t getting-started ./:create image by using Dockerfile,-t is tag your image name ,./is the path of Dockerfile

docker run -dp <HOST:CONTAINER> <image-name>:run your container from image

share

docker login:sign in

docker tag <LOCAL-IMAGE-NAME> <YOUR-USER-NAME/YOUR-IMAGE-NAME>:rename image

docker push YOUR-USER-NAME/YOUR-IMAGE-NAME:tagname:push to your repositories