转载自Wikipedia
Docker is a computer program that performs operating-system-level virtualization.[6] It was first released in 2013 and is developed by Docker, Inc.[7]
Docker is developed primarily for Linux, where it uses the resource isolation features of the Linux kernel such as cgroups and kernel namespaces, and a union-capable file system such as OverlayFS and others[28] to allow independent containers to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines (VMs).[29] The Linux kernel's support for namespaces mostly[30] isolates an application's view of the operating environment, including process trees, network, user IDs and mounted file systems, while the kernel's cgroups provide resource limiting for memory and CPU.[31] Since version 0.9, Docker includes the libcontainer library as its own way to directly use virtualization facilities provided by the Linux kernel, in addition to using abstracted virtualization interfaces via libvirt, LXC and systemd-nspawn.[13][32][27]
Building on top of facilities provided by the Linux kernel (primarily cgroups and namespaces), a Docker container, unlike a virtual machine, does not require or include a separate operating system.[33] Instead, it relies on the kernel's functionality and uses resource isolation for CPU and memory,[31] and separate namespaces to isolate the application's view of the operating system. Docker accesses the Linux kernel's virtualization features either directly using the libcontainer library, which is available as of Docker 0.9, or indirectly via libvirt, LXC (Linux Containers) or systemd-nspawn.[27][14]
Components[edit]
The Docker software is a service consisting of three components:
- Software: The Docker daemon, called
dockerd
, is a persistent process that manages Docker containers and handles container objects. The daemon listens for requests sent via the Docker Engine API.[34][35] The Docker client program, calleddocker
, provides a command-line interface that allows users to interact with Docker daemons.[36][34] - Objects: Docker objects are various entities used to assemble an application in Docker. The main classes of Docker objects are images, containers, and services.[34]
- A Docker container is a standardized, encapsulated environment that runs applications.[37] A container is managed using the Docker API or CLI.[34]
- A Docker image is a read-only template used to build containers. Images are used to store and ship applications.[34]
- A Docker service allows containers to be scaled across multiple Docker daemons. The result is known as a swarm, a set of cooperating daemons that communicate through the Docker API.[34]
- Registries: A Docker registry is a repository for Docker images. Docker clients connect to registries to download ("pull") images for use or upload ("push") images that they have built. Registries can be public or private. Two main public registries are Docker Hub and Docker Cloud. Docker Hub is the default registry where Docker looks for images.[38][34] Docker registries also allow the creation of notifications based on events.[39]
Tools[edit]
- Docker Compose is a tool for defining and running multi-container Docker applications.[40] It uses YAML files to configure the application's services and performs the creation and start-up process of all the containers with a single command. The
docker-compose
CLI utility allows users to run commands on multiple containers at once, for example, building images, scaling containers, running containers that were stopped, and more.[41] Commands related to image manipulation, or user-interactive options, are not relevant in Docker Compose because they address one container.[42] The docker-compose.yml file is used to define an application's services and includes various configuration options. For example, thebuild
option defines configuration options such as the Dockerfile path, thecommand
option allows one to override default Docker commands, and more.[43] The first public version of Docker Compose (version 0.0.1) was released on December 21, 2013.[44]The first production-ready version (1.0) was made available on October 16, 2014.[45] - Docker Swarm provides native clustering functionality for Docker containers, which turns a group of Docker engines into a single virtual Docker engine.[46] In Docker 1.12 and higher, Swarm mode is integrated with Docker Engine.[47] The
swarm
CLI utility allows users to run Swarm containers, create discovery tokens, list nodes in the cluster, and more.[48] Thedocker node
CLI utility allows users to run various commands to manage nodes in a swarm, for example, listing the nodes in a swarm, updating nodes, and removing nodes from the swarm.[49] Docker manages swarms using the Raft Consensus Algorithm. According to Raft, for an update to be performed, the majority of Swarm nodes need to agree on the update.[50][51]