Container Technology Fundamentals (2)

Introduction: Quickly learn the basics of container technology. The course will start with the basics of container technology. It will explain how container technology is implemented based on technologies such as Namespace and Cgroups in the Linux kernel, and the development background and basic knowledge of Docker containers. The relationship between , CRI and Kubernetes has generated new awareness.
The developer school course [ Second lesson of Quick Start of Modern Application Container Technology : Container Technology Fundamentals (2)] study notes, which are closely related to the course, allowing users to quickly learn knowledge.
Course address: https://developer.aliyun.com/learning/course/830/detail/13951

Container Technology Fundamentals (2)


Contents of this section
1. Dockor system components
2. Docker image
3. Docker containers
4. Docker Registry
5. State data storage for Docker containers
6. Storage volumes
7. Connect the container to the network
8. Docker Networking


1.Dockor system components
• The Docker system has three key components.
– pocker cLl
– Docker Daemon
– Registry
• Docker Daemon
– REST API
– Objects
• lmage
• Container
• Volume
• Network



2. Docker image
• When running the container, the content in the isolated filesystem based on the Mount namespace comes from the image
– A Docker image is a special filesystem that must contain everything needed to run the application - all dependencies, configurations, scripts, binaries, etc.
– The image also contains other configuration for the container, such as environment variables, default commands to run, and other metadata
– Usually, the image also defines the application that starts by default
• Docker images are superimposed by many layers
– Depends on special storage drivers, such as aufs , devicemapper.overlay2, etc.
– Although each storage driver implements management differently, they all use stackable mirror layers and a copy-on-write ( CoW ) strategy


3. Docker containers
• The host running the Docker Daemon manages the lifecycle of the local container instance
– Docker Daemon receives management requests of Docker objects through the Socket API it listens to, including various management operations in the life cycle of the container
– Container instances are created based on locally stored Docker images
– After the instance is started, run the default application defined in the image, or the application specified by the user in the foreground (foreground, cannot be converted to daemon mode)
• When creating a container, when an image that does not exist locally is specified, Docker Daemon needs to automatically download it to the Registry
– The default registry used by Docker Daemon is DockerHub


4. Docker Registry
• The Registry is a stateless, highly scalable server side application that stores and lets you
distribute Docker images.


• Images on the Registry are stored in a "Repository", which can belong to the root namespace or to a specific namespace
– Each image is identified by "repository name:tagname"
– It can also be identified by the Hash code of the image


5. Docker container state data storage
• For a container instance, the underlying Docker image is in a read-only state, and the read and write operations of the process can only be performed in the writable layer superimposed on the top layer of the image stack generated when the container is created, which is also called the container layer
• Based on the same image, Docker can create containers with exactly the same running environment. The results of adding new data or modifying existing data in the container are stored in the writable layer attached to the top of the image stack by the container
• Deleting a container will also delete its writable layer, which will cause all state data generated by the container to be lost


6. Storage volumes
• Storage volumes
– Supports the use of volume technology to bypass the storage driver and store data in the storage space accessible to the host to achieve data persistence across the container life cycle
– Also supports the use of volume drivers (storage volume plugins on Docker Engine) to store data directly on remote storage devices for data persistence across host lifetimes


7. Connect the container to the network
• Connecting a container to the network usually takes the following steps
1. Good corresponding container network, usually virtual network;
– Stand-alone bridged network
– Overlay or Underlay network across hosts 2. Configure an exclusive Network namespace for each container;
3. Add a dedicated interface device for the container and connect it to the container network;
4. Assign the corresponding container to the container IP addresses and other network attribute values, and generate NAT rules on demand;


8. Docker Networking
• Docker supports 4 network modes by default
– host mode
– container mode
– none mode
– bridge mode



Copyright statement: The content of this article is contributed by Alibaba Cloud's real-name registered users. The copyright belongs to the original author. The Alibaba Cloud developer community does not own the copyright and does not assume the corresponding legal responsibility. For specific rules, please refer to the " Alibaba Cloud Developer Community User Service Agreement " and " Alibaba Cloud Developer Community Intellectual Property Protection Guidelines ". If you find any content suspected of plagiarism in this community, fill out the infringement complaint form to report it. Once verified, this community will delete the allegedly infringing content immediately.

Related Articles

Explore More Special Offers

  1. Short Message Service(SMS) & Mail Service

    50,000 email package starts as low as USD 1.99, 120 short messages start at only USD 1.00