Docker是PaaS提供商dotCloud开源的一个基于LXC的高级容器引擎,源代码托管在Github上, 是一个基于go语言写的程序运行的容器(Linux containers,LXCs),遵从Apache2.0协议开源。Docker最初的想法是创建软件程序可移植的轻量容器,让其可以在任何安装了Docker的机器上运行,用户不用关心底层是操作系统。她的基础是Linux容器LXC等技术,Docker的目标是实现轻量级的操作系统虚拟化解决方案。Docker也能够解决虚拟机由于资源要求过高而无法解决的问题。用户不需要去关心容器的管理,操作Docker的容器就像操作一个快速轻量级的虚拟机一样简单,使得操作更为简便
目前云服务实现的是操作系统级别的隔离,在同一台物理服务器上虚拟出多个主机。Docker则实现了一种应用程序级别的隔离,可以在同一操作系统上部署更多的应用
Docker主要由两部分组成:Docker Engine和Docker Hub组成。
Docker Engine: 一个便携式、轻量级的运行环境,类似Hypervisor的功能,适用于系统管理员
Docker Hub: 用于分享、管理Docker容器的Docker SaaS平台,用来保存镜像,可以理解为代码控制中的代码仓库,适用于开发者
Docker使用客户端-服务器(C/S)架构模式。Docker客户端会与Docker守护进程进行通信。Docker守护进程会处理复杂繁重的任务,例如建立、运行、发布你的Docker容器。Docker客户端和守护进程可以运行在同一个系统上,当然你也可以使用Docker客户端去连接一个远程的Docker守护进程。Docker客户端和守护进程之间通过socket或者RESTful API 进行通信。
Docker与VM的区别
Docker的优点:
隔离应用依赖创建应用镜像并进行复制
创建容易分发的即启即用的应用
允许实例简单、快速地扩展
测试应用并随后销毁它们
Docker的缺点:
Docker只能虚拟基于Linux的服务,在超复杂的业务系统中,一个程序的崩溃/内存溢出/高CPU占用到底会不会影响到其他容器或者整个系统?能否在实际的多主机的生产环境中支持关键任务系统?
这个是大部分人关心的问题
Docker版本的变化
https://github.com/docker/docker/blob/master/CHANGELOG.md
一步步在Oracle Enterprise Linux 6.8上安装Docker
configure yum
[root@ovm ~]# cat /etc/yum.repos.d/oel68.repo [ol6_UEKR4] name=Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux $releasever ($basearch) baseurl=http://yum.oracle.com/repo/OracleLinux/OL6/UEKR4/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle gpgcheck=1 enabled=1 [ol6_addons] name=Oracle Linux $releasever Add ons ($basearch) baseurl=http://yum.oracle.com/repo/OracleLinux/OL6/addons/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle gpgcheck=1 enabled=1 [root@ovm ~]#
升级kernel(如果你的kernel版本是4.1.2可以跳过次步骤)
[root@ovm ~]# uname -a Linux ovm.ohsdba.cn 4.1.12-37.4.1.el6uek.x86_64 #2 SMP Tue May 17 07:23:38 PDT 2016 x86_64 x86_64 x86_64 GNU/Linux [root@ovm ~]# yum update [root@ovm ~]# yum update Loaded plugins: refresh-packagekit, security, ulninfo Setting up Update Process Resolving Dependencies --> Running transaction check ---> Package bfa-firmware.noarch 0:3.2.23.0-2.el6 will be obsoleted ---> Package fuse.x86_64 0:2.9.4-1.0.1.el6 will be updated ---> Package fuse.x86_64 0:2.9.4-1.0.4.el6 will be an update ---> Package fuse-libs.x86_64 0:2.9.4-1.0.1.el6 will be updated ---> Package fuse-libs.x86_64 0:2.9.4-1.0.4.el6 will be an update ---> Package ivtv-firmware.noarch 2:20080701-20.2 will be obsoleted ---> Package iwl100-firmware.noarch 0:39.31.5.1-1.el6 will be obsoleted ---> Package iwl1000-firmware.noarch 1:39.31.5.1-1.el6 will be obsoleted ---> Package iwl3945-firmware.noarch 0:15.32.2.9-4.el6 will be obsoleted ---> Package iwl4965-firmware.noarch 0:228.61.2.24-2.1.el6 will be obsoleted ---> Package iwl5000-firmware.noarch 0:8.83.5.1_1-1.el6_1.1 will be obsoleted ---> Package iwl5150-firmware.noarch 0:8.24.2.2-1.el6 will be obsoleted ---> Package iwl6000-firmware.noarch 0:9.221.4.1-1.el6 will be obsoleted ---> Package iwl6000g2a-firmware.noarch 0:17.168.5.3-1.el6 will be obsoleted ---> Package iwl6050-firmware.noarch 0:41.28.5.1-2.el6 will be obsoleted ---> Package kernel-uek.x86_64 0:4.1.12-61.1.10.el6uek will be installed ---> Package kernel-uek-devel.x86_64 0:4.1.12-61.1.10.el6uek will be installed ---> Package kernel-uek-firmware.noarch 0:4.1.12-61.1.10.el6uek will be installed ---> Package libertas-usb8388-firmware.noarch 2:5.110.22.p23-3.1.el6 will be obsoleted ---> Package linux-firmware.noarch 0:20140911-0.1.git365e80c.0.8.el6 will be updated ---> Package linux-firmware.noarch 0:20160616-44.git43e96a1e.0.12.el6 will be obsoleting ---> Package netxen-firmware.noarch 0:4.0.590-0.1.el6 will be obsoleted ---> Package ql2400-firmware.noarch 0:8.02.00-1.0.1.el6 will be obsoleted ---> Package ql2500-firmware.noarch 0:8.02.00-1.0.1.el6 will be obsoleted --> Finished Dependency Resolution ... Installed: kernel-uek.x86_64 0:4.1.12-61.1.10.el6uek kernel-uek-devel.x86_64 0:4.1.12-61.1.10.el6uek kernel-uek-firmware.noarch 0:4.1.12-61.1.10.el6uek linux-firmware.noarch 0:20160616-44.git43e96a1e.0.12.el6 Updated: fuse.x86_64 0:2.9.4-1.0.4.el6 fuse-libs.x86_64 0:2.9.4-1.0.4.el6 Replaced: bfa-firmware.noarch 0:3.2.23.0-2.el6 ivtv-firmware.noarch 2:20080701-20.2 iwl100-firmware.noarch 0:39.31.5.1-1.el6 iwl1000-firmware.noarch 1:39.31.5.1-1.el6 iwl3945-firmware.noarch 0:15.32.2.9-4.el6 iwl4965-firmware.noarch 0:228.61.2.24-2.1.el6 iwl5000-firmware.noarch 0:8.83.5.1_1-1.el6_1.1 iwl5150-firmware.noarch 0:8.24.2.2-1.el6 iwl6000-firmware.noarch 0:9.221.4.1-1.el6 iwl6000g2a-firmware.noarch 0:17.168.5.3-1.el6 iwl6050-firmware.noarch 0:41.28.5.1-2.el6 libertas-usb8388-firmware.noarch 2:5.110.22.p23-3.1.el6 netxen-firmware.noarch 0:4.0.590-0.1.el6 ql2400-firmware.noarch 0:8.02.00-1.0.1.el6 ql2500-firmware.noarch 0:8.02.00-1.0.1.el6 Complete! [root@ovm ~]# [root@ovm ~]# reboot Broadcast message from root@ovm.ohsdba.cn (/dev/pts/0) at 21:26 ... The system is going down for reboot NOW! [root@ovm ~]# login as: root root@10.0.2.250's password: Last login: Tue Oct 4 21:13:35 2016 from 10.0.2.6 [root@ovm ~]# uname -a Linux ovm.ohsdba.cn 4.1.12-61.1.10.el6uek.x86_64 #2 SMP Wed Sep 21 17:43:13 PDT 2016 x86_64 x86_64 x86_64 GNU/Linux [root@ovm ~]#Install Docker
[root@ovm ~]# yum install docker-engine Loaded plugins: refresh-packagekit, security, ulninfo ... Resolving Dependencies --> Running transaction check ---> Package docker-engine.x86_64 0:1.12.0-1.0.2.el6 will be installed --> Finished Dependency Resolution Total download size: 19 M Installed size: 78 M Is this ok [y/N]: y Downloading Packages: docker-engine-1.12.0-1.0.2.el6.x86_64.rpm | 19 MB 00:18 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : docker-engine-1.12.0-1.0.2.el6.x86_64 1/1 Verifying : docker-engine-1.12.0-1.0.2.el6.x86_64 1/1 Installed: docker-engine.x86_64 0:1.12.0-1.0.2.el6 Complete! [root@ovm ~]#创建并挂载btrfs文件系统(用于容器)
[root@ovm ~]# yum install btrfs-progs Loaded plugins: refresh-packagekit, security, ulninfo Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package btrfs-progs.x86_64 0:4.2.2-3.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved download size: 531 k Installed size: 3.4 M Is this ok [y/N]: y Downloading Packages: Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : btrfs-progs-4.2.2-3.el6.x86_64 1/1 Verifying : btrfs-progs-4.2.2-3.el6.x86_64 1/1 Installed: btrfs-progs.x86_64 0:4.2.2-3.el6 Complete! [root@ovm ~]# [root@ovm ~]# fdisk -l|grep sd Disk /dev/sda: 43.5 GB, 43468193792 bytes /dev/sda1 * 1 64 512000 83 Linux /dev/sda2 64 5285 41935872 8e Linux LVM Disk /dev/sdb: 32.2 GB, 32212254720 bytes /dev/sdb1 1 1306 10490413+ 83 Linux /dev/sdb2 1307 2612 10490445 83 Linux /dev/sdb3 2613 3916 10474380 83 Linux [root@ovm ~]# [root@ovm ~]# mkfs.btrfs /dev/sdb1 btrfs-progs v4.2.2 See http://btrfs.wiki.kernel.org for more information. WARNING: The skinny-metadata mkfs default feature will work with the current kernel, but it is not compatible with older kernels supported on this OS. You can disable it with -O ^skinny-metadata option in mkfs.btrfs WARNING: The extref mkfs default feature will work with the current kernel, but it is not compatible with older kernels supported on this OS. You can disable it with -O ^extref option in mkfs.btrfs Label: (null) UUID: b09facad-ae0b-4f7d-b7b1-6e1f16ba2e14 Node size: 16384 Sector size: 4096 Filesystem size: 10.00GiB Block group profiles: Data: single 8.00MiB Metadata: DUP 1.01GiB System: DUP 12.00MiB SSD detected: no Incompat features: extref, skinny-metadata Number of devices: 1 Devices: ID SIZE PATH 1 10.00GiB /dev/sdb1 [root@ovm ~]# rm -rf /var/lib/docker [root@ovm ~]# mkdir /var/lib/docker [root@ovm ~]# mount /dev/sdb1 /var/lib/docker [root@ovm ~]# echo "/dev/sdb1 /var/lib/docker btrfs defaults 0 0" >>/etc/fstab [root@ovm ~]#修改/etc/init.d/docker文件
"$unshare" -m -- $exec $other_args >> $logfile 2>&1 &
改变为
$exec $other_args >> $logfile 2>&1 &
[root@ovm docker]# ls -l /etc/sysconfig/docker -rw-r--r--. 1 root root 203 Aug 12 10:36 /etc/sysconfig/docker [root@ovm docker]# cat /etc/sysconfig/docker # /etc/sysconfig/docker # # Other arguments to pass to the docker daemon process # These will be parsed by the sysv initscript and appended # to the arguments list passed to docker daemon other_args="" [root@ovm docker]# [root@ovm docker]# less /etc/init.d/docker [root@ovm docker]# grep unshare /etc/init.d/docker unshare=/usr/bin/unshare "$unshare" -m -- $exec $other_args >> $logfile 2>&1 & [root@ovm docker]# vi /etc/init.d/docker [root@ovm docker]# grep other_args /etc/init.d/docker $exec $other_args >> $logfile 2>&1 & [root@ovm docker]#
修改/etc/updatedb.conf(可选)
注意:如果安装了mlocate包,要做这一步
[root@ovm ~]# rpm -qa|grep mlocate mlocate-0.22.2-6.el6.x86_64 [root@ovm ~]# vi /etc/updatedb.conf [root@ovm ~]# grep docker /etc/updatedb.conf PRUNEPATHS = "/afs /media /net /sfs /tmp /udev /var/cache/ccache /var/spool/cups /var/spool/squid /var/tmp /var/lib/docker" [root@ovm ~]#启动Docker
[root@ovm ~]# service docker start Starting cgconfig service: [ OK ] Starting docker: . [ OK ] [root@ovm ~]# chkconfig docker on [root@ovm ~]# chkconfig --list docker docker 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@ovm ~]#docker info
[root@ovm ~]# docker info Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 1.12.0 Storage Driver: btrfs Build Version: Btrfs v4.2.2 Library Version: 101 Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: null host bridge overlay Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: Kernel Version: 4.1.12-61.1.10.el6uek.x86_64 Operating System: Oracle Linux Server 6.8 OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 7.796 GiB Name: ovm.ohsdba.cn ID: 27DF:EGDH:5DND:7Y4L:BGCJ:LCZ2:EY7R:O36J:GAMR:EBTQ:CEQS:HBOG Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Insecure Registries: 127.0.0.0/8 [root@ovm ~]#docker version
[root@ovm ~]# docker version Client: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git commit: b9264d4 Built: OS/Arch: linux/amd64 Server: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git commit: b9264d4 Built: OS/Arch: linux/amd64 [root@ovm ~]#授权非root用户使用docker
[root@ovm ~]# useradd ohsdba [root@ovm ~]# id ohsdba uid=1102(ohsdba) gid=1102(ohsdba) groups=1102(ohsdba) [root@ovm ~]# groupadd docker [root@ovm ~]# service docker restart Stopping docker: [ OK ] Starting docker: . [ OK ] [root@ovm ~]# usermod -a -G docker ohsdba [root@ovm ~]# su - ohsdba [ohsdba@ovm ~]$ docker version Client: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git commit: b9264d4 Built: OS/Arch: linux/amd64 Server: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git commit: b9264d4 Built: OS/Arch: linux/amd64 [ohsdba@ovm ~]$
Reference
http://docs.oracle.com/cd/E52668_01/E75728/html/section_kfy_f2z_fp.html
https://docs.docker.com/engine/installation/
https://docs.docker.com/engine/installation/linux/oracle/
http://docs.oracle.com/cd/E37670_01/E37355/html/ol_create_btrfs.html
https://hub.docker.com/_/oraclelinux/
https://github.com/oracle/docker-images
http://baike.baidu.com/view/11854949.htm
http://www.docker.org.cn/dockerppt.html