一、Docker是什么?
Docker is a platform that allows you to "build ,ship ,and run any app, anywhere. "
Docker是一个平台,它提供哪些服务呢?任何一台装有Docker的机器上你都可以建立、发布、运行你的应用程序。
It has come a long way in an incredibly short time and is now considered a standard way of solving one of the costliest aspects of software: deployment.
Docker在很短的时间内就走得很远,如今它基本是解决软件最昂贵的环节:部署的标准解决方案。
在Docker出现之前,有一堆与软件部署的工具软件,虚拟机、配置管理工具、打包管理工具、复杂的webs库依赖。所有这些工具都需要专业的工程师去管理和维护,多数软件有一套独特的配置方法。
二、使用Docker有什么好处?
Some crucial practical questions arise: why would you use Docker, and for what? The short answer to the “why” is that for a modicum of effort, Docker can save your business a lot of money quickly. Some of these ways (and by no means all) are discussed in the following subsections. We’ve seen all of these benefits firsthand in real working contexts.
最关键的一句话:使用Docker可以省事、省时、省钱。
1、Docker can be used to replace VMs in many situations.
用来取代虚拟机;
2、Docker can give you a sandbox environment in milliseconds.
Docker可以在几毫秒内为您提供一个沙盒环境。
3、Because a Docker image has effectively no dependencies for a Linux user, it’s a great way to package software. You can build your image and be sure that it can run on any modern Linux machine—think Java, without the need for a JVM.
Docker是一个打包软件的好工具。将用java开发的软件打包成镜像后,就可以在任何一台Linux操作系统上运行,而不需要JVM(JAVA 虚拟机)。
4、Docker facilitates the decomposition of a complex system to a series of composable parts, which allows you to reason about your services in a more discrete way.
Docker有助于将一个复杂系统分解为一系列可组合的部分,这使您能够以一种更加离散的方式对服务进行推理。
5、Because you can spin up hundreds (even thousands) of isolated containers on one machine, modeling a network is a breeze. This can be great for testing real-world scenarios without breaking the bank.
Docker在一台机器上起成百上千个独立的容器,有助于模拟网络,使网络建模成为一件轻而易举的事情。
6、ENABLING FULL-STACK PRODUCTIVITY WHEN OFFLINE
Because you can bundle all the parts of your system into Docker containers, you can orchestrate these to run on your laptop and work on the move, even when offline.
由于你可以将所有系统打包进你的Docker容器,所以可以移动工作,甚至脱网离线工作。
7、REDUCING DEBUGGING OVERHEAD
减少调试开销
下面这段自己理解吧!
Complex negotiations between different teams about software delivered is a common- place within the industry. We’ve personally experienced countless discussions about bro- ken libraries; problematic dependencies; updates applied wrongly, or in the wrong order, or even not performed at all; unreproducible bugs; and so on. It’s likely you have too. Docker allows you to state clearly (even in script form) the steps for debugging a problem on a system with known properties, making bug and environment reproduction a much simpler affair, and one normally separated from the host environment provided.
8、Docker forces you to document your software dependencies explicitly from a base starting point.
Docker强迫你记录软件依赖,方便你其他地方布局或者安装软件。
9、ENABLING CONTINUOUS DELIVERY
实现持续交付
Continuous delivery (CD) is a paradigm for software delivery based on a pipeline that rebuilds the system on every change and then delivers to production (or “live”) through an automated (or partly automated) process.
Because you can control the build environment’s state more exactly, Docker builds are more reproducible and replicable than traditional software building methods. This makes implementing CD much easier. Standard CD techniques, such as Blue/Green deployment (where “live” and “last” deployments are maintained on live) and Phoenix deployment (where whole systems are rebuilt on each release), are made trivial by implementing a reproducible Docker-centric build process.
三、使用Docker来干什么?
比较一下Docker诞生前和诞生后软件开发的变化就能感受到Docker可以用来干嘛了。
四、为什么要使用Docker?
我们知道软件开发涉及开发阶段、测试阶段和版本发布阶段,在使用Docker之前这是隔离的三次工作,他们拥有不同的配置和环境,可是,有了Docker合3为1,世界变得美好多了。
五、Docker的核心概念
容器:一个镜像的运行实例就是一个容器。
六、Docker的架构
Grasping Docker’s architecture is key to understanding Docker more fully.
熟悉Docker的结构是理解并使用好它的关键。Docker 使用客户端-服务器 (C/S) 架构模式,使用远程API来管理和创建Docker容器。Docker 容器通过 Docker 镜像来创建。容器与镜像的关系类似于面向对象编程中的对象与类。
The docker command is a client, and the Docker daemon acts as the server doing the processing on your Docker containers and images.
dockerClient 客户端
Docker Daemon 守护进程
Docker Image 镜像
DockerContainer 容器
七、安全使用Docker
Docker的守护进程是可以对外网开放的,默认状态的设置是/var/run/docker.sock,外网无法连接,但是通过改变这一设置可以开放给其他人,比如你想让其他人帮你远程Debug或者开放给项目组成员,但是这样做是不安全的,一旦开放,所有可以联到你的主机的人都可以访问你本地Docker.
