Using Docker [读书笔记]
Containers are a lightweight and portable store for an application and its dependencies. 序的开头这么一句话, lightweight应该是较VM而言, 这里的container确实包含了你的应用及其依赖;
Containers share resources with the host OS;
Container 里面ps 看进程
Host OS 查看 docker 进程
如果选择让container知道外部的线程, 那么container 内部其实是可以看到的
The purpose of a VM is to fully emulate a foreign environment, whilst the purpose of a container is to make applications portable and self-contained;
Containers are an old concept. For decades, UNIX systems have had the chroot command which provides a simple form of filesystem isolation. FreeBSD has had the jail utility since 1998, which extended chroot sandboxing to processes. Solaris Zones offered a comparatively complete containerization technology around 2001, but was limited to the Solaris OS. Also in 2001, Parrallels Inc (then SWsoft) released the commercial Virtuozzo container technology for Linux, and later open sourced the core technology as OpenVZ in 20051. Following on from this, Google started the development of CGroups for the Linux kernel and began moving their infrastructure to containers. The LXC project started in 2008 and brought together CGroups, kernel namespaces and chroot technology (amongst others) to provide a complete containerization solution. Finally, in 2013, Docker brought the final pieces to the containerization puzzle and the technology began to enter the mainstream.
Docker took the existing Linux container technology then wrapped it and extended it in various ways — primarily portable images and a user-friendly interface — to create a complete solution for the creation and distribution of containers. The Docker platform has two distinct components; the Docker Engine, which is responsible for creating and running containers and the Docker Hub, a cloud service for distributing containers.
The Docker Engine provides a very fast and convenient interface for running containers. Before this, running a container using a technology such as LXC required significant specialist knowledge and manual work. The Docker Hub provides an enormous number of public container images for download, allowing users to quickly get started and avoid duplicating work already done by others.
Early versions of Docker were little more than a wrapper around LXC paired with a Union Filesystem when start open-source;
Docker uses a Union File System (UFS) for containers, which allows multiple file systems to be mounted in a hierarchy and appear as a single file system. The file system from the image has been mounted as a read-only layer and any changes to the running container are made to a read-write layer mounted on top of this.
$ docker rm $(docker ps -aq -f status=exited)