Docker - shawfdong/hyades GitHub Wiki

Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on Linux. Docker uses resource isolation features of the Linux kernel such as cgroups and kernel namespaces to allow independent containers to run within a single Linux instance, avoiding the overhead of starting virtual machines[1].

Installing Docker on CentOS 7

We'll install and test Docket on my CentOS 7 box[2].

Make sure firewalld is disabled and iptables is enabled: 

# systemctl status firewalld
# systemctl status iptables

Install Docker: 

# yum -y install docker

Enable and start the Docker daemon: 

# systemctl status docker.service
docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled)
   Active: inactive (dead)
     Docs: http://docs.docker.com

# systemctl enable docker.service
# systemctl start docker.service

Get the latest CentOS image: 

# docker pull centos

# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker.io/centos    7                   fd44297e2ddb        6 days ago          215.7 MB
docker.io/centos    latest              fd44297e2ddb        6 days ago          215.7 MB
docker.io/centos    centos7             fd44297e2ddb        6 days ago          215.7 MB

Test the CentOS image: 

# docker run -i -t centos /bin/bash
[root@6935ebd5e6c9 /]# ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
[root@6935ebd5e6c9 /]# uname -a
Linux 6935ebd5e6c9 3.10.0-229.1.2.el7.x86_64 #1 SMP Fri Mar 27 03:04:26 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@6935ebd5e6c9 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
5: eth0: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 02:42:ac:11:00:01 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:acff:fe11:1/64 scope link 
       valid_lft forever preferred_lft forever

Docker takes advantage of namespaces to provide the isolated workspace called container[3]. On the host: 

# ip a
...
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 56:84:7a:fe:97:99 brd ff:ff:ff:ff:ff:ff
    inet 172.17.42.1/16 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::5484:7aff:fefe:9799/64 scope link 
       valid_lft forever preferred_lft forever
6: veth0388916: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP 
    link/ether 72:41:c5:d0:9e:95 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::7041:c5ff:fed0:9e95/64 scope link 
       valid_lft forever preferred_lft forever

# brctl show
bridge name	bridge id		STP enabled	interfaces
docker0		8000.56847afe9799	no		veth0388916

Further Readings

References

  1. ^ What is docker?
  2. ^ Installing Docker on CentOS
  3. ^ Understanding Docker
⚠️ **GitHub.com Fallback** ⚠️