Kubernetes popular series: getting started with container Foundation

With the advent of the cloud native era , Cloud and distributed computing have become one of the most popular technologies . among Docker As the most famous container platform , What kind of charm does it have to let everyone know ？ I don't say much nonsense , Let's begin to lift the mystery of container technology layer by layer ！

Docker

Let time go back to 2013 year , At that time , Virtual machines and cloud services have become very popular . Common practices of mainstream users , It's on the cloud platform （ For example, Tencent cloud 、AWS、OpenStack etc. ）, Just like managing physical servers, using scripts to manage and deploy applications .

In this way, there is always the risk of deployment problems caused by the inconsistency between the local environment and the online environment , So the idea of each cloud platform is to simulate the environment closer to the local server , To provide users with a better cloud experience . So open source PaaS Project provides “ App hosting ” The ability of , Is the best solution to this problem .

In many open sources PaaS In the project , The hottest Cloud Foundry Basically, it has attracted the attention of all cloud vendors , Open up to open source PaaS Building platform layer service capabilities for the core .

You may not be very familiar with Cloud Foundry, In short ,Cloud Foundry All it does is provide a "cf push" Command line tools , So that we can package, upload and distribute the code of some mainstream languages . then Cloud Foundry By calling the CGroups and Linux Namespace, Create a separate sandbox environment for each application , Then start the process of these applications in it .

So then Cloud Foundry The core competence , Is to provide an isolated operating environment , That is to say “ Containers ” 了 .

At the same time , There is a family called dotCloud The company , Because its main product is Cloud Foundry The community is disjointed , So for a long time no one has been interested in it . finally ,dotCloud The company decided to open its own container project Docker.

But it's a pity that no one paid attention to it at that time dotCloud It's time to make a decision , because “ Containers ” The concept has never been new , Neither Docker Invented by the company . Even the most popular at the time PaaS project Cloud Foundry in , The container is just the bottom layer , The part that nobody pays attention to the most .

and Docker project , Actually and Cloud Foundry There's not much difference in the container of , So in Docker Shortly after release ,Cloud Foundry Chief product manager of James Bayer I made a detailed comparison in the community , Tell the user Docker Actually, it's just the same use Cgroups and Namespace Realized “ Sandbox ” nothing more , There's no special black Technology , There's no need to pay special attention to .

However , After a few months ,James Bayer I was beaten in the face .Docker It took only a few months , Just let all PaaS The community is out . in fact ,Docker The project does have to do with Cloud Foundry There is no difference in most of the functions and implementation principles of the container , But there's only one different function , a Docker The key to winning the project .

The function is Docker Mirror image .

At that time, the mainstream PaaS project , Such as Cloud Foundry, By providing a set of application packaging functions , Help users deploy to clusters on a large scale . But it's the packaging function , Users need to do a lot of configuration and debugging work for each application , So that the local application can run correctly , It works correctly in a cluster .

and Docker Mirror image , It just solved the fundamental problem .Docker The essence of mirror image , It's just a compressed package , But and PaaS Compared with app packaging , The package contains a complete set of runtime dependent content , For example, all the files and directories of the operating system . As long as the user holds the compressed package , You can create a sandbox anywhere to run the user's application through some technical means , Because it achieves a high degree of consistency between the local environment and the cloud environment , Plus Docker Interesting Promotion , such as “1 Deploy one per minute WordPress Website ”、“3 Deploy one per minute Nginx colony ” etc. , Ultimately, through close relationships with developers , Plus it solves the fundamental problem of packaging , So as to reach the sky at one stroke .

Linux Namespace,Linux Cgroups ,rootfs

We have already introduced Docker The development of , that , Back to the technology itself , What is the container ？ Here's a definition ：

One “ Containers ”, It's actually a matter of Linux Namespace、Linux Cgroups and rootfs The isolation environment of processes built by three technologies .

• Linux Namespace and Linux Cgroups, Provides runtime isolation and resource Grant .
• rootfs, That's mirror image , Provides the running content of the container .

For example, for the following Dockerfile：

#  Use the official  Python  Develop the image as the basic image 
FROM python:3.8-slim-buster
​
#  Switch the working directory to  /app
WORKDIR /app
​
#  Copy the application dependency description file to the working directory 
COPY requirements.txt requirements.txt
​
#  Use  pip  Command to install the application and its required dependencies 
RUN pip3 install -r requirements.txt
​
#  Copy the application file to the working directory 
COPY . .
​
#  Set the container process to  "python3 app.py", It's time to  Python  The start command of the application 
CMD [ "python3", "app.py"]
​

In the Dockerfile in , Let's start with a basic image python:3.8-slim-buster, Install dependencies and copy the application to the working directory , Finally, specify the application process , That is to start the command . In this description , We'll get the following container view ：

The process of the container is “python3 app.py”, Run by Linux namespace + Linux cgroups In an isolated environment . And all the documents it needs , Include Python、app.py And the entire operating system file , It's mounted by multiple associations rootfs Provide . The rootfs The bottom of the world , Is read-only Docker Mirror image . stay Docker Above the mirror image , yes Docker The manager of init layer , It is used to temporarily store the data modified by the manager /etc/hosts Wait for the documents . stay rootfs The top layer of the system is the read-write layer , With Copy-On-Write Store all the changes to the read-only layer file in the same way , And container declaration Volume Mount point . From the container view , We can sum up a running Linux Containers , It consists of the following ：

• A group of jointly mounted rootfs, This is what we call the container's “ Mirror image ”（Image）.
• One by Linux namespace + Linux cgouprs Isolated environment , This is what we call the container's “ Runtime ”（Runtime）.

Docker install

I've described the nature of containers and the logic behind them , We are now Ubuntu 18 LTS For example , Describes how to install Docker, For the back of the Kubernetes To prepare .

To configure REPOSITORY

1、 to update apt Package manager indexing and configuration apt Able to use HTTPS The warehouse of .

 sudo apt-get update
 
 sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

2、 add to Docker official GPG Public key .

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

3、 Specify to use the stable version of Docker edition .

echo \
  "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

install Docker engine

1、 to update apt Package manager index , Then install the latest stable version Docker engine.

 sudo apt-get update
 
 sudo apt-get install docker-ce docker-ce-cli containerd.io

2、 After installation , Through execution hello-world Mirror image , verification Docker engine.

sudo docker run hello-world

Now the installation is complete , You can start using Docker 了 .

Container arrangement

As a developer , We don't really care about container runtime differences , Because in the whole “ Development - Release ” In the process , What's really published is the container image . For cloud service providers , You can mirror them to potential users through the container （ Like developers ） Directly connected . therefore , The ability to define container organization and management specifications “ Container arrangement ” technology , It has become the most popular technology of cloud computing . Among them , The most representative container choreography tools are as follows ：

• Docker The company's Compose+Swarm Combine ;

• Google And RedHat Company led Kubernetes project . At present, the project has become the industry standard .

Next Kubernetes Popular series , Will take you in-depth understanding of the absolute protagonist carrying the development of cloud primordial ——Kubernetes, Let's see you next time ！