I want to become a Docker master! From quick start to landing deployment

This content comes from @What is worth buying APP, and the views only represent the author's own |Author: Yang Daoxian

Docker is one of the important ways to play NAS, and NAS without Docker has no soul, just like the West can't live without Jerusalem!

Since I started to share the tutorial, I found that many friends don't know much about Docker, and some are even confused~ This article aims to help us players quickly master the basic usage of Docker, meet most of their needs, and better play NAS!

One day, after a certain group member of a certain group became successful:

If you think it's good, welcome to like and collect comments to support ~ If you have any questions, you can leave a message/private chat

So, what is Docker?

Docker is a tool to quickly build, run, and manage applications, simply put, it helps us deploy various projects and various components required by the project, and can also be regarded as an operation and maintenance tool.

In the past, Linux servers could only be operated through manual commands, and the deployment was achieved through some scripts, which was still complicated and troublesome (many commands, installation packages, and complex installation steps). In today's microservice world, Docker has greatly improved our efficiency, and we don't need to be a master of operations to play!

Take a chestnut

Deploying Nginx in the traditional mode is cumbersome and requires the following steps:

• Search for and download the Nginx package
• Upload to a Linux server
• Compile and configure the environment
• Installation

Deploying via Docker requires a single command:

Dock's Run -D --Name NGINX -P80:80 NGINX

It can also be written:

Dock's Run -D --Name NGINX -P80:80 NGINX

The essence is also a line of commands, because it is not intuitive enough, so use a backslash to wrap lines

Copy and paste and then press the enter key to install it automatically~

Of course, there are some things missing from the command line here, which will be said later, but this one-click deployment method, is it refreshing?

Docker preparation

If you want to experience the benefits of Docker, you must first deploy Docker. In many cases, we use SSH tools to connect to the server and operate from the command line.

Brand NAS

Taking QNAP as an example, after initializing the system, open the App Center and install an application called Container Station (QNAP's official Docker graphical management tool)

In addition to making it easier to manage Docker, Container Station is also a prerequisite for installing some applications in the store. This is one of the great benefits of branded NAS, and after learning and understanding Docker, it is a great addition to this thing!

After that, enable SSH for backup

Cloud servers (VPS), Linux virtual machines, etc

Here is the Alibaba Cloud server as the demo platform, the operating system is Debian_12_x64 (Debian/Ubuntu is recommended for personal use), and other Linux distributions are similar.

1. Update the list of software packages

Enter the following command and press enter to wait for the package to install the update:

apt update -y

This command allows the system's Package Manager (APT) to download the latest list of packages from the configured source to ensure that the latest version is available when new software is installed or existing software is updated.

2. Install common software packages

Enter the following command:

apt install sudo vim git wget curl -y

It is enough for daily use. Red Hat, CentOS, Fedora, etc., need to use their own package managers, such as yum or dnf, to install packages.

三、安装Docker及Docker Compose

Official Guidebook: https://docs.docker.com/engine/install

Enter the following command:

apt install docker -y # 安装docker docker -v # 验证安装 systemctl enable docker # 设置docker开机自启 apt install docker-compose -y # 安装docker compose docker-compose -v # 确认docker compose版本

4. Configure image acceleration

Depending on the requirements, if the image download speed is very slow, you can configure it.

Take Alibaba Cloud as an example, provide a free accelerator address to obtain the entry https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors

It can be seen that the official has given the order

Copy them one by one and execute them

Get started with Docker

First, there are two key terms: image and container

Basics

Taking Nginx as an example, at the beginning of this article, we have the following deployment command:

Dock's Run -D --Name NGINX -P80:80 NGINX

As you can see, after we press enter to execute the command, Docker will first search for whether there is an image locally, if not, it will search for and download the image of the corresponding version of Nginx, and then run it automatically.

The image not only contains the Nginx body, but also packages the environment, configuration, and system libraries required for its operation.

In order to understand the image more intuitively, I don't know if you have used the green free installation version of the software.exe?

When Docker runs the image, it will create an isolated and independent environment for each application, which is called a container, which can perfectly avoid conflicts between different applications, realize the deployment of multiple applications with different environment requirements under the same device, or the cluster deployment of a certain application, and ensure the smooth operation of the service.

As shown in the image, multiple Nginx are deployed, and all of them are successfully launched

Command Interpretation

According to the official documentation of the Docker hub, let's improve the Nginx command

Dock run -D --Named NGINX -P80:80 -V/Root/Docker/Data/NGINX/HHTML:/USR/Share/NGINX/HTML -A TJ=Asya/Shanghai# 凑数的变量,方便演示 --Network Inter#方便演示 NGINX

docker run -d : Create and run a container, -d means let the container run in background mode

--name nginx : Name the container, it's all a matter of personal preference, but it must be unique

-p 80:80 : Set port mapping

• Containers are isolated and inaccessible to the outside world. Port 80 of the container is mapped to port 80 of the host, which allows access to services running within the container from the host.
• The port in the container is determined by the processes in the container, and the host port can be arbitrarily specified, for example, -p 90:80
• -p Host Port: The port in the container, in this case, mapping port 80 of the host to port 80 in the container

-e TZ=Asia/Shanghai: Configure some parameters for the runtime of the process in the container, which we call environment variables

• Format: -e KEY=VALUE, both KEY and VALUE are determined by the process (author) in the container
• TZ=Asia/Shanghai是设置时区;
• Official documentation may contain both mandatory and optional variables, read carefully before deployment

--network inter : Define the network connection type of the container, which we will talk about in the network section at the end

nginx : Set the name of the image, Docker will search for and download the image based on this name

• 格式:repository:tag,例如nginx:1.1,其中repository可以理解为镜像名,tag是版本号
• If TAG is not specified, the default version is mysql:latest
• If you want to pull the user-built image, the format is username/my-custom-image:version, for example, ydxian/nginx:1.1.0, usually ydxian/nginx also defaults to the latest version
• Of course, different images may fail to be deployed due to different author configurations, so please read the installation manual

Docker common commands

Commands are designed to manipulate images and containers, but they don't need to be memorized, and the console can be quickly consulted via docker help

All commands are listed in the official documentation: https://b11et3un53m.feishu.cn/wiki/MWQIw4Zvhil0I5ktPHwcoqZdnec#YCejdEwpyo2hxRxpDx4cFFkDnQg

To perform operations on a container, enter the first three digits of the container name/container ID, such as docker stop nginx or docker stop 024. The following diagram shows some demonstrations of how to do this

Data volumes

The first is some common command https://docs.docker.com/reference/cli/docker/volume

There is no need to memorize them, the console can be viewed via docker volume help

What is a data volume

A volume is a virtual directory that bridges the mapping between the directories in the container and the host directory, similar to the ports mentioned above.

Let's continue to take Nginx as an example, reading the official documentation, we can see that Nginx has two key directories:

/usr/share/nginx/html is dedicated to hosting static resources, while /etc/nginx/nginx.conf is responsible for storing configuration files.

If we want to configure these two parts, we have to use the data volume to associate the two directories with the host directory for easy operation

Create two data volumes, html and conf, and Docker will help us create a real directory for these two data volumes on the host, located in var/lib/docker/volums/html/_data and var/lib/docker/volums/conf/_data

As long as it is in the Linux system, var/lib/docker/volums is the default location, and a new directory is created based on the data volume name, in the format of /data volume_name/_data

In this way, the html and conf in the container will be associated with the corresponding directory of the host through the two data volumes, which is what we often call mounting. As long as we put the static resources into the corresponding directory of the host, they can be proxied by Nginx

Based on the above, let's redeploy Nginx:

Dock run -D --Name NGINX -P80:80 -V HHTML:/usr/share/NGINX/html NGINX

Web input http://localhost:80 or http://host-ip:80 the following screen appears

This is followed by a demonstration

docker volume ls # 列出所有数据卷，输出以下内容 *DRIVER VOLUME NAME local html* docker volume inspect html # 显示数据卷html的详细信息，Mountpoint为宿主机挂载点 *[ { "CreatedAt": "2024-04-09T13:41:08+08:00", "Driver": "local", "Labels": null, "Mountpoint": "/var/lib/docker/volumes/html/_data", "Name": "html", "Options": null, "Scope": "local" } ]* cd /var/lib/docker/volumes/html/_data ls # 列出静态资源文件，出现以下内容 *50x.html index.html* cat index.html # 查看 index.html 文件，所示内容即为我们web端看到的欢迎页面内容

That is to say, /var/lib/docker/volumes/html/_data is mapped to html data volumes, and html is mapped to /usr/share/nginx/html, and finally the mapping between /var/lib/docker/volumes/html/_data and /usr/share/nginx/html is realized.

Combined with the picture is more obvious

In order to further verify, let's make a magic change on the index.html and see how it works. Then in this directory, enter the following command:

Vim index. HTML

The modified code is as follows, Aunt Zhang can't get into the html code here, just take a screenshot to show: modified the website title and welcome page text, and replaced the original URL with my personal blog site

After saving, exit, and then refresh the web interface, the result is as expected

Mount

For mounting, you should be very familiar with it! Understand the data volume above, that is easy!

# Mount command format, must start with / or ./ -v local directory: container directory -v local file: container file # For example, let's say the host directory we are in is /root/docker/data/nginx -v html:/usr/share/nginx/html # Here the html to the left of the colon will be recognized as a data volume -v ./html:/usr/share/nginx/html # ./ If it does not exist, Docker will automatically create -v /root/docker/data/nginx/html:/usr/share/nginx/html # The absolute path on the host, which can directly provide the static data of the host to Nginx, which is also the most common and convenient form

So why do we mount the directory in the container to a specific local directory? for the following reasons:

• The directory of the data volume is deeper, and we also saw earlier that the directory of /var/lib/docker/volumes/html/_data is smelly and long, and it is very troublesome to operate every time!
• For some Docker projects, if you don't actively mount it, a data volume will be automatically generated, a long string of characters

Take a look at the data volumes automatically generated by my QNAP NAS!

Next, let's use the above tutorial to uninstall and reinstall nginx, and add an HTML mount

mkdir -p /root/docker/data/nginx/html docker run -d --name nginx -p 80:80 -v /root/docker/data/nginx/html:/usr/share/nginx/html nginx # At this time, if we access the web, a 403 error will appear, because the host directory is empty, and we need to provide static data cd /root/docker/data/nginx/html ls # Create a file, copy the previous one in and save it to exit vim index.html ls # If you see that the new file is successful, then refresh the web interface to see the page again

Picture display of the operation process

In this case, we refresh the Nginx interface, and page 403 returns an error because no static data is configured, but it is certain that Nginx has been successfully deployed

Static data is configured through commands, and YDXian is changed to QNAP on the original basis

Refresh the interface again

Last but not least, if we mount configuration data and other files, we need to prepare the corresponding directories and files in advance, if we do not have them, if Docker cannot find the nginx.conf file after executing the command, it will only automatically create a folder named nginx.conf and report an error

-v /root/docker/data/nginx/nginx.conf:/etc/nginx/nginx.conf

Internet

Well, as the name suggests, we mentioned it a little bit in the command interpretation section. There are three common types: bridge, host, and custom;

Bridge：

This is the default network type, and the container will connect to this network unless otherwise specified. It is a private internal network where containers can communicate with each other, and hosts can communicate with containers.

Host

Removing the network isolation between the container and the Docker host, the container uses the host's IP address and network port directly, which means that no additional port mapping is required. Using --network host improves performance and allows the container to listen on ports on the host's network. For example, streaming services such as Emby, which everyone uses.

Customize

For us casual players, we basically don't do this, if the containers need to call each other, if there is a problem, you can try to choose this method. To name and create a new bridge beforehand, e.g. docker network create inter, then enter the docker network connect inter container name for others to join. In this way, containers that join the inter network can access each other, and can be accessed directly through the container name without knowing the IP address.

By docker inspect nginx, you can see that the IP address of Nginx is 172.17.0.2

View the information of another container with an IP address of 172.17.0.3

This means that the two containers are in the same network segment, think about the LAN devices at home, can the devices under the same router/switch also access each other?

But there are some doubts, as mentioned earlier, aren't each container independent of each other, why can it still be in the same network segment?

Careful friends may have found that they all have the same gateway 172.17.0.1, have you read my previous tutorial to share friends, do you think this IP is very familiar?

In fact, from the moment we install Docker, it will automatically install a virtual NIC docker 0 in the device, and will also create a virtual bridge for this virtual NIC for communication between the container and the host. Its address is 172.17.0.1/16, 172.17.0.1 is the IP address of the docker0 interface, /16 is the subnet mask, and the IP address range is defined from 172.17.0.0 to 172.17.255.255.

Note: These are just the majority of cases, and the exact IP address range may vary depending on installation and configuration.

ifconfig IP ADDR Show Docker0

Regarding customization, because there are not many use cases, here is only a brief demonstration

docker network create inter # 创建名为inter的网络 network connect inter nginx # nginx加入inter network connect inter emby # emby加入inter

As you can see, the initial Nginx has an additional network named inter

If this does not work, it is recommended to use the docker logs container name to check the container logs for error details, or use docker exec -it container name bash (or sh) to enter the container, and then use curl or other tools to test the network connection between the containers.

Docker Compose

One of the great advantages of Docker Compose is that it allows us to quickly deploy multiple interrelated Docker containers.

It is also very comfortable to deploy Container Station through QNAP's official docker management tool

After pasting the YAML code, if the command is incorrect, the system will not allow the creation operation, and the creation can only be performed after the error is rectified according to the prompts. And it will prompt, let's make mistakes one by one~ In the following picture, there is actually one missing after the environment:

That's the benefit of the brand's NAS, with a highly visual and convenient panel!

The author also prefers to deploy in this way on a daily basis, and the basic syntax can be found in the official documentation: https://docs.docker.com/compose/compose-file/compose-file-v3

与Docker run对比

The docker-compose file can define multiple interrelated application containers, each of which is called a service. Since service is defining the runtime parameters of an application, it is very similar to the docker run parameter.

# Docker Run部署 Docker Run -D --Name NGINX -P80:80 in TJ=Asiya/Shanghai -V /Root/Docker/Data/NGINX/HHTML:/USR/Shares/NGINX/HTML --Restart=Always --Network Inter#自定义网络 NGINX

In many cases, deployment failures are caused by misaligned formats, missing spaces, and more/less symbols

# docker compose部署 version: "3" services: nginx: image: nginx container_name: nginx ports: - "80:80" environment: - TZ=Asia/Shanghai volumes: - /root/docker/data/nginx/html:/usr/share/nginx/html restart: always networks: # 若为默认桥模式，从这往下全部删除 - news networks: news: name: inter

A list of common correspondence tables

Rough deployment process

The preparations are pretty much the same, as follows

mkdir -p /root/docker/data/nginx # create nginx file directory cd /root/docker/data/nginx # enter the directory mkdir html # create the host directory to be mounted cd html # enter the html directory vim index.html # prepare the static data file, save it and exit cd .. # Go back to the parent directory and go back to nginx vim docker-compose.yml # Create a .yml file in nginx # Paste the above code into it and save it and exit docker-compose up -d # Start it

After vim docker-compose.yml, if you need to edit, press i to edit, after editing, press Esc to return to normal mode, then press Shift and: at the same time, enter wq (write and exit) or :q! (exit without saving), press enter the enter key to exit.

At last

In fact, the deployment of most Docker applications is not difficult~ The basic knowledge and principles are almost understood, and then look at the official manual before deployment, many answers are there, and it is almost the same to operate four or five by hand!

Have fun, and we'll see you next time!

extra

Let's take a look at the classic audio-visual system collection, after the successful start, you will get four deployed containers. The nastool library has been deleted (the job should be copyable, please change the library in advance)

version: "3" services: jellyfin: image: nyanmisaka/jellyfin:latest container_name: jellyfin environment: - PUID=0 - PGID=0 - TZ=Asia/Shanghai volumes: - /share/Container/jellyfin/config:/config - /share/media/video:/video ports: - 8096:8096 - 8920:8920 devices: - /dev/dri:/dev/dri nastool: image: yohe/nastool:2.9.1 container_name: nastool environment: - PUID=0 - PGID=0 - TZ=Asia/Shanghai - ALPINE_MIRROR=mirrors.ustc.edu.cn - LANG=C.UTF-8 - NASTOOL_AUTO_UPDATE=false - NASTOOL_CN_UPDATE=true - NASTOOL_CONFIG=/config/config.yaml - NASTOOL_VERSION=master - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - PYPI_MIRROR=https://pypi.tuna.tsinghua.edu.cn/simple - REPO_URL=https://github.com/jxxghp/nas-tools.git - UMASK=000 - WORKDIR=/nas-tools volumes: - /share/Container/nastool/config:/config - /share/media/video:/video ports: - 3000:3000 jackett: image: linuxserver/jackett:latest container_name: jackett volumes: - /share/Container/jackett/config:/config - /share/Container/jackett/downloads:/downloads environment: - HOME=/root - LSIO_FIRST_PARTY=true - PATH=/lsiopy/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 - S6_STAGE2_HOOK=/docker-mods - S6_VERBOSITY=1 - TERM=xterm - VIRTUAL_ENV=/lsiopy - XDG_CONFIG_HOME=/config - XDG_DATA_HOME=/config ports: - 9117:9117 qBittorrent: image: linuxserver/qbittorrent:4.4.3 container_name: qBittorrent volumes: - /share/Container/qBittorrent/config:/config - /share/media/video:/downloads ports: - 8080:8080 - 6881:6881 - 6881:6881/udp

Blog site building project Halo 2, officially provided code, rice to mouth series

version: "3" services: halo: image: halohub/halo:2.14 restart: on-failure:3 depends_on: halodb: condition: service_healthy networks: halo_network: volumes: - ./halo2:/root/.halo2 ports: - "8090:8090" healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8090/actuator/health/readiness"] interval: 30s timeout: 5s retries: 5 start_period: 30s command: - --spring.r2dbc.url=r2dbc:pool:mysql://halodb:3306/halo - --spring.r2dbc.username=root # MySQL 的密码，请保证与下方 MYSQL_ROOT_PASSWORD 的变量值一致。 - --spring.r2dbc.password=mysal_secret - --spring.sql.init.platform=mysql # 外部访问地址，请根据实际需要修改 - --halo.external-url=https://blog.ydxian.love/ halodb: image: mysql:8.1.0 restart: on-failure:3 networks: halo_network: command: - --default-authentication-plugin=caching_sha2_password - --character-set-server=utf8mb4 - --collation-server=utf8mb4_general_ci - --explicit_defaults_for_timestamp=true volumes: - ./mysql:/var/lib/mysql - ./mysqlBackup:/data/mysqlBackup healthcheck: test: [ "CMD", "mysqladmin", "ping", "-h", "127.0.0.1", "--silent"] interval: 3s retries: 5 start_period: 30s environment: # 请修改此密码，并对应修改上方 Halo 服务的 SPRING_R2DBC_PASSWORD 变量值 - MYSQL_ROOT_PASSWORD=mysal_secret - MYSQL_DATABASE=halo networks: halo_network: