Help Center/ Cloud Container Engine/ Kubernetes Basics/ Containers and Kubernetes/ Containers
Updated on 2025-02-11 GMT+08:00
View PDF
Share

Containers

Overview

Containers are a kernel virtualization technology originating with Linux. They provide lightweight virtualization to isolate processes and resources. Containers have become popular since the emergence of Docker. Docker is the first system that allows containers to be portable on different machines. It simplifies the packaging of both applications and the applications' repository and dependencies. Even an OS file system can be packaged into a simple portable package that can be used on any other machine that runs Docker.

Containers use similar resource isolation and allocation modes as VMs. The difference between containers and VMs lies in that containers virtualize OSs but not hardware, which makes containers more portable and efficient.

Figure 1 Containers vs VMs

Containers have the following advantages over VMs:

  • Higher system resource utilization

    With no overhead for virtualizing hardware and running a complete OS, containers outperform VMs in application execution speed, memory loss, and file storage speed. Therefore, with same configurations, containers can run more applications than VMs.

  • Faster startup

    Traditional VMs usually take several minutes to start an application. However, Docker containerized applications run directly on the host kernel with no need to start the entire OS, so they can start within seconds or even milliseconds, greatly saving your time in development, testing, and deployment.

  • Consistent running environments

    Inconsistent development, test, and production environments are a common issue in development. As a result, some issues cannot be detected prior to rollout. A Docker container image includes everything (code, runtime, system tools, system libraries, and settings) needed to run an application to ensure consistency in application running environments.

  • Easier migration

    Docker provides a consistent execution environment across many platforms, both physical and virtual. Regardless of what platform Docker is running on, the applications run the same, which makes migrating them much easier. With Docker, you do not have to worry that an application running fine on one platform will fail in a different environment.

  • Easier maintenance and extension

    A Docker image is built up from a series of layers and these layers are stacked. When you create a new container, you add a container layer on top of image layers. In this way, duplicate layers are reused, which simplify application maintenance and update as well as further image extension on base images. In addition, Docker collaborates with open-source project teams to maintain a large number of high-quality official images. You can directly use them in production environments or custom your images based on these images. This greatly improves the efficiency in creating images for applications.

Typical Process of Using Docker Containers

Before using a Docker container, you should know the core components in Docker.

  • Image: A Docker image is an executable package of software that includes the data needed to run an application, such as code, runtime, file systems, and executable file path of the runtime.
  • Image repository: A Docker image repository stores Docker images and entities to create and share container images. You can run an image on the computer where it is edited, or you can upload it to an image repository, download it to another computer, and then run it. Some repositories are public, which allow everyone to pull images from them. Some are private, which are accessible only to some users and machines.
  • Container: A Docker container is usually a Linux container created from a Docker image. A running container is a process running on the Docker host, but it is isolated from the host and all other processes running on the host. The process is also resource-limited, and it can access and use only resources (such as CPUs and memory) allocated to it.

Figure 2 shows the typical process of using containers.

Figure 2 Typical process of using Docker containers
  1. A developer develops an application and creates an image on the development machine.

    Docker creates the image and stores it on the machine.

  2. The developer sends a command to Docker for uploading the image.

    After receiving the command, Docker uploads the local image to the image repository.

  3. The developer sends an image running command to the production machine.

    After the command is received, Docker pulls the image from the image repository to the machine and then runs a container based on the image.

Example

In the following example, Docker packages a container image based on an Nginx image, runs an application based on the container image, and pushes the container image to an image repository.

Installing Docker

Docker is compatible with almost all operating systems. Select a Docker version that best suits your needs.

The following uses CentOS 7.5 64bit (40 GiB) as an example to describe how to quickly install Docker using a Huawei Cloud image.

  1. Add a yum repository: 
    yum install epel-release -y
yum clean all
  2. Install the required software packages: 
    yum install -y yum-utils device-mapper-persistent-data lvm2
  3. Configure the Docker yum repository: 
    yum-config-manager --add-repo https://mirrors.huaweicloud.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.huaweicloud.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
  4. Check the available Docker version: 
    yum list docker-ce --showduplicates | sort -r

    Information similar to the following is displayed:

    Loading mirror speeds from cached hostfile
Loaded plugins: fastestmirror
docker-ce.x86_64            3:26.1.4-1.el7              docker-ce-stable
docker-ce.x86_64            3:26.1.3-1.el7              docker-ce-stable
docker-ce.x86_64            3:26.1.2-1.el7              docker-ce-stable
...
  5. Install Docker of the specified version. You are advised to install Docker 18.06.0 to 24.0.9 to facilitate the configuration of the image accelerator.. 
    sudo yum install docker-ce-24.0.9 docker-ce-cli-24.0.9 containerd.io

    Docker 24.0.9 is being used as an example. If you choose a different version, simply substitute 24.0.9 with the specific version number.

  6. Start Docker: 
    systemctl enable docker  # Set Docker to start automatically upon system startup.
systemctl start docker   # Start Docker.
  7. Check the installation result. 
    docker --version

    Information similar to the following is displayed:

    Docker version 24.0.9, build 2936816

Packaging a Docker Image

Docker provides a convenient way to package your application as a Dockerfile. Dockerfile allows you to customize a simple Nginx image.

  1. To configure an image accelerator, perform the following operations. (Image accelerators can speed up the download of popular open source images, addressing issues with slow or failed downloads from third-party repositories like Docker Hub caused by network problems. These accelerators are available in certain regions.)
    1. Log in to the SWR console.
    2. In the navigation pane, choose Image Resources > Image Center. Ensure that the Image Center is available in the current region. For details, see Notes and Constraints.
    3. Click Image Accelerator. In the displayed dialog box, click to copy the accelerator address.
      Figure 3 Copying an accelerator address

    4. Modify the /etc/docker/daemon.json file: 
      vim /etc/docker/daemon.json

      Add the following content to the file:

      {     
      "registry-mirrors": ["Accelerator address"] 
}
    5. After the configuration is complete, restart the container engine: 
      systemctl restart docker

      If the restart fails, check whether the registry-mirrors parameter is configured in other locations within the OS, such as /etc/sysconfig/docker and /etc/default/docker. If it is, delete the parameter and restart the container engine.

    6. View the Docker details: 
      docker info

      If the value of the Registry Mirrors field is the accelerator address, the accelerator has been configured.

      ...
Registry Mirrors:
  https://xxx.mirror.swr.myhuaweicloud.com/
...
  2. Create a file named Dockerfile in the mynginx directory. 
    mkdir mynginx
cd mynginx
touch Dockerfile
  3. Edit the Dockerfile file: 
    vim Dockerfile

    Add the following content to the Dockerfile:

    # Use the Nginx image as the base image.
FROM nginx:latest 

# Run a command to modify index.html of the Nginx image.
RUN echo "hello world" > /usr/share/nginx/html/index.html

# Permit external access to port 80 of the container.
EXPOSE 80
  4. Package the image: 
    docker build -t hello .

    In the preceding command, -t is used to add a tag to the image to name it. In this example, the image name is hello. The period . indicates that the packaging command is executed in the current directory.

  5. Check whether the image has been built. 
    docker images
    If information similar to the following is displayed, the image has been built: 
    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
hello               latest              1ff61881be30        10 seconds ago      236MB

Pushing the Image to an Image Repository

  1. Log in to the SWR console. In the navigation pane, choose My Images. On the page displayed, click Upload Through Client. In the dialog box displayed, click Generate a temporary login command. Then, copy the command and run it on the local host to log in to SWR.

  2. Before uploading an image, specify a complete name for the image. 
    docker tag hello swr.cn-east-3.myhuaweicloud.com/container/hello:v1

    In the preceding command, the parameters are as follows:

    • swr.cn-east-3.myhuaweicloud.com is the repository address, which varies with the region.
    • container is the organization name. An organization is typically created in SWR. If no organization is available, an organization will be automatically created when an image is uploaded to SWR for the first time. Each organization name is unique in a single region.
    • v1 is the version allocated to the hello image.
  3. Push the image to SWR: 
    docker push swr.cn-east-3.myhuaweicloud.com/container/hello:v1
  4. Pull the image: 
    docker pull swr.cn-east-3.myhuaweicloud.com/container/hello:v1