Docker Compose vs Docker Swarm The difference lies mostly in the backend, where docker-compose deploys container on a single Docker host, Docker Swarm deploys it across multiple nodes.
现在想想,当时组员在本地搭建DataStage也应该用docker compose, it is especially good for web development:
- accelerate onboarding
- eliminate app conflicts
- environment consistency
- ship software faster
Install
https://docs.docker.com/compose/install/ For Mac docker-compose is self-contained with Docker desktop:
1 | ## check location |
For Linux, first install Docker Engine
, then download docker-compose to executable path:
1 | ## 1.26.2 is current stable version |
or download binary from github release directly: https://github.com/docker/compose/releases
Uninstall docker-compose, remove binary:
1 | sudo rm -f /usr/local/bin/docker-compose |
Getting Started
https://docs.docker.com/compose/gettingstarted/
If you know how to write yaml file for Kubernetes, then quick easy to understand the docker-compose.yml
.
Some basic commands:
1 | ## build or rebuild service images |
Command Completion
https://docs.docker.com/compose/completion/#install-command-completion
for oh-my-zsh, add docker
and docker-compose
to plugins list in ~/.zshrc
:
1 | plugins=(... docker docker-compose) |
Config File
遇到没见过的指令,查阅这里, see left sidebar version 3
.
Define services relationship in docker-compose.yml
file.
1 | ## docker-compose.yml can parse env variables in current running environment |
More about environement variables:
By default, the docker-compose command will look for a file named .env
in the directory you run the command. By passing the file as an argument, you can store it anywhere and name it appropriately, for example, .env.ci
, .env.dev
, .env.prod
. Passing the file path is done using the --env-file
option:
1 | docker-compose --env-file ./config/.env.dev up |
.env
contains key=value
format equaltions.
Storage
Image is set of read-only layers (shared), whereas container has its unique thin read write layer but it is ephemeral.
关于storage的讲解: https://docs.docker.com/storage/ 这里主要弄清楚volumes, bind mounts and tmpfs的区别和使用:
如果docker host的文件系统和docker container使用的不一样,bind mounts如何处理呢? 并且内外user, group都不一样,如果在docker container中新建一个文件,bind mounts 在host中如何映射呢?
Docker Compose Volume: https://docs.docker.com/compose/compose-file/#volumes 这里讲了如何mount host path or named volumes.
Volumes
https://docs.docker.com/storage/volumes/ 类似于K8s的volume claim, general preferred.
Stored in a part of the host filesystem which is managed by Docker (/var/lib/docker/volumes/
on Linux). Non-Docker processes should not modify this part of the filesystem. Volumes are the best way to persist data in Docker.
A given volume can be mounted into multiple containers simultaneously. When no running container is using a volume, the volume is still available to Docker and is not removed automatically.
1 | docker volume create <volume name> |
When you mount a volume, it may be named or anonymous.
Volumes also support the use of volume drivers, which allow you to store your data on remote hosts or cloud providers, among other possibilities.
If you need to specify volume driver options, you must use --mount
, -v
的表示比较局限, 这里只是一个简单的例子, 实际上用--mount
的配置选项很多:
1 | ## docker will create volume myvol2 automatically if it does exist |
If the container has files or directories in the directory to be mounted (such as /app/
above), the directory’s contents are copied into the volume, other containers which use the volume also have access to the pre-populated content.
Bind Mounts
https://docs.docker.com/storage/bind-mounts/ 类似于K8s的hostpath, use case for example, mount source code for development.
May be stored anywhere on the host system. They may even be important system files or directories. Non-Docker processes on the Docker host or a Docker container can modify them at any time.
The file or directory does not need to exist on the Docker host already. It is created on demand if it does not yet exist.
Bind mounts are very performant, but they rely on the host machine’s filesystem having a specific directory structure available.
1 | docker run -d \ |
If you bind-mount into a non-empty directory on the container, the directory’s existing contents are obscured by the bind mount.
tmpfs
https://docs.docker.com/storage/tmpfs/ Only Linux has this option, useful to temporarily store sensitive files. Stored in the host system’s memory only, and are never written to the host system’s filesystem.
1 | docker run -d \ |
Network
这个章节讲到了所有docker network的类型,作用,区别: https://docs.docker.com/network/
Docker network labs: https://github.com/docker/labs/tree/master/networking
From docker’s perspective, Steps to create a container network:
- create a custom bridge network
1 | ## create a bridge network isolated_network |
- run containers in the network and ping each other by container name
1 | ## create 2 busybox in the same network |
- remove network created
1 | docker network rm isolated_network |
同样的思路,可以用docker command查看docker-compose中建立的network的信息。
列出了docker compose中top-level networks 创建时的options, after creating top-level networks, they can be referenced by service-level to use: https://docs.docker.com/compose/compose-file/#network-configuration-reference
这篇文章说得很明白, docker compose中network是如何作为的: https://docs.docker.com/compose/networking/
这个例子很有意思,把frontend, backend的网络分开了, only app can reach both networks: https://docs.docker.com/compose/networking/#specify-custom-networks
1 | version: "3" |
Resource
类似于K8s, 也有quota的配置在deploy key下面,但是docker compose file v3 并不支持: ignored by docker-compose up and docker-compose run
,虽然可以转换成v2,比如:
1 | docker-compose --compatibility up |
但是是best effort , 见这里讨论: How to specify Memory & CPU limit in docker compose version 3
Docker Compose file version 2是支持quote设置的: https://docs.docker.com/compose/compose-file/compose-file-v2/#cpu-and-other-resources