docker network && storage summary


按照官方文档讲常用基本 network 有3种:bridge、overlay、host。
  1. bridge:单一主机上容器连通网络,可以隔离其他容器,同时命名 bridge netowrk 比默认的多了名字解析功能,每个容器拥有自己的 ip。

  2. overlay:多主机上容器连通网络。

    • an overlay network called ingress, which handles control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default.
    • a bridge network called docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm。
  3. host:容器使用 host 主机的 ip。



volume 有几种创建方式:
  • 常规挂载到本机
  • sshfs 挂载到其他主机:
docker plugin install --grant-all-permissions vieux/sshfs
docker volume create --driver vieux/sshfs \
  -o [email protected]:/home/test \
  -o password=testpassword \
docker volume create --driver vieux/sshfs \
  -o [email protected]:/home/test \
  -o password=testpassword \

 # 注意这里 node2 需要 docker daemon。另外如果已经共享了公钥,可以省略参数 password。
bind propagation 配置有6种:

若有 /mnt_origin, /mnt_replica 2个挂载点: - shared:任意挂载点下创建文件,彼此都可见。

  • slave:单向传播,mnt_origin 下创建的文件,mnt_replica 下可见;反之不行。
  • private: 彼此下新建文件都不可见。
  • 上述3种模式都有对应的 r+ 模式,表示递归。

Docker Get Started, Part 1~6 Summary


a server app 
-> docker build image from a Dockerfile
-> docker run


one host, run a service with multi app instance
-> docker swarm init 
-> docker stack deploy -c docker-compose.yml xxx, which define replic, deploy params …
-> docker stack rm xxx
-> docker swarm leave --force


multi host as a cluster, run a service with multi app instance, strategies to run containers in compose.yml can be:
    “emptiest node”: fills the least utilized machines with containers. 
    “global”: which ensures that each machine gets exactly one instance of the specified container
-> docker-machine create
-> docker swarm init on one host as master
-> docker swarm join master as worker


with multi host as a cluster, run multi services which can be run in multi app instance, 
using strategies the same as swarms


What is the difference between docker service and stack?