Docker/Container Introduction
What is Docker?
Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.
https://www.docker.com/company/newsroom/media-resources
Pattern: Service instance per container
Context
You have applied the Microservice architecture pattern and architected your system as a set of services. Each service is deployed as a set of service instances for throughput and availability.
Problem
How are services packaged and deployed?
Solution
Package the service as a (Docker) container image and deploy each service instance as a container
Installing Docker
First Steps
Now that you have Docker installed, lets have a quick look at what’s available.
let’s view the version numbers for the Docker installation. This is also a great way to ensure Docker is installed and running correctly.
docker versionOutput similar to this
Client:
Cloud integration: v1.0.22
Version: 20.10.11
API version: 1.41
Go version: go1.16.10
Git commit: dea9396
Built: Thu Nov 18 00:42:51 2021
OS/Arch: windows/amd64
Context: default
Experimental: trueServer: Docker Engine - Community
Engine:
Version: 20.10.11
API version: 1.41 (minimum version 1.12)
Go version: go1.16.9
Git commit: 847da18
Built: Thu Nov 18 00:35:39 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.12
GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Docker architecture (Reference : https://docs.docker.com/get-started/overview/)
Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing your Docker containers. The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface. Another Docker client is Docker Compose, that lets you work with applications consisting of a set of containers.
Reference : https://docs.docker.com/get-started/overview/
Docker daemon
The Docker daemon (dockerd) listens for Docker API requests and manages Docker objects such as images, containers, networks, and volumes. A daemon can also communicate with other daemons to manage Docker services.
Docker client
The Docker client (docker) is the primary way that many Docker users interact with Docker. When you use commands such as docker run the client sends these commands to dockerd, which carries them out. The docker command uses the Docker API. The Docker client can communicate with more than one daemon.
Docker registries
A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker is configured to look for images on Docker Hub by default. You can even run your own private registry.
When you use the docker pull or docker run commands, the required images are pulled from your configured registry. When you use the docker push command, your image is pushed to your configured registry.
Docker objects
When you use Docker, you are creating and using images, containers, networks, volumes, plugins, and other objects. This section is a brief overview of some of those objects.
Images
An image is a read-only template with instructions for creating a Docker container. Often, an image is based on another image, with some additional customization. For example, you may build an image which is based on the ubuntu image, but installs the Apache web server and your application, as well as the configuration details needed to make your application run.
Containers
A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state.
Top Docker Commands
docker version
docker pull
docker run
docker ps
docker ps -a
docker exec
docker stop
docker kill
docker commit
docker login
docker push
docker images
docker rm
docker rmi
docker build
docker infodocker pull
Pull an image or a repository from a registry
docker run
Run a command in a new container
docker run -it -d ubuntuOutput similar to this
4e4d49a5495585d80a6e8e9ddd9e5ab3336a1247c93f068fa353fbb95a75e6d6docker ps
List containers
docker psOutput similar to this
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e4d49a54955 ubuntu "bash" 47 seconds ago Up 46 seconds elegant_moserdocker ps -a
Show all containers (default shows just running)
docker ps -aOutput similar to this
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e4d49a54955 ubuntu "bash" About a minute ago Up About a minute elegant_moser
3d75c8252715 mysql "docker-entrypoint.s…" 4 weeks ago Exited (0) 8 seconds ago setup-mysql_db_1docker exec
Run a command in a running container
docker exec -it 4e4d49a54955 bash
root@4e4d49a54955:/# echo "hi" > /home/demo.txt
root@4e4d49a54955:/# cat /home/demo.txt
hidocker commit
Create a new image from a container’s changes
docker commit 4e4d49a54955 app:1.0Output similar to this
sha256:aa62d74330275add9450*************************************docker stop
Stop one or more running containers
docker stop 4e4d49a54955Output similar to this
4e4d49a54955docker start
docker start 4e4d49a54955Output similar to this
4e4d49a54955docker kill
Kill one or more running containers
docker kill 4e4d49a54955Output similar to this
4e4d49a54955docker login
Log in to a Docker registry or cloud backend. If no registry server is specified, the default is defined by the daemon.
docker loginOutput similar to this
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to <https://hub.docker.com> to create one.
Username ([username]):
Password: **********docker push
Push an image or a repository to a registry
docker push app:1.0docker images
List images
docker imagesOutput similar to this
REPOSITORY TAG IMAGE ID CREATED SIZE
app 1.0 aa62d7433027 11 minutes ago 72.8MB
ubuntu latest 54c9d81cbb44 14 minutes ago 72.8MBdocker rm
Remove one or more containers
docker rm ccd3f585bb2aOutput similar to this
ccd3f585bb2adocker rmi
Remove one or more images
docker rmi app:1.0Output similar to this
Untagged: app:1.0
Deleted: sha256:aa62d74330275add945070457b21c9da20d712f2717f3f803cd8e434f2b65d32
Deleted: sha256:878d2ffe799cf21525e9b4ae727df1e0f5c3c0122c7d5fdc8843e8a92f6ff87cdocker build
Build an image from a Dockerfile
A Dockerfile looks like this:
FROM ubuntu:latest
RUN apt-get update
RUN apt-get install -y nginx
ENTRYPOINT ["/usr/sbin/nginx","-g","daemon off;"]
EXPOSE 80docker build -t custom-ngnix:1.0 .
Output similar to this
[+] Building 0.1s (7/7) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 169B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:latest 0.0s
=> [1/3] FROM docker.io/library/ubuntu:latest 0.0s
=> CACHED [2/3] RUN apt-get update 0.0s
=> CACHED [3/3] RUN apt-get install -y nginx 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:f9b17c40d4a92460a6a1918c2503d2c0e12c3b515e542d1c709d6dad022e9365 0.0s
=> => naming to docker.io/library/custom-ngnix:1.0 0.0sdocker info
Display system-wide information
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.7.1)
compose: Docker Compose (Docker Inc., v2.2.1)
scan: Docker Scan (Docker Inc., v0.14.0)Server:
Containers: 35
Running: 33
Paused: 0
Stopped: 2
Images: 38
Server Version: 20.10.11
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc version: v1.0.2-0-g52b36a2
init version: de40ad0
Security Options:
seccomp
Profile: default
cgroupns
Kernel Version: 5.10.76-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 6
Total Memory: 1.909GiB
Name: docker-desktop
ID: JHIS:7TJM:OPIA:JYFM:2XCV:KUM3:Y4BY:YDJC:6VDD:L4GA:DM74:PAOD
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: <https://index.docker.io/v1/>
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Docker Compose
Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.
A docker-compose.yml looks like this:
version: '3.1'
services:
web:
image: open-liberty:21.0.0.9-full-java8-openj9
restart: always
ports:
- "9199:9080"to run compose file
docker compose upUseful links
Alternatives to Docker
The Open Container Initiative (OCI) is an industry standards organization that encourages innovation while avoiding the danger of vendor lock-in. Thanks to the OCI, you have a choice when choosing a container toolchain, including Docker, CRI-O, Podman, LXC, and others.
The OCI currently contains two specifications: the Runtime Specification (runtime-spec) and the Image Specification (image-spec). The Runtime Specification outlines how to run a “filesystem bundle” that is unpacked on disk. At a high-level an OCI implementation would download an OCI Image then unpack that image into an OCI Runtime filesystem bundle. At this point the OCI Runtime Bundle would be run by an OCI Runtime.
