Docker: Difference between revisions

Resources

• Docker Hub Public Repository
• Docker Youtube Tutorial

History

Docker container technology was launched in 2013 as an open source Docker Engine. It leveraged existing computing concepts around containers and specifically in the Linux world, primitives known as cgroups and namespaces. Docker's technology is unique because it focuses on the requirements of developers and systems operators to separate application dependencies from infrastructure. Success in the Linux world drove a partnership with Microsoft that brought Docker containers and its functionality to Windows Server (sometimes referred to as Docker Windows containers).

Concepts

• Docker runs on a Host Operating System.
• A Docker Container is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings, but in difference to VMs it does not include the (guest) OS layer (difference between Docker and VMs see here). Containers isolate software from its environment and ensure that it works uniformly despite differences for instance between development and staging. Docker container have their own (temporary) file system. Docker Container are created when you run an image.
• A Docker Container is running on the Docker Host. Multiple container can run on the same host. The Docker Daemon as part of the host manages the containers
• A Docker Container can have the states 'created', 'running', 'restarting', 'exited', 'paused', 'dead'. There could be several reasons why a running container would exit. Let's look into a few of them:
  • The process inside the container was completed, and so it exited.
  • The process inside the container encountered an exception while running.
  • A container is intentionally stopped using the docker stop command.
  • No interactive terminal was set to a container running bash.
• The Docker Client steers the daemon and is accessed via terminal (Powershell, Linux shell, …).
• A Docker Image is a unmutable template with instructions for creating Docker containers and is build using a file called Docker file. The Docker image is stored in the Docker Hub or in a registry.
• Docker image ---> commands (pull from repository, …) ---> Docker container
• Images are stored in a registry, the public registry is Docker Hub.
• Docker Volumes are used to store data and to share data across containers.

Creating Images

1. create a file called 'Dockerfile'. Dockerfiles define images.
2. run the following command to build an image

docker build Dockerfile -t <IMAGE_NAME>
// docker push <IMAGE_NAME>

Dockerfile

Comment lines starts with # (hash).

Docker files consists of <INSTRUCTION> <ARGUMENTS>. The first instruction is always

FROM <BASE_IMAGE> // e.g. base image FROM Ubuntu, by default Docker Hub is used as registry

Then the RUN instructions gets all dependencies e.g.

RUN apt-get update

Then copy source code e.g.

COPY . /app // app is a directory of the container 

The work directory defines the directory for the commands e.g.

WORKDIR /app

To run something the RUN command is used e.g.

RUN pip install flask

Define default command

CMD ... // e.g. 'CMD sleep 5' or 'CMD ["sleep","5"]

or

ENTRYPOINT["<COMMAND"] // e.g. 'ENTRYPOINT ["sleep"]' and call it with 'docker run <IMAGE_NAME> [<ENTRYPOINT_PARAMETER>]

Volumes

• Volumes are folder on the host which are mounted to a container.

Networks

• default networks
• the docker engine has a internal DNS server

Commands

Docker

// general options
-H=<REMOTE_DOCKER_ENGINE>:<PORT> // e.g. docker -H=<IP>:<PORT> run nginx

docker build [--tag <IMAGE_NAME>] . // uses the file 'Dockerfile' in the actual directory and creates an image named <IMAGE_NAME>

docker container ls

docker exec
docker image (ls | prune | remove <IMAGE_NAME>)

docker images // lists all images

docker inspect <CONTAINER_NAME>

docker logs <CONTAINER_NAME> // shows log of the container

docker network create <NETWORK_NAME>
docker network ls
docker network inspect bridge // show details for the default network 'bridge'

docker pull <IMAGE> // e.g. docker pull mysql/mysql-server:latest

docker ps [<OPTIONS>] // lists all running containers
// -a all e.g. all containers in exited state

docker rm <CONTAINER_NAME>

docker rmi <IMAGE_NAME> // deletes an image

docker run [<RUN_OPTIONS>]  <IMAGE_NAME>:<TAG> [<COMMANDS>] [<ARGS>] // runs an image
// RUN_OPTIONS are:
// --cpus=<NUMBER>
// -d detach, run in background
// -e <ENV_VARIABLE_NAME>=<VALUE>
// --entrypoint <OVERWRITTEN_ENTRYPOINT>
// -i use stdin
// --link <CONTAINER_REF>:<CONTAINER_NAME>
// --memory=<AMOUNT>
// --mount type=bind,source=<HOST_DIR>,target=<CONTAINER_DIR> // moderne volume mounting
// --name <NAME>
// --network=<NETWORK_NAME>
// -p <HOST_PORT_NUMBER>:<CONTAINER_PORT_NUMBER>
// -rm // to remove the container after it has executed
// -t attach terminal
// -v <VOLUME_NAME>:<CONTAINER_DIR>, <VOLUME_NAME> is located in /var/lib/docker/volumes/... of the host file system, this is called volume mounting
// -v <HOST_DIR>:<CONTAINER_DIR>, this is called bind mounting
// <TAG> can be a version number, default is 'latest'
// <COMMANDS> overwrite the CMD of the docker file
//
// e.g. docker run --name=TestMySQL -d mysql/mysql-server:latest

docker start
docker stop <CONTAINER_NAME>
docker volume (create | ls | rm | prune | …) // /var/lib/docker/volumes/<VOLUME_NAME>

Docker Compose

Services refer to container configurations. Volumes are disc space shared between host and container or between containers. Networks define the communication rules between containers or between containers and the host.

docker-compose up // uses docker-compose.yml

docker-compose.yml

There are different versions of the format.

Version 1

<CONTAINER_NAME>:
  [build: <DIR>]
  image: <IMAGE_NAME>
  ports:
    - 
  links:
    -

Version 2

 version: 2
 services:
   <CONTAINERNAME>
   ...
 

Version 3

services
   ...
volumes:
   ...
networks:
  ...

Services

services:
  <SERVICE_NAME>:
    [image: <IMAGE_NAME>:<TAG>]
    [build: <PATH_TO_DOCKERFILE>]
    [ports: 
      - "<INTERNAL_PORT>:<PORT_TO_BE_USED_BY_HOST>"]  // expose ports to the host