Docker

Docker is a platform as a service (PaaS) product that uses OS-level virtualization to deliver software in packages called containers.

What is a container?

Containers are the environment in which an image executes, along with the virtual file system and configurations that the image uses. Containers allow for a way to package an application with all the necessary dependencies and configurations in order for it to operate. They are portable artifacts that are easily shared and moved. Containers make development and deployment of applications more efficient.

Containers are composed of layers of images that are based on a vitalized operating system application layer. This vitalized application layer is referred to as the base image (e.g., alpine:3.10 would be a Linux base image). This base image only vitalizes the application layer of the operating system. Docker does not contain a kernel, it transfers all kernel space operations to the host system’s kernel (thus the OS must match for the guest and host). Typically, it is preferred that you use a base image that is as small as possible. Application images are layered atop the base image. One advantage to this layering scheme is/ if there is any update to any image in the container, only that image needs to be updated.

You can think of a container as an instance of a docker image. Images are the things that are actually moved around and containers are the running instances of those images.

Containers are bound to a port to allow for communications between the applications in the container and the host machine.

Where do containers live?

Containers reside primarily in a container repository, these repositories are usually privately hosted by companies or individuals or they may be stored on a public repository for docker containers such as DockerHub.

What is the difference between containers and virtual machines?

The distinction that docker only virtualizes the application layer rather then having full OS virtualization, consisting of both the application layer and OS kernel, is the key difference between containers and virtual machines; which do full OS virtualization.

  • Docker images are typically much smaller than full virtual machines. ~10x smaller.
  • Docker images start much faster. ~10x faster.
  • Virtual machines can emulate any OS guest system on any host OS.

Port Binding

There may ba a case in which the host machine will have multiple containers that are running. Some may be configured to use the same ports for their communications to the host machine. In this case, we will need to resolve this by creating bindings from the host machine to the containers.

To specify the port that binding of a container you can define the binding in the docker run command like this,

docker run -p <host-port>:<container-port>

This way, if there are multiple containers of the same image the host will be able to resolve communications with them.

Docker Network

Docker creates an isolated virtual network separate from existing physical networks that are available to the host machine. Docker containers can communicate with each other using only the container-id or name. In order for external applications to communicate with the containers, they have to connect to the virtual network via a ip-port configuration on the host machine

Docker Compose

Docker can use .yaml files to configure common compositions of containers so that multiple containers can be controlled, started, or stopped together. To start a composition use the following command:

docker-compose -f <yaml-composition-file> up -d

To stop them use:

docker-compose -f <yaml-composition-file> down

Useful Docker CLI Command

List local images docker images

Pull a docker repository image to the local host environment.

docker pull <docker-image>

Start the container in attached mode (holds the terminal and displays output)

docker run <image>

or, in detached mode

docker run -d <image>

docker run will run a pull if the image isn’t found locally and then will start the container for that image when it is finished downloading. Effectively running docker pull; docker start.

Give a new container a name when instantiated with docker run rather than it have a randomly generated name assigned to it.

docker run --name <name> <image>

Start a container by container id or name

docker start <container-id|name>

Stop a container by container id or name

docker stop <container-id|name>

List running containers

docker ps

or

docker container ls

List all containers registered by the docker daemon/engine

docker ps -a

Commands for Networking

List the available docker virtual networks

docker network ls

Create a new docker virtual network

docker network create <network-name>

Commands for Debugging

Get the logs for a container by id or name

docker logs <container-id|name>

Get an interactive terminal of a running container.

docker exec -it <container-id|name> <shell (i.e., /bin/bash)>