DevOps/Docker

Docker is a software available since 2013 that among other features performs operating-system-level virtualization also known as containerization

Features

Docker offer the following features:

Package an application and its dependencies in a virtual container that can run on any Linux server (docker images)
Pull or push docker images to a container repository/container registry (docker pull^[1], docker push). By default docker hub but you can specify any other registry.

Installing Docker

You can read official Docker documentation about installing Docker on your system: https://docs.docker.com/install/.

On macOS you can follow official documentation https://docs.docker.com/docker-for-mac/install/ which requires to create and account to download installer. You can also try: brew cask install docker or try to follow https://pilsniak.com/how-to-install-docker-on-mac-os-using-brew/ instructions:

brew install docker docker-compose docker-machine(to install docker and docker-compose)

brew cask install virtualbox

docker-machine create --driver virtualbox default

docker-machine ls

docker-machine env default

eval $(docker-machine env default)

docker run hello-world (will pull hello-world image and run it on docker)

On Ubuntu: snap install docker

Binaries

Following binaries will be installed: docker-init, docker-proxy, docker and dockerd

Verifying Docker installation

Once installed the Docker daemon, called "dockerd" should be running. You can also run docker run hello-world to verify docker correct installation.

Configuration files

Ubuntu: /etc/docker/daemon.json

Docker Releases (Docker Engine release notes)

Use: docker version^[2] to check your version. You can download Docker CE source code from GitHub^[3].

Docker Command Line

You can read official docker command line documentation in https://docs.docker.com/engine/reference/commandline/docker/. Before being able to run docker commands you will have to install Docker on your machine.

Some typical task using containers:

Docker verification commands

Verify correct installation: docker run hello-world

You will see some message similar to this one:

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
ca4f61b1923c: Pull complete
Digest: sha256:97ce6fa4b6cdc0790cda65fe7290b74cfebd9fa0c9b8c38e979330d547d22ce1
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://cloud.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

Docker image and container creation

Create a new docker image base on alpine linux distribution and login into the new container: docker run -it alpine sh
Create a new docker image: docker build
- Create a new docker image by creating a new text file with instructions, usually called Dockerfile^[4]: docker build -f /path/to/a/Dockerfile .
Create a container: docker create
Generate a mediawiki:1.27 image: docker build --tag mediawiki:1.27 . (you can use -t or --tag)
Execute or run a container based on mediawiki:1.27 image: docker run --name wikiFGA -p 0.0.0.0:9090:80 -d mediawiki:1.27

Docker Container Operation

Start an existing container: docker start CONTAINER_ID OR CONTAINER_NAME. See also docker run and differences^[5].
Stop an running container: docker stop container_id

Show only running containers:
- docker container ls ^[6] or docker ps ^[7]. (docker container ls) introduced in 2017 in Docker 1.13^[8] (There is no difference between both commands)^[9]

Show containers (running or not):
- docker ps -a : https://docs.docker.com/engine/reference/commandline/ps/
- docker container ls -a . See also docker-compose ps

Login/Connect into a running container:
- docker exec^[10] -it <my_container_name> bash
- docker exec -it <my_container_name> sh

Start stopped containers: docker start $(docker ps -a -q -f status=exited)
Restart all containers: docker restart $(docker ps -aq) previously docker restart $(docker ps -q)-a all -q quiet^[11]

Start configuration behavior and restart policy^[12]

See also: docker compose and docker stack

Docker images management

List created images: docker images^[13], docker image ls (both commands seems to perform the same action, note it is image instead of images)

Images are stored in docker info | grep "Docker Root Dir"^[14]

docker image rm^[15]. See also: docker rm CONTAINER

Docker Network command line commands

docker network ls
docker network inspect
Deprecated: docker --link^[16]

Docker resource limitation

Limit container CPU usage to 0.5 cpus: docker run -it --cpus=".5" docker_image /bin/bash
Limit memory requires your kernel to have functionality activated, you can check it executingdocker info. See https://docs.docker.com/install/linux/linux-postinstall/ and docker-compose resource limitation example: DevOps/Docker/docker compose/Version 3 resouces

Docker: Working with remote repositories/registries

You will be using mainly the following commands docker login, docker logout, docker pull and docker push. Docker registry allow to configure notifications. ^[17]. Docker has a public repository called Docker Hub and cloud providers offer repositories services such as AWS Elastic Container Registry (ECR).

Docker Swarm

docker swarm^[21]
docker nodes

Maintenance

docker system prune -a remove unused and dangling images. Therefore any images being used in a container, whether they have been exited or currently running, will NOT be affected.^[22]

Volumes

docker volume: https://docs.docker.com/engine/reference/commandline/volume/
docker volume ls: https://docs.docker.com/engine/reference/commandline/volume_ls/
docker inspect -f 'Template:.Mounts' CONTAINER_NAME^[23]
docker volumes prune

Docker logging

Docker support logging to format or different platforms, such as, json-file, syslog, journald, gelf, fluentd, awslogs, splunk, etwlogs, gcplogs and logentries.^[24]

Configuration is done at docker container start time with command docker run -it --log-drive LOG_METHOD CONTAINER_ID
Check method configured in a running container:
- docker inspect -f 'Template:.HostConfig.LogConfig.Type' CONTAINER_ID
- docker inspect -f 'Template:.HostConfig.LogConfig' CONTAINER_ID
View logs

docker logs CONTAINER_NAME_OR_ID (Docker Community Engine only support: local, json-file and journald)

docker logs CONTAINER_NAME_OR_ID 2>&1 | grep "STRING_TO_SEARCH" (You will need to redirect outputs to be able to grep output)^[25]

See https://docs.docker.com/config/containers/logging/ for more information

Misc

docker tag^[26]

Activities

Read docker blog: https://blog.docker.com/
Read Docker Engine release notes (2017) and Docker CE or Docker EE releases.
Understand the difference between an image and a container, Docker Images vs. Containers: https://stackoverflow.com/a/26960888
Understand the difference between docker start and docker run: https://stackoverflow.com/questions/34782678/difference-between-running-and-starting-a-docker-container. See also runC
Read Stackoverflow questions related to docker: https://stackoverflow.com/questions/tagged/docker?tab=Votes

References

← Ansible Vault

DevOps

Container-Orchestration →

[1] ttps://docs.docker.com/engine/reference/commandline/pull/

[2] ttps://docs.docker.com/engine/reference/commandline/version/

[3] ttps://github.com/docker/docker-ce/releases

[4] ttps://docs.docker.com/engine/reference/builder/

[5] ttps://stackoverflow.com/questions/34782678/difference-between-running-and-starting-a-docker-container

[6] ttps://docs.docker.com/engine/reference/commandline/container_ls/

[7] ttps://docs.docker.com/engine/reference/commandline/ps/

[8] ttps://www.docker.com/blog/whats-new-in-docker-1-13/

[9] ttps://stackoverflow.com/a/45254760

[10] ttps://docs.docker.com/engine/reference/commandline/exec/

[11] ttps://stackoverflow.com/questions/38221463/command-for-restarting-all-running-docker-containers

[12] ttps://docs.docker.com/config/containers/start-containers-automatically/#use-a-restart-policy

[13] ttps://docs.docker.com/engine/reference/commandline/images/

[14] ttps://stackoverflow.com/questions/19234831/where-are-docker-images-stored-on-the-host-machine

[15] ttps://docs.docker.com/engine/reference/commandline/image_rm/

[16] ttps://docs.docker.com/network/links/

[17] ttps://docs.docker.com/registry/notifications/

[18] ttp://manpages.ubuntu.com/manpages/disco/man1/docker-inspect.1.html

[19] ttps://docs.docker.com/engine/reference/commandline/image_inspect/

[20] ttps://docs.docker.com/engine/reference/run/

[21] <https://docs.docker.com/engine/reference/commandline/swarm/

[22] ttps://stackoverflow.com/a/45143234

[23] ttps://stackoverflow.com/questions/30133664/how-do-you-list-volumes-in-docker-containers

[24] ttps://docs.docker.com/config/containers/logging/configure/

[25] ttps://stackoverflow.com/questions/34724980/finding-a-string-in-docker-logs-of-container

[26] ttps://docs.docker.com/engine/reference/commandline/tag/

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]

[24]

[25]

[26]