Docker Fundamentals
Table of contents
- What is Docker?
- Docker Image
- Docker Container
- Container Port VS Host Port
- Docker Hub
- Dockerfile
- Dockerfile Instructions
- CMD VS ENTRYPOINT
- DockerFile Example
- Docker Compose
- Docker Engine
- Docker Volume/Storage
- Docker Networking
- Docker Swarm VS Kubernetes
- Tags
- Docker Hub Commands
- Docker Containers Commands
- Docker Image Commands
- Docker Volume Commands
What is Docker?
Docker is an open-source software platform that packages the software and its dependencies into a single standardized unit called containers that have everything a software needs to run including libraries, system tools, code and runtime.
Docker allows you to run multiple containers simultaneously on a given host.
Docker Image
Docker Image is a read-only immutable template that defines how a container will be realized.
Docker images are a lightweight, standalone, executable package of software that includes everything needed to run an application i.e. code, runtime, system tools, libraries, and dependencies.
Docker Container
A Docker container is a runtime instance of a Docker image.
A container will always run the same, regardless of the infrastructure.
Containers isolate software from its environment and ensure that it works uniformly despite differences for instance between staging, development and production.
Container Port VS Host Port
Application inside a container runs in an isolated Docker network.
We need to expose the container port to the host (the machine on which a container is running) to access the application outside of a Docker container.
For that, we have a concept of PORT BINDING.
Port Binding binds the containers' port to the hosts' port to make the service available to the outside world.
Docker Hub
Docker Hub is a service provided by Docker for finding and sharing container images with your team.
It is a default registry from where Docker pulls its image.
Dockerfile
Dockerfile is a text document that contains commands to assemble a Docker image.
Docker can then build an image by reading those instructions.
It contains INSTRUCTIONS and ARGUMENTS.
It follows Layered architecture.
In a Dockerfile Everything on the left is INSTRUCTION, and on the right is an ARGUMENT to those instructions.
Dockerfile Instructions
FROM
RUN
ENV
ARG
COPY
ADD
EXPOSE
WORKDIR
LABEL
CMD
ENTRYPOINT
CMD VS ENTRYPOINT
- In the case of CMD instruction, the command line parameters passed will get replaced entirely whereas, in the case of ENTRYPOINT, the command line parameters will get appended.
DockerFile Example
Dockerize a NodeJS application.
FROM node: 18.17.0-alpine
WORKDIR /app
COPY package.json ./
COPY ./ ./
RUN npm install
EXPOSE 3000
CMD ["nodemon", "index.js"]
Docker Compose
If our application includes multiple containers, then we need to manage each of them individually like creating the containers, linking them with each other, exposing ports, managing environment variables, etc. which ultimately becomes complex.
To tackle this, Docker has a solution named Docker Compose.
With Docker Compose we create a configuration file in YAML format called docker-compose.yml where we define all the configurations of the containers that we need to run the application successfully.
Then simply run the docker compose-up command to bring up the entire application stack.
This is easier to implement and run as all changes are always stored in the docker-compose configuration file.
However, this is all only applicable to running a container on a single docker host.
Docker Engine
Docker Engine is the underlying client-server technology that is reponsible to perform all the Docker operations using Docker's components and services.
Docker Engine consists of
Docker CLI: It is a command line interface that can be used to perform actions such as running a container, stopping a container, etc. It uses a REST API to interact with the Docker daemon. Can also be present on some other hosts.
REST API: The REST API server is the API interface that programs can use to talk to the daemon and provide instructions.
Docker Deamon: It is a background process that manages Docker objects such as images, containers, volumes and networks.
Docker Volume/Storage
When you install Docker on a system, it creates the folder structure /var/lib/docker.
You have multiple folders under it like aufs, containers, images, volumes, etc.
This is where Docker stores all its data by default.
Volume mount mounts a volume from the created volumes directory and bind mount mounts a directory from any location on a Docker host.
Docker Networking
When you install Docker, it creates 3 networks automatically - Bridge, None, and Host.
Bridge
The bridge is a default network a container gets attached to.
They get internal IP addresses usually in the range 172.17 series.
The containers can access each other using this internal IP if required.
In the Bridge network, we explicitly need to bind the container's port to the host's port to access the application externally.
Host
Another way to access the containers externally is to associate the container with the host network.
This takes out any network isolation between the Docker host and the Docker container.
Meaning, if you run a web app container on port 5000 in a web container, it is automatically accessible on the same port externally without requiring any port mapping, as the web container uses the host's network.
This also means, you will not be able to run multiple containers on the same host on the same port, as the ports are now common to all containers in the host network.
None
- With None network, the containers are not attached to any network and do not have any access to the external network or other containers; they run in an isolated network.
Docker Swarm VS Kubernetes
Installation and Setup
Kubernetes: Complex installation and setup process.
Docker Swarm: Easy setup and installation process.
Load Balancing
Kubernetes: Does not offer automatic load balancing. Need to use a third-party tool.
Docker Swarm: Comes with internal load balancers. Offers automatic load balancing.
Monitoring
Kubernetes: Offers built-in monitoring.
Docker Swarm: Does not offer built-in monitoring. Need to use a third-party tool.
Scalability
Kubernetes: Supports autoscaling.
Docker Swarm: Supports manual scaling.
Environment
Kubernetes: Can handle large and complex environments.
Docker Swarm: Can handle simple environments.
Tags
-d | --detach
- Runs container in a background
-p | --publish
Publish a container port to the host.
Only 1 service can run on a specific port on the host.
-a | --all
- To list all containers, stopped and running.
--name
- Assign a name to a container.
-t | --tag
- Sets a name and optionally a tag in the "name: tag" format.
-e | --env
- To set the environment variable.
--link
- To link two containers together.
-it
- Runs a command in a container.
-v | --mount
- To mount the volume inside the Docker container's read-write layer.
--network
- To associate the container with any other network other than Bridge (default).
--cpus
- Docker uses control groups to restrict the amount of hardware resources allocated to each container.
--memory
- Limits the amount of memory the container can use.
Docker Hub Commands
docker login -u <username>
- Login into Docker.
docker pull <image_name>:<tag>
Use to pull the image from the Docker registry.
The default registry is docker.io - Docker Hub
docker push <username>/<image_name>
- Publish an image to Docker Hub
docker search <image_name>
- Search Docker Hub for a specified image.
Docker Containers Commands
docker run <image_name/image_id>:<tag>
Use to run Docker image.
It does not reuse the previous container but generates a new one every time.
Docker pulls the image automatically if it does not find it locally, i.e. we can directly use the docker run command without docker pull.
docker run --name <container_name> <image_name>
- Create and run a container from an image with a custom container name.
docker run -p <host_port>:<container_port> <image_name>
- Publish a container's port to the host.
docker logs <container_name/container_id>
Fetch and follow the logs of a container.
View logs from service running inside a container.
docker ps
- To list currently running containers.
docker ps --all/-a
- To list all containers both running and stopped.
docker start|stop <container_name/container_id>
- Start or stop an existing one or more containers.
docker rm <container_name/container_id>
- Remove a stopped container.
docker exec -it <container_name/container_id> sh
- Open a shell inside a running container.
docker inspect <container_name/container_id>
To inspect a running container.
Under the config section, there is a list of environment variables set on the container.
docker container stats
- To view resource usage stats.
Docker Image Commands
docker images
- To list the local images.
docker rmi <image_name>
- To delete/remove a local image.
docker image prune
- Remove all unused images.
docker build -t <image_name:tag>
- Build an image from a Dockerfile.
Docker Volume Commands
docker volume create <volume_name>
- It creates a folder with the defined <volume_name> under /var/lib/docker/volume directory.
docker run -v <created_volume_name>:/var/lib/mysql mysql
- To mount the created volume into /var/lib/mysql.