Docker
Download as PPTX, PDF1 like143 views
The document provides an overview of Docker, detailing its core components like the Docker client and daemon, and the difference between stateless and stateful applications. It discusses how Docker functions through execution drivers, container registries, and orchestration tools, as well as offering installation instructions and common command usages for managing Docker images and containers. Additionally, it highlights networking in Docker and the structure of Dockerfiles for building images.
Docker
- 1. DOCKER Getting Started Created By ENG/Hussien Elhannan hussien.elhannan@gmail.com
- 3. Docker Engine: •Docker engine is the core piece of software for building images and running containers With these major components: Docker client : is the primary way that many Docker users interact with Docker. When you use commands such as docker run, the client sends these commands to dockerd, which carries them out. And also the Docker client can communicate with more than one daemon. Docker daemon: (dockerd) listens for Docker API requests and manages Docker objects such as images, containers, networks, and volumes. A daemon can also communicate with other daemons to manage Docker services. Note : The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface.
- 4. Stateless App vs Stateful app : Stateless App: - Doesn’t keep many data - Forward the connection and once done it forget all about it’s done and move to the next task - Ex : Web Servers Stateful App: - Keep changes and data - Remember your connections - Ex : Database or key Value store (is a simple database that uses an associative array (think of a map or dictionary)
- 5. Behind the scenes, How Docker works ? Execution Driver
- 6. Kernel Namespaces : allow us to partition up system name spaces like process ID tree or usr Namespaces or networking Namespaces ,…. and assign a partition to one container and so on Control Groups (Cgroups) : group together resources and apply limits like QOS rules Container A Container B Container C
- 7. Capabilities : ability to slice privileges of a root and give one of them to a user or a container. LibContainer : replaced the LXC as an execution drive Between Docker engine and kernel with it’s features Such as NameSpaces,Cgroups and Capabilities and Not only we have control on it in contrast with LXC You also can ship it into the Docker Daemon
- 8. Docker Registries : - Stores Docker images such as Docker Hub and Docker Cloud are public registries that anyone can use (#Push, Pull), and Docker is configured to look for images on Docker Hub by default. You can even run your own private registry. If you use Docker Datacenter (DDC), it includes Docker Trusted Registry (DTR). - Docker Hub contain official repositories or customized
- 9. Container Orchestration : From Docker Inc. Perspective orchestration can be done on three products: Tutem : official Docker Platform for deploying and managing your apps in the cloud from a pretty UI. Tutem
- 10. Docker Images : Image consist of layers (sometimes called images) , The Base layer which got our root file system (all file systems and directories required to make our container stripped down bare minimum OS ) then layer 1 for example may be nginx and layer 2 for some Updates Note : 1- each layer can be shared with another container separately 2- Images ~ Stopped Containers , Containers ~ Running images.
- 11. Installing Docker : According to the Linux Distro you will find a little different steps between every distro So we can use this script which mainly works fine on manty distros : # wget -qo- https://get.docker.com/ | sh + For CentOS : we can also use # yum install –y docker #systemctl start docker.service + For Ubuntu : we can also use # apt-get install –y docker.io # service docker.io status
- 12. Docker Images commands : - Tag image as the latest : #docker tag Image-ID name:latest - List images stored locally : #docker images - Pull image : #docker Pull Image-name - Delete image : #docker rmi name:tag - Path of stored image from HUB : /var/lib/docker/aufs or another union mount technology/… - save new image with changes made on it or installed apps : #docker comit Image-ID new-name - see top process on the container : #docker Top Image-ID - push image to specific repo : 1- #docker tag Image-ID Name 2- #docker push name(username):version - see history of commands that created the layers of image : #docker history img
- 13. Container Commands : - Show running container #docker ps - Show running and Stopped container #docker ps –a - Exit from container Shell : CTRL+P+Q - Add user to docker group and take root privileges of the container without needing to give every user root privileges #gpasswd -a username docker - Run container : #docker run - -name *** –it Ubuntu /bin/bash *Note : running from stored image or image on hub - Start container already exist : #docker start container-name - Remove Container #docker rm container-id - More details about container & container PID : #docker inspect image-id - Access container without needing SSH or being in attach mode #nsenter –m –u –n – p –i –t PID /bin/bash OR #docker-enter short-ID OR #docker-exec –it short-ID /bin/bash Interactive-TTY or –d (detached mode) PID 1
- 14. Docker Networking : Docker 0 interface : it’s created after Docker Daemon start and it’s actually a bit more than just interface It’s actually a bridge or a virtual switch created entirely inside the Linux Kernel. ++Note : To see details about Docker 0 - First #{ apt-get install bridge-utils , yum install bridge-utils } - Second #brctl show docker 0 - Vethx interface exist in the Docker 0 bridge and its connected to the eth0 inside the container. - show network config file for specific container (resolve.conf, hosts) : #ls -l /var/lib/docker/containers/container-ID - mapping container with specific port #docker run –d –p 5001:80 - - name=web1 image-name - linking to containers 1- #docker run - -name=src –d img-name 2- #docker run - - name=rcvr - -link=src:ali-src -it Ubuntu:15.04 /bin/bash ++to make sure attach the rcvr and #cat /etc/hosts Alias or nickname
- 15. Docker File : * Simple format Plain-Text contains instructions to build image and can be stored anywhere for EX : 1- 2- #docker build –t hellowworld:0.1 . If we will run the command from the same directory having the docker file. Note : #Docker history container-id to see history of commands executed on container from Docker file -RUN : Build time command – adding layers to image (Ex : Install Apps) -CMD : Run time command – run commands in container at lunch time (Ex : echo hello world) -EntryPoint : such as CMD but it can’t be overrided with any command in #docker run ….. Unless you add -- entrypoint ….. -ENV : used to make variable with values inside container (EX : ENV var1=ping var2=8.8.8.8)
- 16. Notes : - when we build an image , docker daemon check the build cache If it has previous instructions (image layers) so can build faster another image. -Volume : central directory contain the data that needed to run from more than one container and can be created during container lunching : #docker run –it - -v /test-vol -- name=Voltainer Ubuntu:15:04 /bin/bash -Deleting volume : #docker rm –v container-name -we can specify which network address range we want to use for our containers by editing in docker file vim /etc/default/docker <<< Docker_OPTS=- -bip=150.150.0.1/24 -Every container gets its own thin layer (Writable Layer) that’s slapped there right on top of the Read-Only image layers below it and within it all changes are made like installing and updating applications , writing new files, config changes
- 17. Next: 1- Docker-swarm(Native-Docker-Clustering) 2- Docker-AWS-using 3- Getting-started-Kubernetes 4- Running Container Clusters with Kubernetes 5- Integrating-docker-with-DevOps-automated-workflows Created By ENG/Hussien Elhannan
Editor's Notes
- #9: Docker Hub Link : https://hub.docker.com/