Docker Basics
Basics
Command |
Description |
|
Display docker version of client and server |
|
Display various docker information and configuration |
|
Display all available commands |
New Management Command Line
docker <command> <sub-command> (options)
Command |
Description |
|
Create a NGINX container in the foreground |
|
Create a NGINX container in the background |
|
List all active containers |
|
Stop a container 7e4 |
|
List all containers (active and inactive) |
|
Create a NGINX container with given name webhost |
|
Show logs of the container webhost |
|
Display running processes of the container webhost |
|
Display all container’s sub-commands |
|
Delete container 860, 74e, and 957 (non-active containers only) |
|
Forced delete container 860 even it is running |
What’s Happened?
- Look for image locally
- Look for image in remote repository (Docker Hub is the default repo)
- Download the latest version by default
- Create a new container and prepare to start
- Give a virtual IP on a private network inside docker engine
- Open port 80 on host and forward to port 80 in container
- Start container by using the CMD in Dockerfile
Old Command Line
Command |
Description |
|
Create a new mongo DB container named mongo |
|
List all active containers |
|
Display running processes of the container mongo |
|
Stop the container mongo |
|
Start the container mongo |
Manage Multiple Containers
docker container run -d -p 3306:3306 --name db -e MYSQL_RANDOM_ROOT_PASSWORD=true mysql
Create a MySQL container
- in detach/background (-d) mode
- publish port 3306 on host to 3306 on container
- assign name db
- set environment variable MYSQL_RANDOM_ROOT_PASSWORD to true to generate root password and print out in the log
Command |
Description |
|
Create a new HTTPd (Apache) container |
|
Create a new NGINX container |
|
See information on how the container mysql started in JSON format |
|
See live stream of container statistics |
Shell Inside Containers
docker container run -it --name proxy nginx bash
Create a new NGINX container named proxy and run bash command right after and keep terminal opened (-it.)
*Container will stop after exit
Ubuntu Container
docker container run -it --name ubuntu ubuntu
Try more commands:
apt-get update
apt-get install -y curl
curl google.com
Command |
Description |
|
Start the container ubuntu and open shell |
|
Create a new process and run bash inside container mysql |
|
Pull the image alpine |
|
List all local images |
|
Create a new alpine container and open sh (bash is not available in alpine) |
|
Create CentOS v7 container and open shell. Container is removed after exit. |
|
Create Ubuntu latest version and open shell. Container is removed after exit. |
Docker Networking
Default Network
- Each container connected to a private virtual network ‘bridge’ or ‘docker0’
- Each virtual network routes through NAT firewall on host IP i.e. containers can goes out to the internet via the host machine
- All containers can talk to each other without -p
- Best practice is to create a new virtual network for each app (which may containing multiple containers)
- “Batteries includes, but removable”
Command |
Description |
|
Create a new NGINX container named webhost and map port 80—>80 |
|
See port mapping for container webhost |
|
See IP address of the container webhost |
|
See IP address of local machine |
|
List all networks attached to Docker |
|
See which containers attach to the network bridge |
Creating a New Virtual Network
Command |
Description |
|
Create a new bridge network named my_app_net |
|
Create a new container in the specified networt my_app_net |
|
Connect container webhost to network my_app_net |
|
See which network the container webhost connect to |
|
Disconnect container webhost from network my_app_net |
DNS
Because containers are always moving, come and go, all the times. Should not rely on IPs but names.
Command |
Description |
|
Create NGINX container named new_nginx and attach my_app_net |
|
Create NGINX container named my_nginx and attach my_app_net |
|
See both containers are attached to my_app_net |
|
Ping new_nginx from my_nginx |
|
Ping my_nginx from new_nginx |
DNS Round Robin
Command |
Description |
|
Create a new network named dude |
|
Create a new Elasticsearch container and attach to network dude with alias search |
|
Create another Elasticsearch container and attach to network dude with alias search |
|
See NS entries mapped to DNS search |
|
Get Elastic search result from DNS search |
Docker Image
Visit Docker Hub
Try to select image with more pulls and stars
Command |
Description |
|
Download the latest (default) version of CentOS image |
|
Download the version 1.11 of NGINX image |
|
See all downloaded images |
Official Images
- https://hub.docker.com/explore/
- https://github.com/docker-library/official-images/tree/master/library
Image Layer
- Docker always stores only one copy of an image layer.
- Image is checked via SHA hash for identical validation.
- When running a container, Docker create a R/W layer on top of an image
Command |
Description |
|
See history of image nginx:’latest |
|
Display metadata of the image nginx e.g. exposed port, available environment variable, commands executed when a container is created |
Image Tagging and Pushing
- Image can be uniquely referred by
<user>/<image>:<tag>
<user>
is omitted for official images- Tag is a label to image ID. One image ID can have many tags
Command |
Description |
|
Create a new tag |
|
Upload tag to Docker Hub |
|
See local Docker config |
|
Create another tag |
|
Upload tag which layers already exist |
Dockerfile
A recipe to create your own image.
Basic
Command |
Description |
|
Base image |
|
Works like cd |
|
Key-value of environment variables |
|
Commands to execute when building image *Use && to add more commands to make sure changes are put on the same layer |
|
Ports to expose |
|
Commands to execute when running/starting container |
|
Copy file from host into image |
Docker Build
When rebuilding the image, only image layer that changed are rebuilt.
Command |
Description |
|
Build a new image tag customnginx from Dockerfile in current directory |
|
Build a new image tag nginx-with-html from Dockerfile in current directory |
|
Run a container of the new image tag |
|
Re-tagging by creating a new tag |
Dockerfile Example
# Instructions from the app developer
# - you should use the 'node' official image, with the alpine 6.x branch
FROM node:6-alpine
# - this app listens on port 3000, but the container should launch on port 80
# so it will respond to http://localhost:80 on your computer
EXPOSE 3000
# - then it should use alpine package manager to install tini: 'apk add --update tini'
# - then it should create directory /usr/src/app for app files with 'mkdir -p /usr/src/app'
RUN apk add --update tini && \
mkdir -p /usr/src/app
WORKDIR /usr/src/app
# - Node uses a "package manager", so it needs to copy in package.json file
COPY package.json package.json
# - then it needs to run 'npm install' to install dependencies from that file
# - to keep it clean and small, run 'npm cache clean --force' after above
RUN npm install && npm cache clean --force
# - then it needs to copy in all files from current directory
COPY . .
# - then it needs to start container with command 'tini -- node ./bin/www'
# - in the end you should be using FROM, RUN, WORKDIR, COPY, EXPOSE, and CMD commands
CMD [ "tini", "--", "node", "./bin/www" ]
Data Volume
VOLUME in Dockerfile
- Tells docker to create a new volume and mount at the specified location
- Can also be inspected (docker image inspect mysql)
Command |
Description |
|
Create a new MySQL container |
|
List all created volumes |
|
See which volume is mounted |
Named Volume
Command |
Description |
|
Create a new MySQL container with named volume |
|
Create another MySQL container using the same volume |
|
Create a new volume named test-volume |
Bind Mounting
- Two locations pointing to the same thing
- Can’t specified in Dockerfile
- Must be specified at
docker run
Command |
Description |
|
Create a new NGINX container with bind mount from current directory to /usr/share/nginx/html in the container |
|
Create a new Jekyll container with bind mount from current directory to /site |
Useful Commands
Command |
Description |
Reference |
|
Print linux kernel version |
|
|
Print linux distro and version |
|
|
Print linux distro and version |
|
|
Determine what containers use the docker volume |
|
|
Generate self-signed certificates |
|
|
Generate SSH key |