Docker 101

Posted on by tiagoneves

What is Docker?

Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.

For more details, check the official website.

Docker architecture

Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing your Docker containers. The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface. Another Docker client is Docker Compose, that lets you work with applications consisting of a set of containers.

Docker Architecture Diagram

The Docker daemon

The Docker daemon (dockerd) listens for Docker API requests and manages Docker objects such as images, containers, networks, and volumes. A daemon can also communicate with other daemons to manage Docker services.

The Docker client

The Docker client (docker) is the primary way that many Docker users interact with Docker. When you use commands such as docker run, the client sends these commands to dockerd, which carries them out. The docker command uses the Docker API. The Docker client can communicate with more than one daemon.

Docker registries

A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker is configured to look for images on Docker Hub by default. You can even run your own private registry.

When you use the docker pull or docker run commands, the required images are pulled from your configured registry. When you use the docker push command, your image is pushed to your configured registry.

Docker objects

When you use Docker, you are creating and using images, containers, networks, volumes, plugins, and other objects. This section is a brief overview of some of those objects.

IMAGES

An image is a read-only template with instructions for creating a Docker container. Often, an image is based on another image, with some additional customization. For example, you may build an image which is based on the ubuntu image, but installs the Apache web server and your application, as well as the configuration details needed to make your application run.

You might create your own images or you might only use those created by others and published in a registry. To build your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the image and run it. Each instruction in a Dockerfile creates a layer in the image. When you change the Dockerfile and rebuild the image, only those layers which have changed are rebuilt. This is part of what makes images so lightweight, small, and fast, when compared to other virtualization technologies.

CONTAINERS

A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state.

By default, a container is relatively well isolated from other containers and its host machine. You can control how isolated a container’s network, storage, or other underlying subsystems are from other containers or from the host machine.

A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that are not stored in persistent storage disappear.

Installing Docker

Windows

To install Docker Desktop on Windows, go to the official website (here) and click in Download for Windows.

When the download is finished, run the installer.

In the Configuration Window, click in Ok.

The installer will now unpack all the files, and then start the installation process…

When the installation process is finished, click in Close.

Now run the Docker Desktop.

If you got the message saying that the WSL 2 installation is incomplete, click in the link to install the kernel update.

PS: Don’t close this window yet!

In the webpage that will open when you click in the link, download the WSL2 Linux Kernel update package for x64 machines.

When the download is finished, run it!

In the Welcome window, click in Next.

When the installation is completed, click in Finish.

Go back to the WSL 2 Installation is incomplete window, and click in Restart.

You will see a notification saying that the Docker is starting.

And the will open the Docker Desktop window.

You can click in Skip tutorial.

This will be the Docker Desktop main window. You can check the docker status by checking if the box color of the bottom left Docker icon is green.

Now you are ready to run some Docker container in you Windows machine!

Linux

For this example, I will use a CentOS box. If you are using Ubuntu, check the tutorial in the official website.

First we need to update our package repository: 

yum update

Let’s configure the Docker repository.

yum install -y yum-utils
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

And now let’s install Docker!

yum install docker-ce docker-ce-cli containerd.io

Now let’s start the docker service and configure the docker to start with the operating system.

systemctl start docker
systemctl enable docker

Done!

Useful commands

  • docker ps : List running containers.
  • docker ps -a : List all container including stopped container.
  • docker pull : Download a image from Docker Hub registry.
  • docker build : Used to build your own container based on a Dockerfile.
  • docker images : Show all local storage images.
  • docker image ls : Same as docker images, show all local storage images.
  • docker run : Run a docker container based on an image.
  • docker logs : Display the logs of a container.
  • docker volume ls : Lists the volumes.
  • docker network ls : List all networks available.
  • docker network connect : Adds the container to the given container network.
  • docker rm : Removes one or more containers.
  • docker rmi : Removes one or more images.
  • docker stop : Stops one or more containers.
  • docker start : Start a stopped container.
  • docker cp : Copy files from a running container to the host machine or the way around.
  • docker exec : Execute some commands in a running container.

Docker Hub

Docker Hub is a service provided by Docker for finding and sharing container images with your team. It is the world’s largest repository of container images with an array of content sources including container community developers, open source projects and independent software vendors (ISV) building and distributing their code in containers.

Users get access to free public repositories for storing and sharing images or can choose a subscription plan for private repositories.

Docker Hub provides the following major features:

  • Repositories: Push and pull container images.
  • Teams & Organizations: Manage access to private repositories of container images.
  • Official Images: Pull and use high-quality container images provided by Docker.
  • Publisher Images: Pull and use high- quality container images provided by external vendors.
  • Builds: Automatically build container images from GitHub and Bitbucket and push them to Docker Hub.
  • Webhooks: Trigger actions after a successful push to a repository to integrate Docker Hub with other services.

For the full information, check the official website.

Dockerfile

Docker can build images automatically by reading the instructions from a Dockerfile. A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image. Using docker build users can create an automated build that executes several command-line instructions in succession. Click here for more details.

  • The Dockerfile is a text file that (mostly) contains the instructions that you would execute on the command line to create an image.
  • A Dockerfile is a step by step set of instructions.
  • Docker provides a set of standard instructions to be used in the Dockerfile, like FROMCOPYRUNENVEXPOSECMD just to name a few basic ones.
  • Docker will build a Docker image automatically by reading these instructions from the Dockerfile.

Dockerfile basic instructions

FROM

For beginners it’s enough to understand that every Dockerfile must start with the FROM instruction in the form of FROM <image>[:tag]. This will set the base image for your Dockerfile, which means that subsequent instructions will be applied to this base image.

COPY

Are designed to add directories and files to your Docker image in the form of  COPY <src>... <dest>.

ENV

You can use it to define environment variables that will be available in your container. So when you build an image and start up a container with that image you’ll find that the environment variable is available and is set to the value you specified in the Dockerfile.

RUN

RUN has two forms; RUN <command> (called shell form) and RUN ["executable", "param1", "param2"] called exec form. Note that RUN <command> will invoke a shell automatically (/bin/sh -c by default), while the exec form will not invoke a command shell.

VOLUME

You can use the VOLUME instruction in a Dockerfile to tell Docker that the stuff you store in that specific directory should be stored on the host file system not in the container file system. This implies that stuff stored in the volume will persist and be available also after you destroy the container.

USER

Don’t run your stuff as root, use the USER instruction to specify the user. This user will be used to run any subsequent RUNCMD AND ENDPOINT instructions in your Dockerfile.

WORKDIR

A very convenient way to define the working directory, it will be used with subsequent RUNCMDENTRYPOINTCOPY and ADD instructions. You can specify WORKDIR multiple times in a Dockerfile.

If the directory does not exists, Docker will create it for you.

EXPOSE

An important instruction to inform your users about the ports your application is listening on. EXPOSE will not publish the port, you need to use docker run -p... to do that when you start the container.

CMD and ENTRYPOINT

CMD is the instruction to specify what component is to be run by your image with arguments in the following form: CMD [“executable”, “param1”, “param2”…].

You can override CMD when you’re starting up your container by specifying your command after the image name like this: $ docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...].

You can only specify one CMD in a Dockerfile

When you specify an entry point, your image will work a bit differently. You use ENTRYPOINT as the main executable of your image. In this case whatever you specify in CMD will be added to ENTRYPOINT as parameters.

ONBUILD

You can specify instructions with ONBUILD that will be executed when your image is used as the base image of another Dockerfile. 

This is useful when you want to create a generic base image to be used in different variations by many Dockerfiles, or in many projects or by many parties.

ONBUILD instructions will be executed right after the FROM instruction in the downstram Dockerfile.

Now, let’s create our own Dockerfile!

Create the Dockerfile: You can use any texto editor, in this example, I will user my Linux box to create the file with the command “vim Dockerfile”

This will be a simple example to build a NGINX image with a custom index.html page.

FROM nginx:latest
COPY ./index.html /usr/share/nginx/html/index.html

Now we need to create the custom index file:

echo "Custom Index" > index.html

Now let’s build our custom image.

docker build . -t custom_nginx:latest

Let’s check our images…

docker image ls

As you can see, we have two images, the original nginx used in the Dockerfile in the FROM instruction, and our custom image.

Now let’s run this images and check the differences. First the original image:

docker container run -d -p 8080:80 nginx

And then… The custom image:

docker container run -d -p 8081:80 custom_nginx

The original image is running on port 8080 and the custom image is running on port 8081. 

docker ps

We can check the differences between the two images when we access them in the browser:

Original Image
Custom Image.

PS: I’m using the IP from my Linux box, if you are running docker direct from your computer, you can access as localhost.

You can now stop a container running the command:

docker container stop <container id>

And them remove it with the command:

docker container rm <container id>

That’s all folks!!!