Docker
Hands-on
Docker has taken the world by Storm!
- 400.000.000 downloads
- 300.000+ Dockerized applications
- 50.000+ third party projects on Github
- 150.000.000 dollar in funding
Why? It Supports True DevOps!
Developer
Inside the container:
code
libraries
package manager
app
data
Operations
Outside the container:
logging
remote access
networking
monitoring
security
Separation of Concerns
What is Docker?
-
Container management for Linux
-
Abstraction for DevOps workflow
-
Adds images, image repository and version control to containers
Basic Components
Creating a Docker image
Dockerfile
FROM ubuntu
RUN apt-get update && apt-get install -y apache2 && apt-get clean
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
EXPOSE 80
CMD ["/usr/sbin/apache2", "-D", "FOREGROUND"]Docker Images
- contain everything needed to run the app
- are portable across daemons
- have built in layers
- ordered to actions, Add file, Expose port, Run
- are stored in a Registry
Docker Hub - Image Registry
-
Contains Docker images
-
Public Registry with official images
-
Can host your own private Registry
Running a container
Docker Image Layers
Filesystems
- Linux requires two file systems
Multiple rootfs
Docker supports multiple rootfs
Docker Image
- Read-only layers are called images
Stacking images
- Images can depend on other images, called parents
Writable containers
-
On top of images docker creates writable containers
Docker commands
- Runtime
- Information
- Filesystem
- Images
- Repository
RunTime
| ps | List containers |
| kill | Kill a running container |
| restart | Restart a running container |
| rm | Remove a container |
| run | Run a command in a new container |
| start | Start a stopped container |
| stop | Stop a running container |
| wait | Block until a container stops, then print its exit code |
Information
| info | Display system-wide information |
| inspect | Return low-level information on a container |
| logs | Fetch the logs of a container |
| port | Lookup the public-facing port which is NAT-ed to PRIVATE_PORT |
| attach | Attach to a running containe |
File System
| insert | Insert a file in an image |
| diff | Inspect changes on a container's filesystem |
| commit | Create a new image from a container's changes |
Images
| build | Build a container from a Dockerfile |
| import | Create a new filesystem image from the contents of a tarball |
| export | Stream the contents of a container as a tar archive |
| images | List images |
| rmi | Remove an image |
| history | Show the history of an image |
Repository
| login | Register or Login to the docker registry server |
| pull | Pull an image or a repository from the docker registry server |
| push | Push an image or a repository to the docker registry server |
| search | Search for an image in the docker index |
| tag | Tag an image into a repository |
Hand-on
Getting started
- Test Docker installation
$ docker pull ubuntu
$ docker run ubuntu /bin/echo "hello world"Detached container
-
Running containers in the background
# run -d means detached detach
$ DOCKER_ID=$(docker run -d ubuntu \
bash -c 'while true ; \
do sleep 1; \
echo hello world at $(date); \
done' )
$ echo $DOCKER_ID # shows id of container
$ docker attach $DOCKER_ID # attach to stdout of the container
$ docker ps # shows all running containers
$ docker stop $DOCKER_ID # stops specified container
$ docker ps -a # shows stopped and running containers
$ docker rm $DOCKER_ID # removes the containerVersioned file system
# Look at an empty filesystem
$ docker run ubuntu /bin/ls /tmp
# Modify the filesystem
$ DOCKER_ID=$(docker run -d ubuntu \
bash -c 'while true ; do \
date > /tmp/$(date +%Y%m%d%H%M); \
sleep 60;\
done')
# See the changes on the filesystem
$ docker diff $DOCKER_ID
# Stop the instance
$ docker stop $DOCKER_ID; docker rm $DOCKER_ID
# Changes are gone!
$ docker run ubuntu /bin/ls /tmpcreating a new image
# Modify the filesystem
$ DOCKER_ID=$(docker run -d ubuntu \
bash -c 'while true ; do \
date > /tmp/$(date +%Y%m%d%H%M); \
sleep 60; \
done')
# See the changes on the filesystem and commit
$ docker diff $DOCKER_ID
$ docker commit $DOCKER_ID $USER/mydemo # name of image $USER/mydemo
# Stop and remove the instance
$ docker stop $DOCKER_ID ; docker rm $DOCKER_ID
# Changes are persisted!
$ docker run $USER/mydemo /bin/ls /tmpDockerfile
- FROM
- MAINTAINER
- RUN
- CMD
- EXPOSE
- ENTRYPOINT
- ENV
- ADD
- VOLUME
- USER
- WORKDIR
From
- Syntax: FROM <image>[:<tag>]
- Sets the base image for this image
- FROM must be the first non-comment instruction in the Dockerfile.
- Can appear multiple times to create multiple images
Run
- Syntax: RUN <command>
- Runs the specified command, and commits the result to the image
- RUN can be used multiple times
CMD
- Syntax:
- CMD ["executable","param1","param2"]
- CMD ["param1","param2"], use with ENTRYPOINT
- CMD command param1 param2
- Provides defaults when executing a container
- CMD can only be used one time
ENTRYPOINT
- Syntax:
- ENTRYPOINT ["executable","param1","param2"]
- ENTRYPOINT command param1 param2
- Similar as CMD, but cannot be overwritten with command-line parameters
- ENTRYPOINT can only be used one time
EXPOSE
- Syntax: EXPOSE <port> [<port> ...]
- Defines which ports to expose
Lab Exercise
- Create a tomcat7 image with name <docker-hub-name>/tomcat7
- push it to the Docker Hub registry
- start 5 instances
- show they are operational
create a tomcat images
- Create a file 'Dockerfile' in the subdirectory tomcat7 with the following content.
FROM tomcat
-
Build a new image
$ cd tomcat7
$ docker build -t $USER/tomcat7 .push to the registry
- create an account on hub.docker.com
$ docker login
$ docker tag $USER/tomcat7 <your-docker-hub-name>/tomcat7:v0.1
$ docker push <your-docker-hub-name>/tomcat7:v0.1running tomcat
# Start a tomcat container
$ DOCKER_ID=$(docker run -P -d <docker-hub-name>/tomcat7:v0.1)
# docker inspect show details about the container
$ docker inspect $DOCKER_ID
# Obtain mapped port of port 8080 of the container
$ PORT=$(docker port $DOCKER_ID 8080)
# access tomcat via mapped port
$ curl http://localhost:$PORT
# Obtain ip address of container
$ IPADDRESS=$(docker inspect -f '{{.NetworkSettings.IPAddress}}' $DOCKER_ID)
# http request on image IP address
$ curl http://$IPADDRESS:8080creating a farm of tomcat
count=0
TOMCAT_IPS=""
while [ $count -lt 5 ] ; do
DOCKER_ID=$(docker run -P –d <docker-hub-name>/tomcat7:v0.1)
IPADDRESS=$(docker inspect -f '{{.NetworkSettings.IPAddress}}' $DOCKER_ID)
TOMCAT_IPS="$TOMCAT_IPS $IPADDRESS"
count=$(($count + 1))
done
echo all tomcats : $TOMCAT_IPS