Docker Essentials Workshop

Pawel Krupa (@paulfantom)

What You Will Learn

Docker is the world’s leading software container platform. Developers use Docker to eliminate “works on my machine” problems while operators use Docker to run and manage apps side-by-side in isolated containers to get better compute density

  • What is Docker and Docker Mission
  • Installing Docker
  • How Docker works
  • Basic Docker client commands
  • How Docker uses linux networking concepts
  • What is Dockerfile

What is a container?

Containers are a way to package software in a format that can run isolated on a shared operating system.

Containers do not bundle a full operating system - only libraries and settings required to make the software work are needed.

This makes for efficient, lightweight, self-contained systems and guarantees that software will always run the same, regardless of where it’s deployed.

Container advantages


FAST – start containers in seconds
With Copy-on-Write model, making changes to contenerized application can take minutes

EFFICIENT – pack as many containers as possible
Removing overhead of the hypervisor means containers are highly performant

SEGREGATION OF DUTIES – Dev code, Ops manage
Docker is designed to enhance consistency by ensuring the development environment matches production one

SOA AND MICROSERVICES – one container, one app
Docker recommends running one process per container. This promotes a distributed application model with inter-connected containers.

Docker Mission

Use Cases

Modernize Traditional Apps

  • security
  • portability
  • cost savings

CI/CD

  • accelerate
  • integrate
  • automate

Microservices

  • empower
  • innovate
  • standardize

IT Infrastructure Optimization

  • consolidate
  • efficiency
  • optimize

Installing Docker CE on Ubuntu


# you will need the GPG repo key
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

# next you need to add repository
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

# finally you refresh apt cache and install docker community edition
$ sudo apt-get update
$ sudo apt-get install docker-ce
      

Everything in detail is explained at docs.docker.com/engine/installation

Terminology


IMAGE
Lightweight, stand-alone, executable package that includes everything needed to run a piece of software, including the code, a runtime, libraries, environment variables, and config files

CONTAINER
Runtime instance of an image - what the image becomes in memory when actually executed. It runs completely isolated from the host environment by default, only accessing host files and ports if configured to do so.

REGISTRY
Stateless, highly scalable server side application that stores and lets you distribute Docker images

Docker daemon
The background service running on the host that manages building, running and distributing Docker containers.

Docker client
The command line tool that allows the user to interact with the Docker daemon.

Start a container!


# To simply start a container just use docker run
$ docker run hello-world

# Containers can also be started in detached mode
$ docker run -d -p 80:80 dockersamples/static-site

# Also we can start a shell in a container
$ docker run -it centos:7
      

How Docker Works

Docker Run

What happens when "docker run" is executed?


1. The Docker client contacts the Docker daemon.

2. The Docker daemon checks local store if the image is available locally, and if not, dowloads it from remote registry.

3. The Docker daemon creates the container and then runs a command in that container.

4. The Docker daemon streams the output of the command to the Docker client.

Demo Time:
Docker Client

Workshop:
Start some containers

Docker client CLI

Commands


  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes
              

Management Commands


  config      Manage Docker configs
  container   Manage containers
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  volume      Manage volumes
              

Full documentation at docs.docker.com/engine/reference/commandline/cli

Demo Time:
Docker Command-line

Workshop:
Get to know with Docker CLI

Networks

Docker network types

NONE
Container doesn't have any network connection. Useful for running one-time jobs.

HOST
Container is directly connected to host NIC.

BRIDGE
Default network connection. Access to container is done with NAT and PAT (via iptables).

OVERLAY
Used in docker swarm mode to inter-connect multiple docker daemons. Based on VXLAN technology.

Bridge network

Overlay network

Demo Time:
Docker Network

Workshop:
Let's map some ports

Dockerfile

Docker can build images automatically by reading the instructions from a Dockerfile. A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image.

Dockerfile directives

ON BUILD

  • FROM
  • COPY
  • ADD
  • RUN
  • ONBUILD
  • SHELL
  • ARG

BOTH

  • ENV
  • WORKDIR
  • USER
  • LABEL

RUNTIME

  • CMD
  • ENTRYPOINT
  • VOLUME
  • EXPOSE
  • HEALTHCHECK
  • STOPSIGNAL

RUN vs CMD vs ENTRYPOINT

RUN executes command(s) in a new layer and creates a new image. E.g., it is often used for installing software packages.

CMD sets default command and/or parameters, which can be overwritten from command line when docker container runs.

ENTRYPOINT configures a container that will run as an executable.

Dockerfile documentation

docs.docker.com/engine/reference/builder

or google for "Dockerfile reference"

Demo Time:
Simple Dockerfile

Workshop:
First Dockerfile

Instructions:

1. Choose baseimage, ex. ubuntu or alpine.

2. Install python package manager (pip). On ubuntu package python-pip.

3. Upgrade base system if needed.

4. Install application dependencies from requirements.txt file.

5. Copy application files from app.tgz. Unpack with
tar xvf app.tgz

6. Inform that application runs on port 5000.

7. Write instruction to run application.

Orchestration

Docker Compose
Tool for defining and running multi-container Docker applications.
More information: docs.docker.com/compose/overview

Ansible
Tool for automating almost everything, including running multi-container applications. Also can run docker-compose.
More information: www.ansible.com/docker

Docker Swarm

Next Steps