Containers are Cheap
Containers are Cheap
- Docker provides lightweight virtualization with almost zero overhead.
- Start and stop containers within seconds.
Containers are Portable
Containers contain all the required software dependencies to run your application.
Once a container is built, you can be sure it runs “the same way” on any host operating system with the same Linux kernel.
Containers in OSes
|2006||Process Containers, later renamed to cgroups|
|2008||LXC: implemented using cgroups and kernel namespaces|
|2013||Docker: initially built on LXC, but now runs on
2006: Process Containers
2008: LXC Containers, and 2013: Docker
What is Docker?
Docker is a toolchain for managing containers.
What You’ll Do Today
You’ll be packaging a simple application with Docker.
If time permits, we’ll cover additional things, such as passing environment variables.
docker pull alpine
alpine is an image for a tiny Linux distribution, used by Docker for
most of its official images.
A container image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings.
alpine is pulled from the Docker Registry, where hundreds of
thousands of images are hosted.
Starting a container
docker run alpine
What is happening here?
Running a command
docker run alpine echo "Hello from alpine!"
List all docker images:
List all running docker containers:
List all docker containers (including stopped containers):
docker ps -a
Entering a Container Interactively
docker run -it alpine sh
uname -r # 4.9.41-moby hostname # container_id whoami # root id # uid=0(root) gid=0(root) groups=0(root),1(bin)...
Docker images consist of multiple layers:
Layers for the ubuntu image
Observe the output for the following:
docker pull ubuntu:15.04 docker history ubuntu
Declare layers with a
FROM ubuntu MAINTAINER Kimbro Staken RUN apt-get install -y software-properties-common python RUN add-apt-repository ppa:chris-lea/node.js RUN echo "deb http://us.archive.ubuntu.com/ubuntu/ precise universe" >> /etc/apt/sources.list RUN apt-get update RUN apt-get install -y nodejs #RUN apt-get install -y nodejs=0.6.12~dfsg1-1ubuntu1 RUN mkdir /var/www ADD app.js /var/www/app.js CMD ["/usr/bin/node", "/var/www/app.js"]
|FROM||Sets the Base Image for subsequent instructions.|
|RUN||execute any commands in a new layer on top of the current image and commit the results.|
|CMD||provide defaults for an executing container.|
|EXPOSE||informs Docker that the container listens on the specified network ports at runtime.|
|ENV||sets environment variable.|
|COPY||copies new files or directories to container.|
|ENTRYPOINT||configures a container that will run as an executable.|
|VOLUME||creates a mount point for externally mounted volumes or other containers.|
|WORKDIR||sets the working directory.|
|ARG||defines a build-time variable.|
|LABEL||apply key/value metadata to your images, containers, or daemons.|
Docker creates three networks by default. We’re mostly concerned with
$ docker network ls NETWORK ID NAME DRIVER 7fca4eb8c647 bridge bridge 9f904ee27bf5 none null cf03ee007fb4 host host
Unless specified otherwise, the docker container will connect to this
bridge network. This provides a means of Docker containers
to access the outside world. This is achieved through rules on the
By default, none of the ports are published and the outside world has no access to the docker containers.
Running a Simple Webserver
nc -ll -p 8080 -e /bin/echo -e "HTTP/1.1 200 OK\n\n$(date)\n"
docker run -p 5001:8080 alpine \ nc -ll -p 8080 -e /bin/echo -e "HTTP/1.1 200 OK\n\n$(date)\n"
As a daemon:
docker run -p 5001:8080 -d alpine \ nc -ll -p 8080 -e /bin/echo -e "HTTP/1.1 200 OK\n\n$(date)\n"
Exercise: package a Node.js Server with Docker
curl -i http://localhost:5001/
HTTP/1.1 200 OK X-Powered-By: Express Content-Type: text/html; charset=utf-8 Content-Length: 14 ETag: W/"e-ZohVPp9YwmNT/yh3111KJ3ZG6Uk" Date: Fri, 13 Oct 2017 18:34:46 GMT Connection: keep-alive Hello world!!
- Install the Node.js runtime (use Ubuntu)
- Copy the files into the container
- Get the node package manager
npm startto start server
But… I want to change my files!
docker run -d my/webserver # Create file locally docker exec -it container_name sh ls #WAT
There are three types of mounts:
- Volumes are managed by docker. Volumes also support the use of volume drivers, which allow you to store your data on remote hosts or cloud providers, among other possibilities.
- Bind Mounts may be stored anywhere on the host filesystem.
- tmpfs mounts are stored in the host system’s memory only.
docker run -p 5000:8080 -v ~/path/to/directory:/usr/src/app/src my/webserver
Docker is the building block for many devops solutions.
- Container Orchestration: Kubernetes, Cloud Foundry etc.
- Monitoring: cAdvisor, InfluxDB etc.
- Reverse Proxies and Load Balancers: fabio etc.
Docker makes microservices manageable and scalable.