Docker Introduction
Contents
Docker Introduction¶
What is a Container?¶
A standardized unit of software
A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another
Containers 101¶
Containers offer a logical packaging mechanism in which applications can be abstracted from the environment in which they actually run. This decoupling allows container-based applications to be deployed easily and consistently, regardless of whether the target environment is a private data center, the public cloud, or even a developer’s personal laptop. Containerization provides a clean separation of concerns, as developers focus on their application logic and dependencies, while IT operations teams can focus on deployment and management without bothering with application details such as specific software versions and configurations specific to the app.
What’s a Linux container?¶
A Linux® container is a set of one or more processes that are isolated from the rest of the system. All the files necessary to run them are provided from a distinct image, meaning that Linux containers are portable and consistent as they move from development, to testing, and finally to production. This makes them much quicker than development pipelines that rely on replicating traditional testing environments. Because of their popularity and ease of use containers are also an important part of IT security.
https://www.redhat.com/en/topics/containers/whats-a-linux-container
Docker¶
A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings.
Container images become containers at runtime and in the case of Docker containers - images become containers when they run on Docker Engine.
Docker containers that run on Docker Engine:
Standard: Docker created the industry standard for containers, so they could be portable anywhere
Lightweight: Containers share the machine’s OS system kernel and therefore do not require an OS per application, driving higher server efficiencies and reducing server and licensing costs
Secure: Applications are safer in containers and Docker provides the strongest default isolation capabilities in the industry
Container vs Virtual Machines¶
CONTAINER¶
Containers are an abstraction at the app layer that packages code and dependencies together. Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space. Containers take up less space than VMs (container images are typically tens of MBs in size), can handle more applications and require fewer VMs and Operating systems.
VIRTUAL MACHINES¶
Virtual machines (VMs) are an abstraction of physical hardware turning one server into many servers. The hypervisor allows multiple VMs to run on a single machine.
Each VM includes a full copy of an operating system, the application, necessary binaries and libraries - taking up tens of GBs. VMs can also be slow to boot
x
Containers && Virtual Machines¶
[https://medium.com/better-programming/containers-and-virtual-machines-an-overview-94c558905b6]
Docker Architecture¶
Install¶
Follow instructions on https://docs.docker.com/install/
Windows¶
Docker on WSL¶
From Docker Blog¶
Dec 15 2021
WSL 2 GPU Support for Docker Desktop on NVIDIA GPUs
https://www.docker.com/blog/wsl-2-gpu-support-for-docker-desktop-on-nvidia-gpus/
Dec 21 2020
WSL 2 GPU Support is Here
https://www.docker.com/blog/wsl-2-gpu-support-is-here/
May 20 2020 Creating the best Linux Development experience on Windows & WSL 2 https://www.docker.com/blog/creating-the-best-linux-development-experience-on-windows-wsl-2/
Jun 16 2019
https://www.docker.com/blog/docker-hearts-wsl-2/
Jul 31 2019
https://www.docker.com/blog/5-things-docker-desktop-wsl2-tech-preview/
Aug 14 2019
https://www.docker.com/blog/developing-docker-windows-app-wsl2/
Oct 24 2019
https://www.docker.com/blog/new-docker-desktop-wsl2-backend/
Apr 13 2020
https://www.docker.com/blog/how-we-test-docker-desktop-with-wsl-2/
May 04 2020
https://www.docker.com/blog/docker-desktop-wsl-2-best-practices/
May 20 2020
https://www.docker.com/blog/creating-the-best-linux-development-experience-on-windows-wsl-2/
Aug 20 2020
https://www.docker.com/blog/docker-desktop-wsl-2-backport-update/
Dec 21 2020
Linux¶
Docker Desktop for Apple silicon¶
15 April 2021
https://www.docker.com/blog/released-docker-desktop-for-mac-apple-silicon/
https://docs.docker.com/desktop/mac/apple-silicon/
Demo¶
%%bash
docker --version
Docker version 20.10.12, build e91ed57
Hello World¶
%%bash
docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(arm64v8)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
List Images¶
%%bash
docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 3223373eca24 10 days ago 65.6MB
hello-world latest 18e5af790473 5 months ago 9.14kB
List Containers¶
%%bash
docker container ls --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a081c996687a hello-world "/hello" 6 minutes ago Exited (0) 6 minutes ago modest_hoover
2b7cec2f469e ubuntu "bash" 45 hours ago Exited (0) 45 hours ago determined_saha
8aa763aaa0ff hello-world "/hello" 46 hours ago Exited (0) 46 hours ago eloquent_beaver
Docker Container Name¶
Automatic¶
Docker container have an id and a name, if not specified is generated automatically by an algoritm names-generator.go
if name == "boring_wozniak" /* Steve Wozniak is not boring */ {
goto begin
}
Ubuntu¶
docker run -it ubuntu
Play with Docker¶
Docker Components¶
Images¶
https://en.wikipedia.org/wiki/A_picture_is_worth_a_thousand_words
http://boxmanstudios.com/blog/industry-knowledge/a-short-history-of-shipping-container-architecture/ https://medium.com/article-group/building-for-transport-9ff63da0681b
An image is a read-only template with instructions for creating a Docker container.
Often, an image is based on another image, with some additional customization.
For example, you may build an image which is based on the ubuntu image, but installs the Apache web server and your application, as well as the configuration details needed to make your application run.
You might create your own images or you might only use those created by others and published in a registry. To build your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the image and run it.
Each instruction in a Dockerfile creates a layer in the image. When you change the Dockerfile and rebuild the image, only those layers which have changed are rebuilt.
This is part of what makes images so lightweight, small, and fast, when compared to other virtualization technologies.
Containers¶
A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state.
By default, a container is relatively well isolated from other containers and its host machine. You can control how isolated a container’s network, storage, or other underlying subsystems are from other containers or from the host machine.
A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that are not stored in persistent storage disappear.
Docker Hub¶
Docker Hub is a service provided by Docker for finding and sharing container images with your team. It is the world’s largest repository of container images with an array of content sources including container community developers, open source projects and independent software vendors (ISV) building and distributing their code in containers.
https://docs.docker.com/docker-hub/
For production enviroments consider rate limits set in November 2020
Docker CLI¶
The docker run
command first creates a writeable container layer over the specified image, and then starts it using the specified command.
That is, docker run
is equivalent to the API /containers/create
then /containers/(id)/start
.
A stopped container can be restarted with all its previous changes intact using docker start.
See docker ps -a to view a list of all containers.
The docker run
command can be used in combination with docker commit
to change the command that a container runs.
Visual Studio Code Integration¶
The Docker extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code.
This page provides an overview of the Docker extension capabilities; use the side menu to learn more about topics of interest. If you are just getting started with Docker development, try the Docker tutorial first to understand key Docker concepts
Docker as a service¶
AWS¶
Docker lets you build, test, and deploy applications quickly https://aws.amazon.com/docker/
Recent announcements: Docker collaborates with AWS to help developers speed delivery of modern apps to the cloud. This collaboration helps developers use Docker Compose and Docker Desktop to leverage the same local workflow they use today to seamlessly deploy apps on Amazon ECS and AWS Fargate. Read the blog for more information. https://aws.amazon.com/it/blogs/containers/deploy-applications-on-amazon-ecs-using-docker-compose/
AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Fargate makes it easy for you to focus on building your applications. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design.
https://aws.amazon.com/fargate/
x
Amazon Elastic Kubernetes Service (Amazon EKS) gives you the flexibility to start, run, and scale Kubernetes applications in the AWS cloud or on-premises. Amazon EKS helps you provide highly-available and secure clusters and automates key tasks such as patching, node provisioning, and updates.
AWS Batch enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (e.g., CPU or memory optimized instances) based on the volume and specific resource requirements of the batch jobs submitted.
x
Azure¶
Save costs by lifting and shifting your existing applications to containers, and build microservices applications to deliver value to your users faster. Use end-to-end developer and CI/CD tools to develop, update, and deploy your containerized applications.
https://azure.microsoft.com/en-us/product-categories/containers/
Deploy and manage containerized applications more easily with a fully managed Kubernetes service. Azure Kubernetes Service (AKS) offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. Unite your development and operations teams on a single platform to rapidly build, deliver, and scale applications with confidence.
https://azure.microsoft.com/en-us/services/kubernetes-service/
Quickly build, deploy, and scale web apps and APIs on your terms. Work with .NET, .NET Core, Node.js, Java, Python or PHP, in containers or running on Windows or Linux. Meet rigorous, enterprise-grade performance, security and compliance requirements used a trusted, fully managed platform that handles over 40 billion requests per day.
https://azure.microsoft.com/en-us/services/app-service/
Develop apps fast without managing virtual machines or having to learn new tools—it’s just your application, in a container, running in the cloud.
https://azure.microsoft.com/en-us/services/container-instances/
Google Cloud¶
From Gmail to YouTube to Search, everything at Google runs in containers. Containerization allows our development teams to move fast, deploy software efficiently, and operate at an unprecedented scale. Each week, we start over several billion containers. We’ve learned a lot about running containerized workloads in production over the past decade, and we’ve shared this knowledge with the community along the way: from the early days of contributing cgroups to the Linux kernel, to taking designs from our internal tools and open sourcing them as the Kubernetes project.
https://cloud.google.com/containers
We’ve had so much success with our internal cluster management system Borg that we’ve taken what we’ve learned and put it into the open source project Kubernetes. Now you and other companies can benefit from our decades of experience.
It doesn’t stop there. Google Cloud Platform provides the tools you need to use containers from development to production. Cloud Build and Container Registry provide Docker image storage and management, backed by both Google’s high security standards and world-class network. Google’s Container-Optimized OS provides a lightweight, highly secure operating system that comes with the Docker and Kubernetes runtimes pre-installed. All your container management can take place on GCP.