Side Navigation

X

All About Docker

4.Kernel

kernel directly interact with hardware and responds to messages from the hardware. allocates memory, cpu, network

docker is a program written by GO  it manages kernel features to build containers. uses cgroups for processes, namespaces for networks, copy-on-write file system to build images.

docker: two types

client and server communicate over network socket. server receives commands over a socket.

/var/run/docker.sock

Container: A collection of software processes unified by one namespace, with access to an operating system Kernel that it shares with other containers and little to no access between containers.

4.networking

Ethernet: moves frames on a wire (or wifi)

IP layer: moves packet on a local network

Routing: forwards packets between networks

port: address particular programs on a computer

docker uses bridges to create virtual networks with software switches

we can see those bridges using brctl command line tool or you can simply use docker commands

docker uses these bridges to share data between containers. by –net=host command

$brctl show

Routing: creates firewall rules to move packets between networks

NAT (network address translation)

change the source address and destination addresses.

sudo iptables -n -L -t nat (-t = table, -L = list, -n=network)

docker run -ti –rm 8080:8080 spring bash

exposing port is called port forwarding.

NameSpaces: feature in kernel system to isolate private network segments.

these private networks use bridges to talk to other containers by shared network

each container has its own copy of the namespace.

Process:

docker container starts with one process in a Linux system

$docker inspect '{{}.state.Pid}' containerName

$docker run -ti –rm –privileged=true –pid=host ubuntu bash (privileged and pid are used to turn off safety features || don’t use it in production)

Unix Storage:

at lowest level (harddrive, network storages) kernel manages data stored as bits 0’s and 1’s

Logical storage devices: combining all storages

filesystems: track the data where it come from by using files

FUSE file system: this is program files

5.Docker Rigistry

$ docker run -d -p 5000:5000 --restart=always --name registry registry:2 (-d: detach| restart: if containiner dies restart immediately )

docker tag spring:1.7 localhost:5000/mycompany/my-spring:99(to save deployed image locally) we can also save images in cloud

Docker trusted registry

elastic container registry

google container registry

Azure container registry

$docker save -o my-images.tar.gz spring:1.9 helloworld:99 spring-boot:1.4 (-o = output | added 3 images in one zip file)

$docker load -i my-images.tar.gz (to load the images from zip file)

docker save and load commands are useful when we are migrating between registries.

Docker Compose: orchestration system

Kubernetes: advanced orchestration system

$kubectl get services

$kubectl delete

docker images - to get all images
docker run -ti imageName:version ex: docker run -ti app:latest (ti = terminal interactice).

it will give container ID, Image, command, created, status, ports, names(name assigns automatically)

docker ps – to look at running images (Or) docker ps –format $FORMAT |  docker ps -a – to look all containers | docker ps – l  – to look the last container

touch My-File – to make a file named My-File

docker commit  container-ID – to make images from container (we will get new image ID) th

docker tag imageID myImage - to add image name or you can do all once
docker commit ContainerName my-image

docker run –rm -ti spring-boot sleep 5 (remove container when process is done)

docker run -ti spring bash -c “sleep 3; echo all done” – to do multiple processes

docker run -d -ti spring bash

docker attach containerName

to detach from container ctr P + ctr Q – simply exit without stop the container so that we can attach back

docker exec – starts another process for running container to modify small changes

docker exec -ti containerName bash (if original container dies then this will dies)

docker logs – to look at logs

docker logs containerName

Stopping and removing container

docker kill containerName

– to kill container we can use containerID

docker rm containerName

– to stop container we can also use containerID

container Networking

docker run --rm -ti -p 45678:45678 -p 45679:45679 --name containerName spring:1.0 bash (-p to publish)

nc -lp 45678 | nc -lp 45679 (-nc: netcat, -lp: listen on port, | to talk to other port)

nc localhost 45678 (nc host.docker.internal 45678 – for mac)

nc localhost 45679

Exposing Ports Dynamically

docker run --rm -ti -p 45678 -p 45679 --name containerName spring:1.0 bash

nc -lp 45678 | nc -lp 45679

docker port containerName

2. container Networking:

docker network ls
docker network create learning
(learning is the name we gave)
docker run --rm -ti --net learning --name catserver spring:1.0 bash

(catserver name we gave)
ping catserver –> to ping our server
docker run –rm -ti –net learning –name dogserver spring:1.0 bash

nc -lp 1234

nc dogserver 1234 (now they communicate with each other) create server with different terminal

docker network create catsonly

docker network connect catsonly catserver

docker run –rm -ti –net catsonly –name bobcatserver spring:1.0 (only cat servers talking to each other)

so dog server only can talk to cat server but not to bobcatserver

2. legacy Linking

docker run –rm -ti -e SECRET=theinternetlovescats –net learning –name catserver spring:1.0 bash
the one direction legacy linking

2. Listing Images

docker images
REPOSITORY     TAG.      IMAGE ID       CREATED       SIZE

$ docker commit containerID my-image

(to create my-image image from container)

$ docker commit containerID my-image:tageName (to tag images)

$docker rmi imageID/repository
(to

remove image

)

2. Volumes  

disc volume volumes are created to pass data between containers and they go away when container exited. sharing data between containers -> volumes-from $docker run -ti -v /shared-data spring bash (-v: volume) $echo hello > /shared-data/data-file  (to put hello in dat-file)

$docker run -ti --volumes-from containerName spring bash

$/shared-data/

$ls /shared-data/ (we can see data-file in this container)

2.Docker registries

$docker search spring

$docker hub login 
$docker login (username & password) 
$docker pull spring 
$docker tag spring bannu/test-image:v99 
$docker push bannu/test-image:v99

don’t push images containers containing ur password. verify images before pulling from web

3.1Dockerfile

caching with each step: docker changes only changed lines for each build

$nano Dockerfile (to create text editor in terminal)

FROM spring

RUN echo “building simple docker image.”

CMD echo “hello container”

$docker build -t hello .

while reading each line in Dockerfile docker will create intermediate containers and cleans when it enter in to next line and updates the image. finally produces docker image

3.2 multi project Dockerfile

FROM java:8

RUN

RUN

RUN

FROM

RUN

ENTRYPOINT

You May Also Like

Comments

Leave a Comment

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>