Debug School

Cover image for Docker Essentials..
Srikanth K N
Srikanth K N

Posted on

Docker Essentials..

What is Docker and why is it used?

Docker is an App containerization and isolation tool.
It maintains integrity of application environment.
It saves hundreds of hours of developers time so they can focus only on building application.

Docker can be used as a shareable environment between developers and between localhost and all other types of servers like QA, dev, prod the environment will remain same everywhere.

What is a Docker image and how is it different from a Docker container?

Docker Image is an abstraction of a container. This is the file that explains to docker daemon as to what type of container has to be built. Think of this as the plan of a building. We can draw on paper, that the plan of a building will have these many things and from this the building is actually built. The building is the container.

How do you create a Docker image and run a Docker container?

Create a docker image for any service.

docker create nginx
Enter fullscreen mode Exit fullscreen mode

Create required number of instances and provide unique names

docker create --name Sree1 nginx
docker create --name Sree2 nginx
docker create --name Sree3 nginx
Enter fullscreen mode Exit fullscreen mode

Run these instances by starting them

docker start Sree1
docker start Sree2
docker start Sree3
Enter fullscreen mode Exit fullscreen mode

What is a Dockerfile and how do you use it to create a Docker image?

A Dockerfile is a text file that contains a set of instructions used to build a Docker image. It serves as a blueprint for creating the image, specifying the base image, dependencies, environment variables, file copies, and runtime commands. Docker reads the Dockerfile to automate the image creation process.

The Dockerfile typically consists of a series of instructions, each of which adds a new layer to the image. These layers are cached, allowing for efficient rebuilding and sharing of common layers across multiple images.

Create a Dockerfile: Docker images are created based on a Dockerfile, which is a plain text file that contains instructions for building the image. Create a new file named "Dockerfile" (without any file extension) in your project directory.

Define the base image: In the Dockerfile, start by specifying a base image on which your image will be built. For example, you can use a minimal Linux distribution like Alpine or a specific version of an operating system.

FROM ubuntu:latest
Enter fullscreen mode Exit fullscreen mode

Install dependencies: If your application requires any dependencies, install them using package managers like apt-get (for Debian-based systems) or yum (for Red Hat-based systems). You can also copy files into the image using the COPY instruction.

RUN apt-get update && apt-get install -y package1  package2
Enter fullscreen mode Exit fullscreen mode

Set the working directory: Use the WORKDIR instruction to set the working directory inside the container.

Enter fullscreen mode Exit fullscreen mode

Copy your application code: Copy the application code into the image using the COPY instruction.

COPY . /app
Enter fullscreen mode Exit fullscreen mode

Define the container runtime command: Use the CMD instruction to specify the command that should be executed when the container is run. This can be the command to start your application.

CMD ["python", ""]
Enter fullscreen mode Exit fullscreen mode

Build the Docker image: Open a terminal or command prompt, navigate to the directory containing the Dockerfile, and run the following command to build the Docker image. Replace with a desired name for your image and with a version or label.

docker build -t <image-name>:<tag> .
Enter fullscreen mode Exit fullscreen mode

Run a Docker container: After successfully building the image, you can run a Docker container using the following command:

docker run -d --name <container-name> <image-name>:<tag>
Enter fullscreen mode Exit fullscreen mode

That's it! You've created a Docker image and run a Docker container based on that image. You can now access your application from the appropriate ports or interact with the running container as needed.

How can you inspect the contents of a Docker container and the changes made to a container while it was running?

Display detailed information on one or more images using docker image inspect

docker image inspect [OPTIONS] IMAGE [IMAGE...]
Enter fullscreen mode Exit fullscreen mode

How can you share a Docker image with others and pull an image from a Docker registry?

To share Docker images, you have to use a Docker registry. The default registry is Docker Hub and is where all of the images you've used have come from. A Docker ID allows you to access Docker Hub which is the world's largest library and community for container images.

What are the different network modes available in Docker and how do you choose the right network mode for your application?

Docker networking is the component that helps in establishing communication between containers. Docker comes with five main types of network drivers, which are elaborated on below.

None: This driver will disable the entire networking system, hindering any container from connecting with other containers.

Bridge: The Bridge is the default network driver for a container which is used when multiple containers communicate with the same Docker host.

Host: There are stances when the user does not require isolation between a container and a host. The host network driver is used in that case, eradicating this isolation.

Overlay: Overlay network driver allows communication between different swarm services when the containers run on different hosts.

macvlan: This network driver makes a container look like a physical driver by assigning a mac address and routing the traffic between the containers through this mac address.

How can you mount a volume in a Docker container and share data between the host and container?

The docker run command first creates a writeable container layer over the specified image and then starts using the specified command.

docker run -v
Enter fullscreen mode Exit fullscreen mode

Using the parameter -v allows you to bind a local directory.

-v or --volume allows you to mount local directories and files to your container. For example, you can start a MySQL database and mount the data directory to store the actual data in your mounted directory.

run mysql container in the background with a mounted volume

docker run --name mysql-db -v $(pwd)/datadir:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=my-se
Enter fullscreen mode Exit fullscreen mode

What is the difference between a Docker Compose file and a Dockerfile, and how are they used in deploying multi-container applications?

A Dockerfile is a simple text file that contains the commands a user could call to assemble an image whereas Docker Compose is a tool for defining and running multi-container Docker applications.

The contents of a Dockerfile describe how to create and build a Docker image, while docker-compose is a command that runs Docker containers based on settings described in a docker-compose.yaml file.

Example of a docker-compose.yaml file

For example, a docker-compose.yaml file that describes how to run the image created with the Dockerfile might look like this:

version: '3.9'
    container_name: my-website
    image: my-nginx-image:latest
    cpus: 1.5
    mem_limit: 2048m
      - "8080:80"
Enter fullscreen mode Exit fullscreen mode

How can you monitor the performance of a Docker container and diagnose issues with it?

There are several ways to monitor Docker containers in real time.

docker logs : View the logs of a running container.
docker attach : Attach to a running container and view its output.
docker top : View the running processes of a container.

Components of Docker and its Brief Summary

Components of Docker:

The Docker components are divided into two categories;
basic and advanced.

The basic components include Docker client, Docker image, Docker Daemon, Docker Networking, Docker registry, and Docker container.

Docker Compose and Docker swarm are the advanced components of Docker.

Basic Docker Components:

Lets dive into basic docker components:

Docker Client: The first component of Docker is the client, which allows the users to communicate with Docker. Being a client-server architecture, Docker can connect to the host remotely and locally. As this component is the foremost way of interacting with Docker, it is part of the basic components. Whenever a user gives a command to Docker, this component sends the desired command to the host, which further fulfils the command using the Docker API. If there are multiple hosts, then communicating with them is not an issue for the client as it can interact with multiple hosts.

Docker Image: Docker images are used to build containers and hold the entire metadata that elaborates the capabilities of the container. These images are read-only binary templates in YAML. Every image comes with numerous layers, and every layer depends on the layer below it. The first layer is called the base layer, which contains the base operating system and image. The layer with dependencies will come above this base layer. These layers will have all the necessary instructions in read-only, which will be the Dockerfile. A container can be built using an image and can be shared with different teams in an organization through a private container registry. In case you want to share the same outside the organization, you can use a public registry for the same.

Docker Daemon: Docker Daemon is among the most essential components of Docker as it is directly responsible for fulfilling the actions related to containers. It mainly runs as a background process that manages parts like Docker networks, storage volumes, containers, and images. Whenever a container start up command is given through docker run, the client translates that command into an HTTP API call and returns it to the daemon. Afterwards, the daemon analyses the requests and communicates with the operating system. The Docker daemon will only respond to the Docker API requests to perform the tasks. Moreover, it can also manage other Docker services by interacting with other daemons.

Docker Networking: As defined earlier in this post.

Docker Registry: Docker images require a location where they can be stored and the Docker registry is that location. Docker Hub is the default storage location of images that stores the public registry. However, registries can either be private or public. Every time a Docker pull request is made, the image is pulled from the desired Docker registry where it was the same. On the other hand, Docker push commands store the image in the dedicated registry.

Docker Container: A Docker container is the instance of an image that can be created, started, moved, or deleted through a Docker API. Containers are a lightweight and independent method of running applications. They can be connected to one or more networks and create a new image depending on the current state. Being a volatile Docker component, any application or data located within the container will be scrapped the moment the container is deleted or removed. Containers mostly isolate each other and have defined resources.

What is the difference between docker pause and unpause?

The docker pause and docker unpause commands are used to suspend and resume the execution of processes within a Docker container, respectively. They provide a way to temporarily halt the container's processes without stopping or terminating the container itself.

docker pause - The docker pause command suspends all processes within a running container. When you pause a container, all processes within the container are frozen, and their execution is temporarily halted.

To pause a container named "my-container," you can use the following command:

docker pause my-container
Enter fullscreen mode Exit fullscreen mode

The container remains in a paused state until you explicitly resume it or issue a docker unpause command.

Pausing a container can be useful in scenarios where you need to temporarily halt the container's execution, such as during troubleshooting or to limit resource usage.

docker unpause: The docker unpause command resumes the execution of processes within a paused container. It allows the container to continue running its processes from the point where they were paused.

To resume a paused container named "my-container," you can use the following command:

docker unpause my-container
Enter fullscreen mode Exit fullscreen mode

Once the container is resumed, the processes inside it start executing again.

It's important to note that the docker unpause command only affects containers that are currently in a paused state. If you try to unpause a container that is not paused, it has no effect.

In summary, docker pause suspends the execution of processes within a container, while docker unpause resumes their execution, allowing the container to continue running from the point where it was paused. These commands provide a way to temporarily halt and resume a container's processes without stopping or terminating the container itself.

What is the difference between docker stop and kill?

The docker stop and docker kill commands are both used to stop Docker containers, but they differ in how they handle the termination process:

docker stop: The docker stop command is used to gracefully stop a running container. When you issue a docker stop command, Docker sends a SIGTERM signal to the main process running inside the container, allowing it to perform any necessary cleanup or shutdown tasks.

For example, to stop a container named "my-container," you can use the following command:

docker stop my-container
Enter fullscreen mode Exit fullscreen mode

The container receives the SIGTERM signal and has a chance to handle it before shutting down. By default, Docker allows a grace period of 10 seconds for the container to stop gracefully. If the container does not stop within that timeframe, Docker proceeds with a forced termination.

docker kill: The docker kill command is used to forcefully stop a running container. It sends a SIGKILL signal to the container's main process, immediately terminating it without any chance for cleanup or shutdown tasks.

To kill a container named "my-container," you can use the following command:

docker kill my-container
Enter fullscreen mode Exit fullscreen mode

When a container is killed with docker kill, it is abruptly stopped, and any processes running inside the container are terminated immediately.

In summary, docker stop allows a container to perform cleanup tasks by sending a SIGTERM signal and waiting for a specified grace period. On the other hand, docker kill forcefully terminates a container by sending a SIGKILL signal without allowing the container to perform any cleanup.

What is the difference between docker exec and attach?

The docker exec and docker attach commands are used to interact with running Docker containers, but they serve different purposes:

docker exec: The docker exec command allows you to run a new command or script inside a running container. It provides a way to execute commands in an existing container without starting a new shell session.

For example, to run a shell command inside a container named "my-container," you can use the following command:

docker exec my-container <command>
Enter fullscreen mode Exit fullscreen mode

This command starts a new process within the container and executes the specified . The output of the command is displayed in the terminal where you ran the docker exec command. It does not attach to the container's standard input or output streams, allowing you to run commands in the background.

docker attach: The docker attach command attaches your terminal's standard input, output, and error streams to a running container. It connects to the main process running in the container, typically the process that was started when the container was launched.

To attach your terminal to a container named "my-container," you can use the following command:

docker attach my-container
Enter fullscreen mode Exit fullscreen mode

Once attached, any input/output from the container is directly displayed in your terminal, and you can interact with the running process inside the container. Exiting the attached terminal session usually terminates the container unless the process running inside the container keeps running independently.

It's important to note that when attaching to a container using docker attach, you are directly connected to the running process, and detaching from the terminal (e.g., by pressing Ctrl+C) will stop the container.

In summary, docker exec allows you to execute a command inside a running container without attaching to its standard streams, while docker attach connects your terminal to a running container, enabling you to interact with the container's primary process.

List of dockerfile instructions and its Brief Summary?
Here's an overview of some commonly used instructions in a Dockerfile:

FROM: Specifies the base image on which your image will be built.
RUN: Executes commands during the image build process, such as installing dependencies or configuring the environment.
COPY or ADD: Copies files or directories from the host machine into the image.
WORKDIR: Sets the working directory inside the container.
ENV: Sets environment variables for the container.
EXPOSE: Informs Docker that the container will listen on specific ports at runtime.
CMD or ENTRYPOINT: Defines the command to be executed when a container is run from the image.

What is the difference between CMD vs Entry

CMD: Sets default parameters that can be overridden from the Docker command line interface (CLI) while running a docker container.

ENTRYPOINT: Sets default parameters that cannot be overridden while executing Docker containers with CLI parameters.

Top comments (0)