+ All Categories
Home > Documents > A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker...

A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker...

Date post: 17-Jul-2020
Category:
Upload: others
View: 18 times
Download: 0 times
Share this document with a friend
27
A introduction to Docker Amit
Transcript
Page 1: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

A introduction to Docker

Amit

Page 2: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Dev and Ops Challenges

● Dev Environment

● Code migration to staging

● Dependency issues

● Conflicts and time issue

● Frequent code changes and new build

● Redeployment frequency

● Steps automation

Page 3: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Solution

● Use Virtualization

● Create standard template as per dev requirement

● Move to Docker

– Question: What is docker???

– Docker is an amazing technology and it just simplifies both workflows and communication.

– Docker help devs to create an image with all the dependency and bundled it and send for ops testing

– Easy to build

– Easy to deploy

– Maintaining change set is quite easy

– Maintaining images and comparison across releases is easy

Page 4: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker Image Flow

Code changes and push images

Ship to Repository

Perform testing

Testing team deploy image

Push to staging

Page 5: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

● Developers build the Docker image and ship it to the registry.

● Operations engineers provide configuration details to the container and provision resources.

● Developers trigger deployment.

● Dependency issues resolved

● Testing and redeployment become easier

Page 6: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker Workflow

● Pull a base image● Run a container,extend and commit● Part 2 results in a new image● Push image to remote repository● Pull extended image to extended environment

and run as container●

Page 7: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker Commit● Pull a new container image

docker pull rhel7:latest

docker run rhel7:latest /bin/bash

● Modify the container:

touch testfile.sh

● Commit the container image

docker commit 1fc66a69a3d2 -t amit23comp/openwriteup:1.0.0

● Docker login to hub.docker.com

[root@localhost amit]# docker login

Username (amit23comp):

Password:

WARNING: login credentials saved in /root/.docker/config.json

Login Succeeded

Page 8: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

….

[root@localhost amit]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

amit23comp/openwriteup 1.0.0 ffe2bf92f0aa 47 minutes ago 193 MB

Page 9: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

docker tag amit23comp/openwriteup:1.0.0 hub.docker.com:5000/amit23comp/openwriteup'

$ docker commit c16378f943fe rhel-httpd

Now, push the image to the registry using the image ID. In this example the registry is on host named registry-host and listening on port 5000. To do this, tag the image with the host name or IP address, and the port of the registry:

$ docker tag rhel-httpd registry-host:5000/myadmin/rhel-httpd$ docker push registry-host:5000/myadmin/rhel-httpd

[root@localhost amit]# docker push hub.docker.com:5000/amit23comp/openwriteupThe push refers to a repository [hub.docker.com:5000/amit23comp/openwriteup]

Page 10: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker Registry

● Docker hub

https://hub.docker.com

● Create a Docker hub account

https://hub.docker.com/account/signup

[root@localhost amit]# docker login

Username: amit*****

Password:

Email: [email protected]

WARNING: login credentials saved in /root/.docker/config.json

Login Succeeded

Page 11: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker file

Dockerfile

Image

Container

Docker hub

Build

Run

StopStart

Restart

Commit

Push

Pull

Page 12: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Image

● Image are read only

● Its contains multi layer

● Push and pull image from registry

● Container are read -write

● When we install and commit, its create a new image.

● This way its create a new layer for it

● Understanding the image layer and cache

● Minimize the image layer and maximize the image cache

Page 13: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker file continue..

Page 14: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

explanation

● Host kernel : Its linux kernel, which is shared across all the containers

● Image: It can be any linux flavor : In above pic its a debian image. Its a readonly. Its persistent

● Container: Next layer in the pic is container, Its writable. We have added a editor in the container. “ Add emacs”. Since container is writable, but non-persistent.

● We have committed the image, and its become the new image, its a readonly.

● We can pull and push the image to the repo.

● From the repo we can pull the image and it become container and its writable.

● Image is readonly and containers are writeable.

● Once its committed we can not remove from image, we can remove from container

Page 15: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Layers benefit in docker file

Page 16: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker build

● docker build

This command will create image from the docker file

● docker build -t openwriteup/java:1.0.0 .

Above command will build the image from the docker file, we need to specify the dockerfile path. In above command we have mentioned the “.” at end of the command, its means dockerfile is located in current working directory

● “ -t “ option is for tagging, it tag the new image with followed by the version.

● Docker file syntax:

Instruction ----> argument

Each instruction commits create a new layer in the image

Page 17: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker file : example

# pull base image

FROM fedora:latest

RUN \

yum update && \

yum install java

# We are chaining the RUN command, so in the single command we are creating #one layer. Its create only one layer, so its chaining will help, we can avoid multiple #layer

#define default command

CMD [“java”]

Page 18: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Another example

#Download image with java 8

FROM dockerfile/java:oracle-java8

MAINTAINER Openwriteup

#Install MAVEN into the image

RUN apt-get update && \

echo '--->Install maven”\

apt-get install -y maven

#Create a working directory code

WORKDIR /code

#openport

EXPOSE 8080

Page 19: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Build image practice

● Avoid installing unnecessary packages: In order to reduce the complexity,dependencies,filesize and build size

● Run only one process per container:Decoupling application into multiple container makes it much easier to scale horizontally and reuse containers

● Minimize number of layers: Chained the instruction

RUN apt-get update && apt-get install -y \

git \

gcc \

emacs

● Build cache :During docker build we should use it.I

Page 20: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Docker file Command

● FROM

● RUN

● CMD

● EXPOSE

● ENV

● ENTRYPOINT

● COPY

● ADD

● WORKDIR

Page 21: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Difference between commands● Entrypoint and CMD

CMD [“mvn”,”exec:java”]

ENTRYPOINT[“mvn”], now “exec:java” needs to be passed as argument for docker run command.

● CMD simply sets a command to run in the image if no arguments are passed to docker run, if arguments are passed to docker run then the command is overridden.

● If docker files uses only ENTRYPOINT,the argument passed to docker run will always passed to entrypoint.

● If docker files declares both ENTRYPOINT AND CMD, and no arguments are passed to docker run ,then the argument to CMD will be passed to declared entrypoint

● COPY and ADD

CACHE:

If we make any change in image, Unchanged layers will be treated as cached and speeds everything up. As a result only new layers will only take time.

Page 22: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch
Page 23: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Image building

● As above pic, we can see

“Removing container...”

● For each layer building, docker build create a container and create layer inside that, and removing that container after commit.

● Again same point: Container a writable and images are read only

● Docker images will list

docker image

Page 24: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

Some docker commands

● Specify the name of container

docker run –name <openwriteup>

● Run dameonised container:

docker run -d –name <openwriteup>

● Specify port number in the command

docker run -d -p 8080:8080

● Kill container

docker rm <container id>

● Container use and reuse: Vanished it once done, its not for storing.

Page 25: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

….

● Run interactive

docker run -d -p 8080:8080 -t -i <image id> --name <name of container>

● Docker attach

docker attach <container name or id>

● Find the ip of container

docker inspect -format '{{.NetworkSettings.IPAddress}} <container id>

[root@localhost amit]# docker inspect --format '{{.NetworkSettings.IPAddress}}' 1fc66a69a3

172.17.0.2

Page 26: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch
Page 27: A introduction to Docker - openwriteup.com€¦ · Docker Commit Pull a new container image docker pull rhel7:latest docker run rhel7:latest /bin/bash Modify the container: touch

● Chroot :Its spawn the container, Its create a filesystem inside the linux system. Its provides the kind of JAIL. Chroot file system jail

● Namespace: Process resource management and virtualization. Provide network stack ,memory,process isolation

● Cgroups: Control group inside the name, control the amount of memory and cpu utilization.

● Systemd: Guaranty of service. Management of process

● Lxc /docker containers


Recommended