Docker
Docker registries
A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker is configured to look for images on Docker Hub by default. You can even run your own private registry. If you use Docker Datacenter (DDC), it includes Docker Trusted Registry (DTR). When you use the docker pull or docker run commands, the required images are pulled from your configured registry. When you use the docker push command, your image is pushed to your configured registry.
container
A container is a runtime instance of an image--what the image becomes in memory when executed (that is, an image with state, or a user process).
docker-compose.yml
A docker-compose.yml file is a YAML file that defines how Docker containers should behave in production.
stack
A stack is a group of interrelated services that share dependencies, and can be orchestrated and scaled together. A single stack is capable of defining and coordinating the functionality of an entire application (though very complex applications may want to use multiple stacks).
swarm
A swarm is a group of machines that are running Docker and joined into a cluster. After that has happened, you continue to run the Docker commands you're used to, but now they are executed on a cluster by a swarm manager. The machines in a swarm can be physical or virtual. After joining a swarm, they are referred to as nodes. Swarm managers can use several strategies to run containers, such as "emptiest node" -- which fills the least utilized machines with containers. Or "global", which ensures that each machine gets exactly one instance of the specified container. You instruct the swarm manager to use these strategies in the Compose file, just like the one you have already been using. Swarm managers are the only machines in a swarm that can execute your commands, or authorize other machines to join the swarm as workers. Workers are just there to provide capacity and do not have the authority to tell any other machine what it can and cannot do. Up until now, you have been using Docker in a single-host mode on your local machine. But Docker also can be switched into swarm mode, and that's what enables the use of swarms. Enabling swarm mode instantly makes the current machine a swarm manager. From then on, Docker runs the commands you execute on the swarm you're managing, rather than just on the current machine.
Ports 2377
Always run docker swarm init and docker swarm join with port 2377 (the swarm management port), or no port at all and let it take the default.
image
An image is an executable package that includes everything needed to run an application--the code, a runtime, libraries, environment variables, and configuration files.
docker swarm init
Before we can use the docker stack deploy command we first run this command to enable swarm mode and make your current machine a swarm manager
Container format
Docker Engine combines the namespaces, control groups, and UnionFS into a wrapper called a container format. The default container format is libcontainer. In the future, Docker may support other container formats by integrating with technologies such as BSD Jails or Solaris Zones.
What can I use Docker for? Running more workloads on the same hardware
Docker is lightweight and fast. It provides a viable, cost-effective alternative to hypervisor-based virtual machines, so you can use more of your compute capacity to achieve your business goals. Docker is perfect for high density environments and for small and medium deployments where you need to do more with fewer resources.
What can I use Docker for? Fast, consistent delivery of your applications
Docker streamlines the development lifecycle by allowing developers to work in standardized environments using local containers which provide your applications and services. Containers are great for continuous integration and continuous delivery (CI/CD) workflows. Consider the following example scenario: Your developers write code locally and share their work with their colleagues using Docker containers. They use Docker to push their applications into a test environment and execute automated and manual tests. When developers find bugs, they can fix them in the development environment and redeploy them to the test environment for testing and validation. When testing is complete, getting the fix to the customer is as simple as pushing the updated image to the production environment.
Namespaces
Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container. These namespaces provide a layer of isolation. Each aspect of a container runs in a separate namespace and its access is limited to that namespace. Docker Engine uses namespaces such as the following on Linux: The pid namespace: Process isolation (PID: Process ID). The net namespace: Managing network interfaces (NET: Networking). The ipc namespace: Managing access to IPC resources (IPC: InterProcess Communication). The mnt namespace: Managing filesystem mount points (MNT: Mount). The uts namespace: Isolating kernel and version identifiers. (UTS: Unix Timesharing System).
What can I use Docker for? Responsive deployment and scaling
Docker's container-based platform allows for highly portable workloads. Docker containers can run on a developer's local laptop, on physical or virtual machines in a data center, on cloud providers, or in a mixture of environments. Docker's portability and lightweight nature also make it easy to dynamically manage workloads, scaling up or tearing down applications and services as business needs dictate, in near real time.
Dockerfile
Dockerfile defines what goes on in the environment inside your container. Access to resources like networking interfaces and disk drives is virtualized inside this environment, which is isolated from the rest of your system, so you need to map ports to the outside world, and be specific about what files you want to "copy in" to that environment. However, after doing that, you can expect that the build of your app defined in this Dockerfile behaves exactly the same wherever it runs.
docker container kill <hash>
Force shutdown of the specified container
service
In a distributed application, different pieces of the app are called "services". For example, if you imagine a video sharing site, it probably includes a service for storing application data in a database, a service for video transcoding in the background after a user uploads something, a service for the front-end, and so on. Services are really just "containers in production." A service only runs one image, but it codifies the way that image runs—what ports it should use, how many replicas of the container should run so the service has the capacity it needs, and so on. Scaling a service changes the number of container instances running that piece of software, assigning more computing resources to the service in the process. Luckily it's very easy to define, run, and scale services with the Docker platform -- just write a docker-compose.yml file.
daemon
In multitasking computer operating systems, a daemon (/ˈdiːmən/ or /ˈdeɪmən/) is a computer program that runs as a background process, rather than being under the direct control of an interactive user.
docker service ps <service_name>
List the tasks for your service A single container running in a service is called a task. Tasks are given unique IDs that numerically increment, up to the number of replicas you defined in docker-compose.yml.
docker stack deploy -c docker-compose.yml <service_name>
Our single service stack is running 5 container instances of our deployed image on one host.
docker container rm <hash>
Remove specified container from this machine
docker image rm <image id>
Remove specified image from this machine
docker-machine ssh myvm1 "docker node ls"
Run docker node ls on the manager to view the nodes in this swarm
docker client
The Docker client (docker) is the primary way that many Docker users interact with Docker. When you use commands such as docker run, the client sends these commands to dockerd, which carries them out. The docker command uses the Docker API. The Docker client can communicate with more than one daemon.
docker daemon
The Docker daemon (dockerd) listens for Docker API requests and manages Docker objects such as images, containers, networks, and volumes. A daemon can also communicate with other daemons to manage Docker services.
Port 2376
The machine IP addresses returned by docker-machine ls include port 2376, which is the Docker daemon port. Do not use this port with swarm init or swarm join, or you may experience errors.
docker tag image username/repository:tag
The notation for associating a local image with a repository on a registry is username/repository:tag. The tag is optional, but recommended, since it is the mechanism that registries use to give Docker images a version. Give the repository and tag meaningful names for the context, such as get-started:part2. This puts the image in the get-started repository and tag it as part2.
version: "3" services: web: # replace username/repo:tag with your name and image details image: username/repo:tag deploy: replicas: 5 resources: limits: cpus: "0.1" memory: 50M restart_policy: condition: on-failure ports: - "4000:80" networks: - webnet networks: webnet:
This docker-compose.yml file tells Docker to do the following: Pull the image we uploaded in step 2 from the registry. Run 5 instances of that image as a service called web, limiting each one to use, at most, 10% of a single core of CPU time (this could also be e.g. "1.5" to mean 1 and half core for each), and 50MB of RAM. Immediately restart containers if one fails. Map port 4000 on the host to web's port 80. Instruct web's containers to share port 80 via a load-balanced network called webnet. (Internally, the containers themselves publish to web's port 80 at an ephemeral port.) Define the webnet network with the default settings (which is a load-balanced overlay network).
docker stack ps <service_name>
To view all tasks of a stack
Union file systems
Union file systems, or UnionFS, are file systems that operate by creating layers, making them very lightweight and fast. Docker Engine uses UnionFS to provide the building blocks for containers. Docker Engine can use multiple UnionFS variants, including AUFS, btrfs, vfs, and DeviceMapper.
docker push username/repository:tag
Upload your tagged image to the repository then if you docker run the uploaded image, if it doesn't exist locally, it will be pulled from the registry
docker build --tag=<image_name> .
create a docker image from Dockerfile in current directory ( the dot) -t is the shorter option for --tag the image is tagged as latest version by default tag version and image name --tag=friendlyhello:v0.0.1
docker-machine create --driver virtualbox myvm1
create an VM by docker-machine
docker container stop <Container NAME or ID>
explicitly stop docker container container is not stopped on windows by command ctrl + c
docker swarm join
let a machine joins the docker cluster as a worker
docker container ls -all
list all running containers -all list exited containers as well
docker-machine ls
list docker virtual machines and get their IP addresses.
docker --version
list docker's version
docker image ls
list downloaded docker image
docker ps
list running containers
docker login
login to docker public registry where you can upload your docker image to
docker swarm leave
make the node leave from cluster
volume
map host file system to container file system, so what is stored in container won't be wiped out redis: image: redis ports: - "6379:6379" volumes: - "/home/docker/data:/data"
docker info
more details about the docker installation docker version would do the same
docker-machine ssh myvm1 "docker swarm init --advertise-addr <myvm1 ip>"
myvm1 - name of vm run command in the vm through ssh You can send commands to your VMs using docker-machine ssh. Instruct myvm1 to become a swarm manager with docker swarm init
docker run -p 4000:80 <image_name>
run a container of the image and map local port 4000 to container's port 80
docker run <image-name>
run container of the image
docker run -d -p 4000:80 <image_name>
run docker container in the background detached mode -d
docker stack rm getstartedlab
tear down the stack
docker-machine env myvm1
to get the command to configure your shell to talk to myvm1 output of the command: export DOCKER_TLS_VERIFY="1" export DOCKER_HOST="tcp://192.168.99.100:2376" export DOCKER_CERT_PATH="/Users/sam/.docker/machine/machines/myvm1" export DOCKER_MACHINE_NAME="myvm1" # Run this command to configure your shell: # eval $(docker-machine env myvm1)
eval $(docker-machine env -u)
unset the docker-machine environment variables in your current shell with the given command.
