Lesson 15: Managing Containers in Linux
What is an ambassador container in a pod?
An ambassador container is a specific type of service mesh proxy that handles communications on behalf of the other containers in the pod. It facilitates communication with external services outside the pod.
What is libvirt?
An application programming interface (API) that provides software building blocks for developers to create their own virtualization solutions. It serves as the foundation for Linux-based virtualization and is used by hypervisors like VMware ESXi, KVM, and QEMU. The virsh tool, mentioned earlier, is part of the libvirt API.
Name some common container engines for Linux.
Common container engines for Linux include Docker, rkt, runc, and containerd.
How can container administrators upload images to a registry?
Container administrators can upload images to a registry using the "push" command.
What is the role of container engines in container deployment?
Container engines process user requests and run containers on top of an operating system.
Which standard do container engines use for container-image formats?
Container engines use the Open Container Initiative (OCI) standard.
Why is container persistent storage important?
Container persistent storage is important when applications running in containers require access to stored data or need to persist or store data for other services to utilize. It is especially crucial in orchestrated environments that automatically scale containers based on demand.
What is container persistent storage?
Container persistent storage refers to providing a container with access to data that is not built into it by the build process. It allows containers to store and access data across container lifecycles.
How are containers executed from a container image?
Containers are run using the docker run command. This command spawns instances of a container image and allows them to execute.
Are containers stateless or stateful?
Containers are stateless, meaning that any changes made to the container or applications running inside it are not preserved.
What are some advantages of using containers?
Containers are typically quick, reliable, and lightweight. They share a single operating system (usually Linux) and provide a single function. Containers also offer portability, allowing the software to run on different platforms without modification.
How is container virtualization different from virtual machines (VM)?
Containers offer a different form of virtualization compared to VMs. Containers are a complete and portable solution that includes the application code, runtime, libraries, settings, and other components required for the software to run. On the other hand, VMs emulate an entire operating system and run on top of a hypervisor.
How does Docker build multicontainer clusters?
Docker builds multicontainer clusters using a tool called Compose. Compose files can be translated into something Kubernetes can understand, allowing for an easy transition into a larger orchestrated-container environment.
What attributes do virtual NICs have?
Each virtual NIC has its own MAC address and IP address, allowing the virtual machine to participate on a physical or virtual network as an independent node.
What is the exact syntax for the pull command?
Exact syntax depends on the specific container engine.
What is the exact syntax for the push command?
Exact syntax depends on the specific container engine.
How can you create a customized image using a Dockerfile?
FROM alpinelinux/docker-alpine RUN apt-get install -y nano
How can images be downloaded from a registry?
Images can be downloaded from a registry using the "pull" command.
What is the purpose of the Docker command?
It is the primary management command for Docker containers.
What is the purpose of the pull command?
It is used to download images from a Docker registry
What is the purpose of the docker container command?
It is used to manage attributes for specified Docker containers.
What is the purpose of the docker pull command?
It is used to pull an image from a Docker registry.
What is the purpose of the push command?
It is used to upload images to a Docker registry.
What is the role of Network Address Translation (NAT) in container networks?
Network drivers such as overlay and bridge rely on Network Address Translation (NAT) to track IP addresses between the containers, hosts, and remote services.
Are containers platform-dependent?
No, containers are platform-independent. They can run on any platform that hosts a container solution. For example, software developed on a Linux workstation can run on a Windows cloud-based VM
What are the four options for network access in virtual machines?
None: No NIC installed in the virtual machine. Local: Network access limited to other virtual machines on the same host. Host-only: Access only to the host computer but not to the physical network or Internet. Bridged: Access to both the physical network and the Internet.
How can persistent changes be made to a container?
Persistent changes to a container can be made by updating the configuration file associated with the container.
What is the first step in container deployment?
Selecting and installing a container engine.
What is the purpose of sidecar containers in a pod?
Sidecar containers in a pod facilitate communications and play specific roles in enabling specialized or complex network connectivity. They are part of a service mesh topology.
What is the difference between singlenode and multicontainer pods?
Singlenode pods house only one container, while multicontainer pods can house more than one container.
What are some advanced features required as container deployments become more complex?
Some advanced features required as container deployments become more complex include orchestration, management, reliability, and scalability.
Name some common public container registries.
Some common public container registries include Docker Hub, Google, AWS, Microsoft, and many others.
What is the purpose of the "attach" subcommand for the docker container command?
The "attach" subcommand is used to attach local STDIN, STDOUT, STDERR to a container.
What does the "info" subcommand do?
The "info" subcommand displays system-wide information about Docker.
What is the purpose of the "inspect" subcommand for the docker container command?
The "inspect" subcommand is used to display detailed information on a container.
What is the purpose of the "logs" subcommand for the docker container command?
The "logs" subcommand is used to display container logs.
What is the purpose of the "ls" subcommand for the docker container command?
The "ls" subcommand is used to list existing containers.
What does the "port" subcommand do?
The "port" subcommand lists the port mappings for a specified container.
What does the "ps" subcommand do?
The "ps" subcommand lists the containers.
What does the "pull" subcommand do?
The "pull" subcommand pulls an image from a registry.
What does the "push" subcommand do?
The "push" subcommand uploads an image to a registry.
What is the purpose of the "restart" subcommand for the docker container command?
The "restart" subcommand is used to restart a container.
What does the "rm" subcommand do?
The "rm" subcommand removes containers.
What does the "rmi" subcommand do?
The "rmi" subcommand removes images.
What does the "run" subcommand do?
The "run" subcommand runs a command in a container.
What is the purpose of the "start" subcommand for the docker container command?
The "start" subcommand is used to start a stopped container.
What is the purpose of the "stop" subcommand for the docker container command?
The "stop" subcommand is used to stop a started container.
What does the FROM line in a Dockerfile specify?
The FROM line indicates the initial image that will be used as the base for the customized image.
What is the Open Container Initiative (OCI)?
The Open Container Initiative is a governance body that manages open-container formats among developers of container technologies.
What command allows you to check the status of containers on the system?
The command is $ sudo docker ps -a. This will display the status of all containers present on the system.
What is the common Linux virtualization engine?
The common Linux virtualization engine is the Kernel-based Virtual Machine (KVM).
How is a container image created from a Dockerfile?
The instructions in the Dockerfile are used to build the container image. The docker build command is used to create the image.
What is the main component of a Kubernetes deployment?
The main component of a Kubernetes deployment is a pod.
What is the primary management command for Docker containers?
The primary management command for Docker containers is the docker command.
What is the syntax for the docker container command?
The syntax for the docker container command is: docker container subcommand {options} {arguments}.
What is the syntax of the docker command?
The syntax of the docker command is: docker subcommand {options} {arguments}.
What are the three components of a container solution?
The three components are a configuration file, an image, and a running container.
What are the two types of container registries?
The two types of container registries are public and private. Public registries are available on the Internet to anyone, while private registries are restricted to authorized users on a specific network.
What are the two types of pods in Kubernetes?
The two types of pods in Kubernetes are singlenode pods and multicontainer pods.
What is the purpose of the virsh command?
The virsh command is an interactive shell to KVM virtual machines. It includes subcommands for various purposes such as getting help, displaying a list of recognized virtual machines, shutting down or starting a virtual machine, creating a virtual machine from an XML file, saving the state of a virtual machine, and opening a console to a virtual machine.
How are virtual machines configured?
They are allocated memory, defined storage, granted processor access, and configured for networking, allowing them to participate on a network like traditional Linux servers or workstations.
How can you verify if an image has been successfully created?
Use the command $ sudo docker images to display all container images, and check if the newly created image is listed.
How can you confirm if an image has been successfully pulled?
Use the command $ sudo docker images to display the images and confirm if the desired image is present.
How do you run a container from a pulled image?
Use the command $ sudo docker run {image-name} to run a container from the image. For example, $ sudo docker run alpinelinux/docker-alpine.
How do you pull an image from a registry using Docker?
Use the command docker pull {image-name}. For example, to pull the Alpine Linux image, type: $ sudo docker pull alpinelinux/docker-alpine
How can you build an image from a Dockerfile?
Use the docker build command followed by the --tag option to provide a descriptive name for the image. For example: $ sudo docker build --tag alpine.
How do containers receive network access?
Via network drivers
How are virtual network interface cards (vNICs) configured?
Virtual network interface cards (vNICs) are configured like physical NICs and are attached to virtual switches.
What is the purpose of virtual switches?
Virtual switches are used to better manage network traffic in virtualized environments.
Where does virtualization take place at the network layer?
Virtualization takes place at the network layer.
What benefits do containers provide when deployed in the cloud?
When containers are deployed in the cloud, they can take advantage of scalability, high availability, and quick deployment capabilities offered by the cloud infrastructure. These benefits allow for efficient resource allocation and management.
Can containers be deployed in different environments?
Yes, containers can be deployed on physical, on-premises servers, in a cloud infrastructure, or even on individual workstations. Deploying containers in the cloud provides benefits such as scalability, high availability, and quick deployments.
Can virtual machine deployment be automated?
Yes, virtual machine deployment can be automated by scripting the necessary commands, such as using the virt-install command, to make the process fast and consistent.
Can virtual machines host applications and services?
Yes, virtual machines can host applications and services.
What is the command for managing Docker containers?
docker
What is the command for managing attributes for specified Docker containers?
docker container
What is the syntax for the docker container command?
docker container subcommand {options} {arguments}
What is the command for pulling an image from a Docker registry?
docker pull
What is the syntax for the docker pull command?
docker pull {image-name}
What is the syntax for the Docker command?
docker subcommand {options} {arguments}
What is the command for downloading images from a Docker registry?
pull
What is the command for uploading images to a Docker registry?
push
What are container registries used for?
to centrally store container images and share them within a community. They enable easy sharing of images and are crucial for DevOps infrastructure, allowing automation and orchestration tools to pull images without human intervention.
What is virt-install used for?
virt-install is a command used by sysadmins to build virtual machines. It allows for the creation of virtual machines from the command line, providing options to specify the name, number of virtual CPUs, memory, CD-ROM image, disk size, and the operating system variant.
What is the command to create a storage location for container files and change into that directory?
$ mkdir containers followed by $ cd containers
How can you display running containers, including their container ID?
$ sudo docker container ls.
How can you restart a container?
$ sudo docker restart {container-ID} (replace {container-ID} with the actual container ID).
How can you stop a running container?
$ sudo docker stop {container-ID} (replace {container-ID} with the actual container ID).
Name some container network drivers and their functions.
- "host": Provides networking between the container and host using the host's network access. "overlay": Enables connectivity between containers run by different daemons. "bridge": Offers standard configuration for standalone containers that require network access. "none": Disables networking for the container, providing isolation.
What is the purpose of a Dockerfile?
A Dockerfile is a configuration file for Docker images. It contains instructions for building the image, including source code, libraries, tools, and dependencies.
What is the role of a container image?
A container image serves as a template for running containers. It defines how a container should look and contains all the necessary components for the container to function.
What does a container package contain?
A container package includes everything needed for the software to run, such as application code, runtime, libraries, settings, and other components.
What is a pod in Kubernetes?
A pod is a group of one or more containers managed by Kubernetes. It is the basic unit of deployment in Kubernetes.
What is a service mesh in a container environment?
A service mesh is a dedicated infrastructure layer managed by code that provides service-to-service interaction in a container environment.
What benefits does a service mesh provide?
A service mesh provides benefits such as load balancing, traffic control, service monitoring, and service discovery in a container environment.
What is the purpose of a sidecar proxy in a service mesh?
A sidecar proxy is a sidecar container that enables communication between microservices in a container environment. It works alongside the application container to provide monitoring, service discovery, and service communication.
What is the GNOME Virtual Machine Manager (VMM)?
A utility used for managing connectivity to virtual machines. It offers an intuitive graphical interface for deploying, managing, and removing virtual machines. To use VMM, the virt-manager package needs to be downloaded and installed.
How can you start a container interactively with a Bash shell?
Add the -it options to the run command. For example: $ sudo docker run -it {image-name} bash.
