Docker is an open source platform that uses OS level virtualization to develop, ship, and run applications inside containers. Docker containers encapsulate everything an application needs to run (and only those things), keep applications isolated from each other on the same host, and ensure they work uniformly across different environments.
This comprehensive guide will help you understand Docker containers from the basic concepts to advance usages.
Docker containers are runtime instances of Docker images. Just like a live application, it includes the application and all its dependencies but shares the kernel with other containers. It runs as an isolated process in the user space on the host operating system. Due to this characteristic, Docker containers are very lightweight and fast.
Multi-platform deployment: Docker is available for a wide range of platforms, from personal computers to public clouds, private data-centers and edge networks.
Version control and component reusability: You can share Docker images across different teams, making component reusability a breeze. Plus, Docker has version control similar to GIT.
Isolation: Docker ensures that your application runs in isolation from other containers giving you the confidence to deploy your container in any environment.
Security: Docker containers isolate applications from each other and from the host system, building an extra security layer to your application.
Let's go over some of the most basic Docker commands you will find yourself using often:
docker run <image_name>: This command is used to start a Docker container. For instance, docker run ubuntu will start an Ubuntu container.
docker ps: This command is used to list all the running Docker containers.
docker stop <container_id>: This command is used to stop a running Docker container.
docker rm <container_id>: This command is used to remove a Docker container.
docker pull <image_name>: This command is used to pull an image from the Docker registry.
Docker images are templates that contain the filesystem and other dependencies required to create a Docker container. Docker images are read only, and can never be modified once created. If you want to edit an image, you need to create a new one with the desired changes.
Creating Docker Images:
You can create Docker Images using a file known as a Dockerfile. A Dockerfile is a text file that contains a list of commands that Docker can call to create an image.
Here is an example of a Dockerfile:
# Use an official Node runtime as the base image
FROM node:10
# Set the working directory in the container to /app
WORKDIR /app
# Copy package.json and package-lock.json to the working directory
COPY package*.json /app/
# Install any needed packages
RUN npm install
# Copy the rest of the working directory contents into the container at /app
COPY . /app
# Make port 80 available to the world outside this container
EXPOSE 80
# Run app.js when the container launches
CMD ["node", "app.js"]
This Dockerfile tells Docker to:
Each step in the Dockerfile creates a new layer in the image, and they are stacked on top of each other. Layers are cached and can be re-used for building other images too, which speeds up the build process.
There are three network drivers in Docker – bridge, none, and host.
Bridge: The bridge network is a private network created by docker on the host. All containers without a --network flag at runtime are connected to this bridge network.
Host: Removes the network isolation between the Docker host and Docker containers to use the host’s networking directly.
None: This mode disables all networking.
Docker provides several options for storing data:
Volumes are the most flexible type of storage and are recommended as the default method. They exist independently of containers and can remain persistent even when a container is removed.
Bind mounts are very much similar to volumes, but their functionality is lesser because they are tied to the host system’s filesystem.
tmpfs mounts are stored in the host machine’s memory only, and are never written to the host machine’s filesystem.
Docker provides several commands for managing containers, some of which include:
docker start <container_id>: This command is used to start an existing Docker container.
docker exec <container_id> <command>: This command allows you to run a command in a running container.
docker logs <container_id>: This command allows you to view the logs of a Docker container.
1. What is the difference between a Docker image and a container?
A Docker image is a read-only template that includes instructions for creating a Docker container. On the other hand, a container is a running instance of an image.
2. How can you remove all Docker containers at once?
You can use the command docker rm $(docker ps -a -q) to remove all Docker containers. The docker ps -a -q command will return all container IDs and docker rm will remove them.
3. Can you use Docker without root privileges?
Yes, to run Docker without root privileges, you need to add your user to the Docker group by executing sudo usermod -aG docker $USER. After this, log out and log back in for the changes to take effect.
4. How do you copy files from a Docker container to the host?
You can use the docker cp command to copy files from a Docker container to the host. Here is the syntax: docker cp <containerId>:/file/path/within/container /host/path/target.
5. What is Docker Compose?
Docker Compose is a tool that is used for defining and managing multi-container Docker applications. It uses YAML files to configure the application's services and performs the creation and start-up process of all the containers with a single command.
Feel free to open a new issue for more Docker related questions. We appreciate your contribution in improving our documentation. Happy Dockering!