This post would describe notes that results from my initial exploration using docker. Docker could be described as a thin VM. Essentially docker runs processes in a linux host in a semi-isolated environment. It was a brilliant technical accomplishment that exploits several characteristic of running applications in a linux-based OS. First, that the result of package installation is the distribution of package files in certain directories, and changes to certain files. Second, that executable file from one Linux distribution could be run in another Linux distribution provided that all the required shared library and configuration files are in their places.
Basic characteristic of Docker images
Docker images are essentially similar to zip archives, organized as layer over layers. Each additional layer provide new file or changed files.
Docker image should be portable, means it could be used in different instances of application in different hosts.
Docker images are built using docker entry script and Dockerfile, which :
a. Dockerfile essentially shows the steps to install the application packages or files. After executing each RUN command in the Dockerfile, Docker creates a layer that stores the files add or updated by the RUN command.
b. Docker entry script shows what command will be executed if the image is being run. This could be a line running existing program, but it could also point to shell script provided.
The Dockerfile is written using a domain specific language, that shows how to build the layers composing the docker image. Some of the Dockerfile syntax are :
- ADD : add a file to the docker image filesystem, if the file is tar then Docker would extract it first, and it were allowed to use file from local filesystem or an URL from the internet.
- FROM : refers to one parent docker image, so the files from the parent image are available in the current docker image
- RUN : executes some program/command inside the Docker environment, Docker would capture file changes resulting from the execution
- CMD : shows docker entry command, this could point to a shell script already inside the Docker image filesystem or an existing program
Basic Docker usage
There are a few basic docker commands that you need to know when using docker.
- docker ps : print running processes (containers in docker lingo). The variant is docker ps -a , shows running and terminated containers.
- docker inspect
: show various information of a running docker container. Join with grep to get shorter output, like : docker inspect | grep 172 -> this will filter to show IP addresses. Container could be referred by its name or id.
- docker history : shows the layers composing the image, also shows no-operation layers such as MAINTAINER.
- docker exec -it
bash : runs a bash shell inside a container interactively. This functions mostly like ssh without needing ssh daemon running inside the container.
- docker run -d --name
[command] [params] : creates a new container from an image, runs it in the background using the entry point. There are other useful parameters before --name, such as :
- -v hostdir:containerdir -> mounts a host directory inside the container, this could also works for single file.
-> put the IP of othercontainer in /etc/hosts so the container could access the other container by specifying its name
- -e VAR=value -> sets environment variable
- docker start
: starts the container using the entry point
- docker stop
: terminates the process inside the container
- docker rm
: deletes the container, note that named data volumes would not be deleted
Docker images from the internet could be referred when creating new containers, or also inside a Dockerfile. For example, to create a container using an official mariadb image, with data directory mounted from the host, using TokuDB storage engine, use this command :
docker run -d --name maria -e MYSQL_ROOT_PASSWORD=rootpassword -v /data/docker/mysql:/var/lib/mysql mariadb --plugin-load=ha_tokudb --plugin-dir=/usr/lib/mysql/plugin --default-storage-engine=tokudb --wait_timeout=2000 --max_connections=500
Docker would try to retrieve mariadb image from the official image source (see https://hub.docker.com/_/mariadb/). The docker image syntax is
Specifying no tag in the command implies retrieving mariadb:latest.
Host specific configuration are given as parameters of the docker run command, and they could be very long, complicating the container creation command. To simplify this, use docker-compose :
- docker-compose up -d : reads docker-compose.yml and starts new containers using the compose specification, assuming the docker images already built
- docker-compose build : reads the docker-compose.yml and create images from specified Dockerfiles if required
- docker-compose stop : stops the containers specified in docker-compose.yml
- docker-compose start : starts the process in the containers (similar to docker start) referred by docker-compose.yml
Docker-compose uses docker-compose.yml as the blueprint of the containers.
This example dockerfile shows various parts of the file: (note that this is a 1.x docker-compose format)
The volumes clause specifies volumes that are mounted inside the container, like the -v parameter. Specifying a directory in the volume line before the colon (:) means a directory from the host. Specifying a simple name instead will be interpreted as Docker data volume, which would be created if it doesn't exist yet. The directory after the colon shows the target mount directory inside the container.
The image clause specified the base image of the container. Alternatively, a dockerfile clause could be specified instead of image clause.
The environment clause shows additional environment variables that would be set inside the container.
External_links clause refers to name of existing running container that will be referred in /etc/hosts of the container.
Another example using two containers :
This example shows two containers with some dependency links. The first, ismsdash-webserver, links to the second container using links clause. The second, ismsdash-php-fpm refers to two existing containers outside this docker-compose.yml file.
The first container is created from a docker image. The second container requires the image to be built first using a specified Dockerfile.
The ports clause specifies port forwarding from the host port to the container port.
Knowledge of several basic commands are neccessary in order to use docker. This post described some commands, hoping that the reader will be able to start using docker using these commands.