A Docker Container is an isolated independent instance of kernel space, which means any number of docker instances can run independent applications.
The Docker Containers by design are isolated application runtime environment using the common host system resources exposed through cgroups and the host filesystem through the tarball filesystem obtained from generating a docker image.
All because of the Kernel namespaces.. Which provisions the pids and manages its port ranges, filesystem partitions, networking, and the most astonishing feature of having root privileges inside of the container but not outside of the container all by the help of chroot functionality.
The Docker storage implements the concept of the copy-on-write (COW) layered filesystems.
Each container gets its own network isolation.
Thus Containers are Lightweight than a VM.On the back end this functions by using the chroot
filesystem much like its predecessor like LXC’s, with its own hierarchy.
It also controls group resources(cgroups), groups together resources and then applies the limits on Block i/o, memory, CPU.
Namespace: It takes the system wide resources, wraps them and provides those resources as a isolated environment to the instances.
By Using a container you don’t really have to install an OS, enabling no repetition of similar workforce and you are not using the whole disk space repetitively for the similar OS files..
There’s only a single kernel which will be shared by multiple docker containers.
In this post we will explain some of the practical Docker use cases and commands :
There are two parts to the Docker Engine interns of user interaction:
One being the docker Daemon and the other being the docker client which send commands to interact with the Docker Daemon
How to build a Docker Image?:
# docker build -t <name>:<version-number> -f Dockerfile <.>
The .
at the end is important because it signifies the current context and the context cannot span backward.
The option of --no-cache
is important when building container images which are dependent upon downloading latest libraries from the internet or practically from your on-premise code repository which contains the freshly compiled code artifacts.
Build the Docker image with no caching:
# docker build --no-cache -t frontend-centos-lc:dev0.1 -f Dockerfile .
Once the docker container is successfully built, we can take a look at the newly created image:
Creating a docker image from scratch rootfilesystem is also a better option to create a base docker image, which gives you the freedom to package the libraries you wish and have complete control over it.
List docker images command
# docker images
# docker image ls
What are present inside the Docker Image?
The images are composed of multiple layers which form a auto union filesystem by bringing the various layers of docker image with each stages of build command creating interdependent layers.. The base image being the minimal rootfs in most cases comprised of a stripped down version of linux rootfilesystem. You can find more details from here, Building a Docker image from rootfilesystem
We run the docker inspect command on the docker image to describe various build related details.
# docker image inspect <image-name | image-id >
Example given:
root@node03:/home/vamshi# docker images nexusreg.linuxcent.com:8123/ubuntu-vamshi:v1 --no-trunc REPOSITORY TAG IMAGE ID CREATED SIZE nexusreg.netenrichcloud.com:8088/ubuntu-vamshi v1 sha256:9a0b6e4f09562a0e515bb2a0ef2eca193437373fb3941c4956e13a281fe457d7 6 months ago 354MB root@node03:/home/vamshi#
Can be listed by the –tree option
# docker container inspect 73caf780c813
# docker images --tree
This –tree option is deprecated and history command is used to provide the image layer details.
# docker history <image layer id>
The images are stored under /var/lib/docker/<storage driver>
and can be viewed, the filesystem container the container hash name followed by the docker container filesystem organized in the sub-directories.
Using the docker Tag command to tag the existing docker images to match a meaningful Repository name and append a version tag.
Example given for docker tag command.
# docker tag frontend-centos-nginx:dev0.1 my-repo:8123/frontend-nginx:v0.1
Run the docker command again to check the images, and see the newly tagged image present.
We use the docker push
choose to upload the image to the docker registry which is a remote docker repository using the docker push command.
# docker push <docker Registry_name>/<image-name>:<version>
# docker push my-repo:8123/frontend-nginx:v0.1