Skip to content

Docker container fundamentals

Docker is a platform that enables developers to package applications and their dependencies into lightweight, portable containers.^[400-devops-06-kubernetes-k8s-paas-01docker.md]

This technology allows applications to run consistently across different environments, adhering to the principle of "write once, run anywhere."^[400-devops-06-kubernetes-k8s-paas-01docker.md]

Core Concepts

Docker relies on three primary concepts:

  • Image: A read-only template containing the application and dependencies.
  • Container: A runnable instance of an image (isolated process).
  • Repository: A storage location for images (e.g., Docker Hub).

Container Lifecycle

The lifecycle of a container typically involves the following commands:

  • docker run: Creates and starts a new container from an image. If the image is not present locally, Docker attempts to pull it from a remote registry.^[400-devops-06-kubernetes-k8s-paas-01docker.md]
  • docker ps: Lists running containers. Adding -a displays all containers, including those that are stopped.
  • docker logs: Retrieves logs from a container to check its output or debug issues.
  • docker exec: Executes a command inside a running container, often used to open an interactive shell (e.g., /bin/bash).^[400-devops-06-kubernetes-k8s-paas-01docker.md]

Networking Modes

Docker supports several networking modes to control how containers communicate with each other and the outside world^[400-devops-06-kubernetes-k8s-paas-01docker.md]:

  • Bridge (NAT): The default mode. The container runs on a private internal network, and ports are mapped to the host machine via NAT (e.g., -p 81:80).^[400-devops-06-kubernetes-k8s-paas-01docker.md]
  • Host: The container shares the host's network namespace. It has no separate IP address and binds directly to the host's ports.
  • None: Networking is disabled for the container.
  • Container: The container shares the network namespace with another specified container.

Data Management (Volumes)

To persist data or share files between the host and the container, Docker uses Data Volumes.

This is achieved using the -v flag, which maps a directory on the host to a directory inside the container (e.g., -v /root/html:/usr/share/nginx/html).^[400-devops-06-kubernetes-k8s-paas-01docker.md]

Images and Build Automation

Images are built from a Dockerfile, a text file containing a series of instructions.

Key instructions include^[400-devops-06-kubernetes-k8s-paas-01docker.md]:

  • FROM: Sets the base image.
  • ENV: Sets environment variables.
  • RUN: Executes commands (e.g., installing software).
  • ADD/COPY: Copies files from the host into the image.
  • EXPOSE: Documents the network ports the container listens on.
  • CMD: Specifies the default command to run when the container starts.

The build process is layered; only the changed layers are updated in subsequent builds, which optimizes storage and transfer speeds^[400-devops-06-kubernetes-k8s-paas-01docker.md].

  • [[Virtualization]]
  • [[Microservices]]
  • CI/CD

Sources

^[400-devops-06-kubernetes-k8s-paas-01docker.md]