What is Docker and why it is amazing ?

docker_octopus

Docker is a brilliant tool to make it easier to build, deploy, run and share applications using containers! Looks good, but what is a container ?

Containers allow you to package all the stuff that your application needs like such as libraries and other dependencies and ship it all as a single image.

A docker image includes everything needed to run an application - the code or binary, runtimes, dependencies, and any other filesystem objects required.

Then, all applications can be run on any machine whatever the OS ( your computer, on test, on production server) and will have the same behavior.

No more excuse for the Dev to say ‘But it works on my machine’ !

Docker No dev excuse

But, wait, if i understand well, docker is like a Virtual Machine ? Right ?

No ! Docker is not a Virtual Machine !

> Docker is a computer program that performs operating-system-level virtualization, also known as “containerization”.
> A Docker container, unlike a virtual machine, does not require or include a separate operating system. Instead, it relies on the kernel’s functionality and uses resource 
> isolation for CPU and memory, and separate namespaces to isolate the application’s view of the operating system.

Containers vs. virtual machines

Containers and VMs each have their uses–in , many deployments of containers use VMs as the host operating system rather than running directly on the hardware, especially when running containers in the cloud.

Docker containers can run on a developer’s local laptop, on physical or virtual machines in a data center, on cloud providers, or in a mixture of environments.

So you can use Container on Virtual Machine, it will give you the advantage of each other.

Container

A container is an isolated, lightweight silo for running an application on the host operating system.

Containers build on top of the host operating system’s kernel , and contain only apps and some lightweight operating system APIs and services that run in user mode.

Containers are typically measured by the megabyte as they are light and they shared OS or more precisely the kernel . There is no OS configured on the container itself and because that i will reduce the complexity to manage them.

Docker Container Structure

Virtual Machines

In contrast to containers, VMs run a complete operating system–including its own kernel with virtual access to host resources through a hypervisor.

> A hypervisor, otherwise known as a virtual machine monitor, is a software program that enables a user to run multiple virtual machines on a single piece of computer hardware.

VMs are typically measured by the gigabyte. They usually contain their own OS, allowing them to perform multiple resource-intensive functions at once.

Virtual Machine Structure

Summary

Long story short, containers are isolated on a single OS and shared the kernel, they are light and fast as they are like processes and only contains what is need to run an application.

The virtual machine contains OS inside and share the resource of a server managed and controlled by the HyperVisor like Vmware or VirtualBox, it’s heavier-weight than containers and more complex.

It will take millisecond to start a Container in comparison of minutes to start a Virtual Machine, big advantages for container in case of scaling.

Virtual machines provide an abstract machine, whereas containers provide an abstract OS.

Although containers share system resources, unlike virtual machines, all containers on an individual host share the same OS kernel.

Container are lighter and faster, use less storage but they are less secure as there are less isolated than Virtual Machine as they are sharing the same OS and kernel.

Advantages of Docker and Containers

There is a lot of Pros to used docker and specially for applications and developpers.

  • Flexible: Even the most complex applications can be containerized.
  • Lightweight: Containers leverage and share the host kernel.
  • Interchangeable: You can deploy updates and upgrades on-the-fly.
  • Portable: You can build locally, deploy to the cloud, and run anywhere.
  • Scalable: You can increase and automatically distribute container replicas.
  • Stackable: You can stack services vertically and on-the-fly.

Container VS Docker Image ?

Docker Images are template containing libraries, bin, env to easily deploy Containers,

The docker image can be used later to deploy container on any host where Docker is running and it will work in the same way whatever on which OS docker is running. Often, an image is based on another image, with some additional customization. You might create your own images or you might only use those created by others and published in a registry. To build your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the image and run it. Each instruction in a Dockerfile creates a layer in the image.

A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that are not stored in persistent storage disappear.

What are the main components of Docker ?

Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing your Docker containers

  • The Docker Daemon - A server which is a type of long-running program called a daemon process listening for Docker API requests and manages Docker objects such as images, containers, networks, and volumes. (the dockerd command).
  • A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do.
  • The Docker CLient which is the primary way that many Docker users interact with Docker - A command line interface (CLI) client (the docker command).
  • Docker registries A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker is configured to look for images on Docker Hub by default. You can even run your own private registry.

docker Engine

The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface.

docker_architecture

Installation of Docker Engine on Linux ( Ubuntu )

As i’m using mostly Debian or Ubuntu, or Centos, i will install and configure docker on Ubuntu.

I will show you to proceed for the installation based on this documentation :

Get Docker

Install using the repository

Before you install Docker Engine for the first time on a new host machine, you need to set up the Docker repository. Afterward, you can install and update Docker from the repository.

  1. SET UP THE REPOSITORY

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

$ sudo apt-get update

$ sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    software-properties-common

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

If you are using a proxy, first set the proxy and run the command again

export https_proxy=https://10.74.208.11:8080
export http_proxy=https://10.74.208.11:8080
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
OK

Add the Docker repository

$ sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"

Run apt-get update to update your apt package index and install docker

 $ sudo apt-get update
 $ sudo apt-get install docker-ce docker-ce-cli containerd.io

Once installed, verify the installation

docker --version
Docker version 19.03.12, build 48a66213fe

Configure Docker to start on boot ( Optional )

 sudo systemctl enable docker

Launch your first container :

# docker run hello-world
Unable to find image 'hello-world:latest' locally

docker: Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers).

Oups ! It doesn’t work ? But Why ? As you can see, first docker try to find a local image and after try to get from Docker image repository ( Docker Hub ) but it can connect well because the proxy is not set.

If you are behind an HTTP or HTTPS proxy server, for example in corporate settings, you need to add this configuration in the Docker systemd service file.

Let’s configure proxy for Docker ! Configure Systemd for Docker

Create a systemd drop-in directory for the docker service:

sudo mkdir -p /etc/systemd/system/docker.service.d

Create a config file for the proxy and configure to do not use proxy for Local repository

# vim /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=https://10.74.208.11:8080"
Environment="HTTPS_PROXY=https://10.74.208.11:8080"
Environment="NO_PROXY=localhost,127.0.0.1,myawesomeregistry.vodafone.com,.corp"

Flush changes and restart Docker

sudo systemctl daemon-reload
sudo systemctl restart docker

Let’s try to launch again our hello-world APP from Docker registry.

docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:7f0a9f93b4aa3022c3a4c147a449bf11e0941a1fd0bf4a8e6c9408b2600777c5
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

Better ! Right 😄

List the images you previously downloaded ( Pull )

docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
hello-world         latest              bf756fb1ae65        7 months ago        13.3kB

List the container which was running ( –all ) and which are running.

root@mt-ub-postfix:/etc/systemd/system/docker.service.d# docker ps --all
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
ac4ad54eed0e        hello-world         "/hello"            7 minutes ago       Exited (0) 7 minutes ago                       sharp_hermann

Let’s now launch an very light ubuntu image and enter its shell - Useful to make few test fast on a linux machine

root@mt-ub-postfix:~# docker run -it ubuntu bash
root@dac2b086f1aa:/#

As you can see, you are directly connected on the shell of the ubuntu container once the image is download from the Docker hub. The flags -i and -t tell Docker we want an interactive session with a tty attached and the command /bin/bash gives a bash shell. The container will stop when you exit the shell.

root@dac2b086f1aa:/# exit
exit
root@mt-ub-postfix:~# ^C
root@mt-ub-postfix:~# docker ps -all
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS                        PORTS               NAMES
dac2b086f1aa        ubuntu              "bash"              About a minute ago   Exited (130) 12 seconds ago

Notice that during our example, docker was using the latest version of the ubuntu image. You can use tag if you want to use different version.

Docker Hub Ubuntu Image

To run a container of Ubuntu Groovy by example, you will use this tag :

root@mt-ub-postfix:/etc/postfix# docker run -it ubuntu:groovy bash

If you want to have a look of all official images of docker Docker HUB At the time of this post, there are more than 3,5 millions of docker images !

All the images are configurable and you can use this image as a foundation for you own personalized images !

To Be Continued