Docker basics

Why use docker

"To make environment construction easier" You can easily build an environment with docker such as packages, libraries, development environment construction, execution environment construction, etc.

If you put python etc. on the host, it will be difficult just to uninstall it, or it will cause a conflict with other packages. By building the environment in the container instead of the host, you can build it in a place where the host is not affected at all by discarding the container when there is an error.

You can create and delete the environment many times as long as you write the environment construction method in the dockerfile. You can also build the exact same environment by giving the dockerfile or image to someone else.

Since the environment is built in a place that has nothing to do with the host, there are no errors specific to that person.

without docker

  1. Download the installer
  2. Start the installer
  3. I get an error
  4. Troubleshooting
  5. Start the installer ...

One troubleshooting is rarely successful

With docker

  1. Start the container

It's just over.

Features of Docker

Container independence

Even if you set up two containers from the same docker image, the file system of each container is independent. Working inside a container does not affect other containers or hosts.

Preliminary knowledge for learning Docker

shell

bash, zsh, sh ...

The application for running the shell is the terminal. The shell is a tool for connecting to the kernel

Environment variable

Variables used by processes running on the OS to share information

※process (Terminal, Chrome browser ...)

Checking environment variables in the shell

Command "echo $ SHELL" $ ・ ・ ・ Something like an environment variable marker

How to create environment variables

Command "export AGE = 20"

Basic terminology

Dockerfile ・ Docker image blueprint ·text file

It describes how to make a Docker image. It is easy to understand because it describes what kind of container and what kind of Docker image it will be

Docker image What makes a container There is a function to manage versions called tags.

A "docker image" is made up of multiple "image layers". When the docker container is created, a new "image layer" is added to the "docker image".

container

"A set of development environment, execution environment, etc."

You can place multiple containers on your computer or server. Install the development environment, execution environment, necessary packages and libraries in the container. You can then work inside the container, use the container to run scripts, and run code.

If you create one container, you can use that container in other members, development environment, test environment, and production environment.

The container is made from "Docker image". You can also create a "Docker image" from a container. A "Docker image" is created from a text file called "Docker file".

Docker hub One of the Docker registries There are various repositories (boxes), and one type of Docker image is managed for each repository. (Multiple docker images with different tags are included)

Docker registry

Where to store "Docker image"

command

docker login You can access docker hub.

docker pull [image] Bring the image locally (host, your computer) from docker hub

docker run -it [image] bash Create a container from Docker image

Example) docker run -it ubuntu bash Make a container from the image of "ubuntu".

-What is it

There are two options, -i and -t. -i
Option to open a channel for input. The input channel is a channel called stdin. When you open a channel called stdin, what you type from the keyboard arrives at linux. A channel that opens the container's stdin channel from the host. When docker run (start bash) without "-i", the information of the command typed in the container is not transmitted.

-t Clean the output result. (Make it pretty). A command to display pretty output.

docker run hello-world Make a container from the image of "hello-world"

exit Get out of the container

docker ps -a Check the status of the container

docker images View a list of images on the host

docker restart Put the container up

docker exec -it [container] bash Execute the specified program (bash) for the container

docker commit [container] [image] Change from container to image (Create a new image)

docker tag [source] [target] Retag the image with a new name. The old image remains and you can name the new image.

[source] ・ ・ ・ Current image name [target] ・ ・ ・ New image name

docker push [image] push to docker hub

docker rmi [image] Delete image rmi ・ ・ ・ remove image

docker create Make a container

docker start Run the container

※run = create + start

docker run [image] [command] Default command override If you type an additional command after "docker run", that default command will be overwritten and this [command] will be executed.

docker rm

Delete container If the container is running, it cannot be deleted. (Stop with docker stop)

docker system prune Delete all exited containers. You can also clear unused dangling images (images that haven't used anything yet) and cache.

docker run --name [container_name] [image] Specifying the container name You can name and start the container. When you want to keep a container running in the background, or when you are using a shared server, various people set up a container there. At that time, you need a name. When accessing the container from another program or using the container, you can call it immediately by giving it a name.

docker run -d [image] "-D" is the case where the container is always running in the background. When using it in a development environment, it is necessary to always start the container behind the scenes, so use the "-d" command to switch to detached mode. -d ・ ・ ・ detached

detached mode

Start the container and immediately detach it back to the host. The container is moving behind the scenes.

detached mode ⇆ foreground mode

foreground mode

Container started without "-d" A case where you enter the container directly, or set up the container once, start some program, and immediately delete the container

docker run --rm [image] Delete the container as soon as you exit it.

dokcer build . Create a Docker image from a Dockerfile Usually, move to the folder where Dockerfile is, then specify the current directory and build Docker image.

docker build -t [name] [directory] You can name the Docker image with the -t option.

Dockerfile

・ Docker image blueprint ·text file

It describes how to make a Docker image. It is easy to understand because it describes what kind of container and what kind of Docker image it will be

When building an environment, enter the container once, build the environment inside the container, and know the necessary packages. Next, write it in the Dockerfile and do docker build. It becomes the flow.

⭐️ Minimize the number of layers in the Docker image. -There are three instructions to create a docker layer: RUN, COPY, and ADD.

How to write a Dockerfile

INSTRUCTION arguments

Write in the form of. arguments ・ ・ ・ Arguments

ex)

FROM ubuntu:latest
RUN touch test

ex)

FROM ubuntu:latest
RUN apt-get update && apt-get install -y \
  curl\
  cvs\
  nginx
CMD ["/bin/bash"]

docker instruction FROM [image] What determines the base Docker image (in the example, ubuntu is the base)

It is good to specify an image with the minimum necessary functions. It is often an image placed on the Docker hub. In many cases, Docker image with the OS as it is, such as ubuntu, is used.

Run [command]

docker INSTRUCTION for executing linux commands

Run the linux commands needed to configure the image. Execute command (create image layer) Basically, create a docker image with RUN's docker instruction.

The basic writing method is the above example, so it is good to remember.

ubuntu manages packages with the command apt-get (or apt). It is common to always get a new list before installing.

apt-get update ・ ・ ・ Get the latest package list apt-get install [package] ・ ・ ・ Install [package]

"-Y" ... Answer "yes" when installing the package. Arrange the required packages in abc order.

"" ... Line breaks are also regarded as one line.

Since RUN creates a docker image layer, if you do multiple RUNs, you will have as many docker image layers as there are, and the docker image will become larger. To avoid that, connect the commands with "&&" and reduce the number of RUN lines as much as possible.

CMD["executable", "param1", "param2"] You can specify the default command for Docker image.

executable ・ ・ ・ Executable command

Most Dockerfiles end with CMD.

It doesn't have to be, but it's better to put it on. After all, when you look at the Dockerfile, you can see that this command works by default.

COPY [src][destination] When building, you can embed the files in the build context into the docker image. → You can pass some files or folders from the host to the container.

src ・ ・ ・ path of host file destination ・ ・ ・ Path of the file that stores the target file in the container

"COPY" and "ADD" are similar, but basically "COPY" is fine.

ADD [src][destination] When building, you can embed the files in the build context into the docker image. → You can pass some files or folders from the host to the container.

When you docker build the compressed tar file, it sends it to docker image and decompresses it.

ENTRYPOINT You can specify the default command when docker run. (Same as CMD)

"ENTRY POINT" cannot be overwritten when docker run. In "CMD", it can be overwritten when docker run.

If "ENTRY POINT" is in the Dockerfile, the way to write CMD changes. The form of CMD specifies the argument of this command specified in "ENTRYPOINT".

Example) ・ CMD without ENTRY POINT CMD ["ls", "--help", "argument", "argument", ...]

・ CMD with ENTRY POINT ENTRYPOINT["ls"] CMD ["--help", "argument", "argument", ...]

ENV [key] [value] Environment variables can be specified in the Dockerfile. It is often used when passing through a path.

Environment variables: Variables used by all processes running on the OS to share information. key and value combination

ENV [key]=[value] Can also be written

WORKDIR [absolute path]

You can change the directory where the docker instruction described in the Dockerfile is executed.

In the Dockerfile, the location where each instruction is executed is directly under the root. In the Dockerfile, even if you move with the cd command with RUN, the next command will be executed with RUN directly under the root. However, that may be inconvenient, so specify the absolute path with "WORKDIR" and execute the subsequent instructions at the specified path.

Details of docker build command

Why do you specify that folder instead of dockerfile when you run docker build?

When executing docker build, pass the specified folder to the docker daemon. docker damon creates a docker image based on the folder and Dockerfile.

So you need a folder as well as a Dockerfile.

The folder to build is called "build context". Using this context, the docker daemon creates a docker image from the docker file.

context ・ ・ ・ Environment and situation

What is docker daemon

-Managing docker objects. (Actually operate the container and docker image) ・ Communicate with other Docker tools such as docker compose.

docker object ・ ・ ・ Container, image, network, etc.

A docker CLI command (such as "docker build" or "docker run") is used to send commands to the docker daemon that manages docker objects.

Do docker build while using cache

If you already have a docker layer, you don't need to build it again. While maintaining the docker file, divide RUN into multiple businesses.

If you add a new package and build it with RUN integrated, a new image layer will be created.

ex)

FROM ubuntu:latest
RUN apt-get update 
RUN apt-get install -y \← Divide RUN
  curl\
  cvs\
  git\← Add
  nginx
CMD ["/bin/bash"]

docker build -f [docker file] [build context] If there is no dockerfile in the build context, or if you have created another dockerfile and separated it from dev and test, use the "-f" option and do docker build to specify a specific dockerfile and docker build. it can.

If you have different dockerfiles in the development environment and the test environment, you may use "-f" to specify the dockerfile and build docker.

The name of the Dockerfile is 開発系ではDockerfile.dev In the test Dockerfiel.test The file name is often in the form of.

Relationship between host and container

File system sharing

The container's file system is independent of the host's file system, but the "-v" option allows the container to access the host's file system. Mount the host file system on the container. By mounting the filesystem, you can behave as if the host filesystem is in the container's filesystem. (Actually, it is not in the container. If you put it in the container, it will be large.)

In the development environment, the code is often placed on the host and the container is used when executing the code.

Basically, when proceeding with development, it is common to put code scripts and data on the host and not in the container.

docker run -v [host/path]:[container/path]

Access to files

Run the container with user ID and group ID

If the container can access the host's file system, access to the file becomes an issue. By adding the "-u" option, you can set up a container by specifying the user ID or group ID. As a result, the privileges of the host user ID and group ID are applied to the container as they are.

docker run -u (id -u):(id -g) (id -u): User ID (id -g): Group ID $: The return value of the command is specified in "-u"

Connect ports

Connect the host port to the container port Port: What the process uses for data communication The IP address and host name are the address of the building, and the port is the image like the room number.

When accessing the host's web server or web service from the outside, you can access the host's web server or web service by specifying the port in addition to the host's name and IP address. If a web server or web service is running on the container, you can access the container port from the outside by connecting (publishing) the host port and the container port.

docker run -p [host_port]:[container_port] docker run -p 8888:8888

Computer resource limit

If there are multiple containers in the host and one container uses all the memory, the entire system may go down. To avoid that, you can specify the upper limit of "cpu" and "memory" for each container.

docker run --cpus [#ofCPUs] --memory [byte]

[#ofCPUs] ・ ・ ・ Set the upper limit CPU that the container can access [byte] ・ ・ ・ Set the upper limit memory that the container can access

View container details

The docker container information is displayed in a list.

docker inspect [container] | grep -i [something]

The content displayed by docker inspect is so large that you cannot access the information you need immediately. Use grep -i [something] to display only the dockr inspect related to the specified character string such as "CPU", "memory", and "environment variable (env)".

-i ・ ・ ・ ignore, ignore case

Finally

This article was created based on Udemy's docker course (https://www.udemy.com/share/103aTRAEMfeVhaTXoB/) by Kame-san (https://twitter.com/usdatascientist?s=21). ..

Kame-san's blog (https://datawokagaku.com/docker_lecture/)

Recommended Posts

Docker basics
docker
Docker monitoring-explaining the basics of basics-
Docker Compose basics and commands
Understand the basics of docker
docker memo
Rails basics
kubernetes + docker
spring × docker
Ruby basics
About Docker
Docker Intellij
JPA Basics 1
ViewPager basics
Java basics
Docker installation
Java basics
RSpec Basics
About Docker
Docker command
Docker memorandum
JavaScript basics
Understand Docker
Docker memorandum
JPA Basics 2
Hash basics
Java basics
Ruby basics
RecyclerView Basics
Rails CSV basics
docker tutorial (memo)
What is Docker?
Docker basic summary
Technical memorandum (Docker)
Docker + Laravel + Codeception
Liberty on Docker
Rails Routing Basics
Docker operation memo
[wip] Docker notes
Rails database basics
Docker command list
Rails Logger Basics
java programming basics
What is Docker
docker volume checked
Docker command memo
docker basic command
Docker basic commands
Basics of Ruby
Java JAR basics
[Memo] docker summary
Object-oriented (Java) basics
Docker study notes
Docker command summary
Quick docker / nginx
vim (gitbush) basics
Small Docker container
Docker in LXD
Rails Docker ~ Part 1 ~
Regular expression basics
Rails Docker ~ Part 2 ~