Docker ~ A Containerization

What is Docker?

Docker is a new open source tool based on Linux container technology (LXC).LXC is an OS level virtualization method for running multiple isolated Linux operating systems or
containers on single host. LXC does this by using kernel level name space, which helps to isolate containers from the host.

Docker is designed to change how you think about workload/application deployments. It helps you to easily create light-weight, self-sufficient, portable application containers that can be shared, modified and easily deployed to different infrastructures such as cloud/compute servers or bare metal servers. Docker mainly provide a comprehensive abstraction layer that allows developers to ‘containerize’ or ‘package’ any application and have it run on any infrastructure.Docker is based on container visualization and it is not new. There is no better tool than Docker to help manage kernel level technologies such as LXC, cgroups and a copy-on-write file system. It helps us manage the complicated kernel layer technologies through tools and APIs.

Is Docker secure?

Definitely. The user name space separates the users of the containers and the host, ensuring that the container root user does not have the root privilege to log in to the host OS. Likewise, there are the process name space and the network name space, which ensure that the display and management of the processes run in the container but not on the host and the network container, which has its own network device and IP addresses.

How is containerization different from Virtualization?

Containers virtual at the OS level, whereas both Type-I and Type-2 hypervisor-based solutions virtualize at the hardware level. Both virtualization and containerization are a kind of virtualization; in the case of VMs, a hypervisor (both for Type-I and Type-II) slices the hardware, but containers make available protected portions of the OS. They effectively virtualize the OS. If you run multiple containers on the same host, no container will come to know that it is sharing the same resources because each container has its own abstraction takes the help of name spaces to provide the isolated regions known as containers. Each container runs in its own allocated name space and does not have access outside of it. Technologies such as cgroups, union file systems and container formats are also used for different purposes throughout the containerization to existing files).

How to start with Docker?

1. Checking the system information:

[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)
[root@localhost ~]#

2.On CentOS 7, installing Docker is straightforward:
[root@localhost ~]# yum -y install docker docker-registry
Loaded plugins: fastestmirror, langpacks
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
Loading mirror speeds from cached hostfile
* base: centos-distro.cavecreek.net
* extras: centos.host-engine.com
* updates: centos.expedientevirtual.com
Resolving Dependencies
–> Running transaction check
—> Package docker.x86_64 0:1.3.2-4.el7.centos will be installed
–> Processing Dependency: systemd-units >= 208-11.el7_0.5 for package: docker-1.3.2-4.el7.centos.x86_64
—> Package docker-registry.noarch 0:0.6.8-8.el7 will be installed
–> Processing Dependency: python-requests for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: python-jinja2 for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: python-gunicorn for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: python-gevent for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: python-flask for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: python-blinker for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: python-backports-lzma for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: m2crypto for package: docker-registry-0.6.8-8.el7.noarch
–> Processing Dependency: PyYAML for package: docker-registry-0.6.8-8.el7.noarch
–> Running transaction check
—> Package PyYAML.x86_64 0:3.10-11.el7 will be installed
–> Processing Dependency: libyaml-0.so.2()(64bit) for package: PyYAML-3.10-11.el7.x86_64
—> Package m2crypto.x86_64 0:0.21.1-15.el7 will be installed
—> Package python-backports-lzma.x86_64 0:0.0.2-8.el7 will be installed
—> Package python-blinker.noarch 0:1.3-2.el7 will be installed
—> Package python-flask.noarch 1:0.10.1-4.el7 will be installed
–> Processing Dependency: python-werkzeug for package: 1:python-flask-0.10.1-4.el7.noarch
–> Processing Dependency: python-itsdangerous for package: 1:python-flask-0.10.1-4.el7.noarch
—> Package python-gevent.x86_64 0:1.0-2.el7 will be installed
–> Processing Dependency: python-greenlet for package: python-gevent-1.0-2.el7.x86_64
–> Processing Dependency: libev.so.4()(64bit) for package: python-gevent-1.0-2.el7.x86_64
—> Package python-gunicorn.noarch 0:18.0-2.el7 will be installed
—> Package python-jinja2.noarch 0:2.7.2-2.el7 will be installed
–> Processing Dependency: python-babel >= 0.8 for package: python-jinja2-2.7.2-2.el7.noarch
–> Processing Dependency: python-markupsafe for package: python-jinja2-2.7.2-2.el7.noarch
—> Package python-requests.noarch 0:1.1.0-8.el7 will be installed
–> Processing Dependency: python-urllib3 for package: python-requests-1.1.0-8.el7.noarch
—> Package systemd.x86_64 0:208-11.el7 will be updated
–> Processing Dependency: systemd = 208-11.el7 for package: systemd-sysv-208-11.el7.x86_64
–> Processing Dependency: systemd = 208-11.el7 for package: systemd-python-208-11.el7.x86_64
–> Processing Dependency: systemd = 208-11.el7 for package: libgudev1-208-11.el7.x86_64
—> Package systemd.x86_64 0:208-11.el7_0.6 will be an update
–> Processing Dependency: systemd-libs = 208-11.el7_0.6 for package: systemd-208-11.el7_0.6.x86_64
–> Running transaction check
—> Package libev.x86_64 0:4.15-4.el7 will be installed
—> Package libgudev1.x86_64 0:208-11.el7 will be updated
—> Package libgudev1.x86_64 0:208-11.el7_0.6 will be an update
—> Package libyaml.x86_64 0:0.1.4-11.el7_0 will be installed
—> Package python-babel.noarch 0:0.9.6-8.el7 will be installed
—> Package python-greenlet.x86_64 0:0.4.2-3.el7 will be installed
—> Package python-itsdangerous.noarch 0:0.23-2.el7 will be installed
—> Package python-markupsafe.x86_64 0:0.11-10.el7 will be installed
—> Package python-urllib3.noarch 0:1.5-8.el7 will be installed
–> Processing Dependency: python-six for package: python-urllib3-1.5-8.el7.noarch
—> Package python-werkzeug.noarch 0:0.9.1-2.el7 will be installed
—> Package systemd-libs.x86_64 0:208-11.el7 will be updated
—> Package systemd-libs.x86_64 0:208-11.el7_0.6 will be an update
—> Package systemd-python.x86_64 0:208-11.el7 will be updated
—> Package systemd-python.x86_64 0:208-11.el7_0.6 will be an update
—> Package systemd-sysv.x86_64 0:208-11.el7 will be updated
—> Package systemd-sysv.x86_64 0:208-11.el7_0.6 will be an update
–> Running transaction check
—> Package python-six.noarch 0:1.3.0-4.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
docker x86_64 1.3.2-4.el7.centos extras 5.6 M
docker-registry noarch 0.6.8-8.el7 extras 124 k
Installing for dependencies:
PyYAML x86_64 3.10-11.el7 base 153 k
libev x86_64 4.15-4.el7 extras 44 k
libyaml x86_64 0.1.4-11.el7_0 updates 55 k
m2crypto x86_64 0.21.1-15.el7 base 428 k
python-babel noarch 0.9.6-8.el7 base 1.4 M
python-backports-lzma x86_64 0.0.2-8.el7 extras 25 k
python-blinker noarch 1.3-2.el7 extras 93 k
python-flask noarch 1:0.10.1-4.el7 extras 204 k
python-gevent x86_64 1.0-2.el7 extras 273 k
python-greenlet x86_64 0.4.2-3.el7 extras 26 k
python-gunicorn noarch 18.0-2.el7 extras 171 k
python-itsdangerous noarch 0.23-2.el7 extras 24 k
python-jinja2 noarch 2.7.2-2.el7 base 515 k
python-markupsafe x86_64 0.11-10.el7 base 25 k
python-requests noarch 1.1.0-8.el7 base 70 k
python-six noarch 1.3.0-4.el7 base 18 k
python-urllib3 noarch 1.5-8.el7 base 41 k
python-werkzeug noarch 0.9.1-2.el7 extras 562 k
Updating for dependencies:
libgudev1 x86_64 208-11.el7_0.6 updates 48 k
systemd x86_64 208-11.el7_0.6 updates 2.6 M
systemd-libs x86_64 208-11.el7_0.6 updates 154 k
systemd-python x86_64 208-11.el7_0.6 updates 83 k
systemd-sysv x86_64 208-11.el7_0.6 updates 36 k

Transaction Summary
================================================================================
Install 2 Packages (+18 Dependent packages)
Upgrade ( 5 Dependent packages)

Total size: 13 M
Total download size: 9.8 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/PyYAML-3.10-11.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for PyYAML-3.10-11.el7.x86_64.rpm is not installed
(1/20): PyYAML-3.10-11.el7.x86_64.rpm | 153 kB 00:01
Public key for libyaml-0.1.4-11.el7_0.x86_64.rpm is not installed
(2/20): libyaml-0.1.4-11.el7_0.x86_64.rpm | 55 kB 00:01
Public key for docker-registry-0.6.8-8.el7.noarch.rpm is not installed00:06 ETA
(3/20): docker-registry-0.6.8-8.el7.noarch.rpm | 124 kB 00:01
(4/20): libev-4.15-4.el7.x86_64.rpm | 44 kB 00:01
(5/20): m2crypto-0.21.1-15.el7.x86_64.rpm | 428 kB 00:00
(6/20): python-backports-lzma-0.0.2-8.el7.x86_64.rpm | 25 kB 00:00
(7/20): python-babel-0.9.6-8.el7.noarch.rpm | 1.4 MB 00:01
(8/20): docker-1.3.2-4.el7.centos.x86_64.rpm | 5.6 MB 00:03
(9/20): python-blinker-1.3-2.el7.noarch.rpm | 93 kB 00:01
(10/20): python-flask-0.10.1-4.el7.noarch.rpm | 204 kB 00:01
(11/20): python-gunicorn-18.0-2.el7.noarch.rpm | 171 kB 00:00
(12/20): python-itsdangerous-0.23-2.el7.noarch.rpm | 24 kB 00:00
(13/20): python-gevent-1.0-2.el7.x86_64.rpm | 273 kB 00:01
(14/20): python-jinja2-2.7.2-2.el7.noarch.rpm | 515 kB 00:00
(15/20): python-markupsafe-0.11-10.el7.x86_64.rpm | 25 kB 00:00
(16/20): python-greenlet-0.4.2-3.el7.x86_64.rpm | 26 kB 00:01
(17/20): python-urllib3-1.5-8.el7.noarch.rpm | 41 kB 00:00
(18/20): python-requests-1.1.0-8.el7.noarch.rpm | 70 kB 00:00
(19/20): python-six-1.3.0-4.el7.noarch.rpm | 18 kB 00:00
(20/20): python-werkzeug-0.9.1-2.el7.noarch.rpm | 562 kB 00:00
——————————————————————————–
Total 1.6 MB/s | 9.8 MB 00:06
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : “CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>”
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-0.1406.el7.centos.2.3.x86_64 (@anaconda)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : systemd-libs-208-11.el7_0.6.x86_64 1/30
Updating : systemd-208-11.el7_0.6.x86_64 2/30
Installing : libev-4.15-4.el7.x86_64 3/30
Installing : m2crypto-0.21.1-15.el7.x86_64 4/30
Installing : python-werkzeug-0.9.1-2.el7.noarch 5/30
Installing : python-backports-lzma-0.0.2-8.el7.x86_64 6/30
Installing : python-babel-0.9.6-8.el7.noarch 7/30
Installing : libyaml-0.1.4-11.el7_0.x86_64 8/30
Installing : PyYAML-3.10-11.el7.x86_64 9/30
Installing : python-markupsafe-0.11-10.el7.x86_64 10/30
Installing : python-jinja2-2.7.2-2.el7.noarch 11/30
Installing : python-blinker-1.3-2.el7.noarch 12/30
Installing : python-six-1.3.0-4.el7.noarch 13/30
Installing : python-urllib3-1.5-8.el7.noarch 14/30
Installing : python-requests-1.1.0-8.el7.noarch 15/30
Installing : python-itsdangerous-0.23-2.el7.noarch 16/30
Installing : 1:python-flask-0.10.1-4.el7.noarch 17/30
Installing : python-gunicorn-18.0-2.el7.noarch 18/30
Installing : python-greenlet-0.4.2-3.el7.x86_64 19/30
Installing : python-gevent-1.0-2.el7.x86_64 20/30
Installing : docker-registry-0.6.8-8.el7.noarch 21/30
Updating : systemd-sysv-208-11.el7_0.6.x86_64 22/30
Updating : systemd-python-208-11.el7_0.6.x86_64 23/30
Installing : docker-1.3.2-4.el7.centos.x86_64 24/30
Updating : libgudev1-208-11.el7_0.6.x86_64 25/30
Cleanup : systemd-sysv-208-11.el7.x86_64 26/30
Cleanup : libgudev1-208-11.el7.x86_64 27/30
Cleanup : systemd-python-208-11.el7.x86_64 28/30
Cleanup : systemd-208-11.el7.x86_64 29/30
Cleanup : systemd-libs-208-11.el7.x86_64 30/30
Verifying : python-jinja2-2.7.2-2.el7.noarch 1/30
Verifying : 1:python-flask-0.10.1-4.el7.noarch 2/30
Verifying : systemd-libs-208-11.el7_0.6.x86_64 3/30
Verifying : systemd-sysv-208-11.el7_0.6.x86_64 4/30
Verifying : docker-registry-0.6.8-8.el7.noarch 5/30
Verifying : python-greenlet-0.4.2-3.el7.x86_64 6/30
Verifying : python-gunicorn-18.0-2.el7.noarch 7/30
Verifying : systemd-python-208-11.el7_0.6.x86_64 8/30
Verifying : python-itsdangerous-0.23-2.el7.noarch 9/30
Verifying : python-requests-1.1.0-8.el7.noarch 10/30
Verifying : python-six-1.3.0-4.el7.noarch 11/30
Verifying : python-blinker-1.3-2.el7.noarch 12/30
Verifying : python-markupsafe-0.11-10.el7.x86_64 13/30
Verifying : libyaml-0.1.4-11.el7_0.x86_64 14/30
Verifying : python-babel-0.9.6-8.el7.noarch 15/30
Verifying : docker-1.3.2-4.el7.centos.x86_64 16/30
Verifying : python-backports-lzma-0.0.2-8.el7.x86_64 17/30
Verifying : python-werkzeug-0.9.1-2.el7.noarch 18/30
Verifying : python-gevent-1.0-2.el7.x86_64 19/30
Verifying : m2crypto-0.21.1-15.el7.x86_64 20/30
Verifying : libgudev1-208-11.el7_0.6.x86_64 21/30
Verifying : libev-4.15-4.el7.x86_64 22/30
Verifying : python-urllib3-1.5-8.el7.noarch 23/30
Verifying : PyYAML-3.10-11.el7.x86_64 24/30
Verifying : systemd-208-11.el7_0.6.x86_64 25/30
Verifying : systemd-sysv-208-11.el7.x86_64 26/30
Verifying : systemd-python-208-11.el7.x86_64 27/30
Verifying : systemd-libs-208-11.el7.x86_64 28/30
Verifying : systemd-208-11.el7.x86_64 29/30
Verifying : libgudev1-208-11.el7.x86_64 30/30

Installed:
docker.x86_64 0:1.3.2-4.el7.centos docker-registry.noarch 0:0.6.8-8.el7

Dependency Installed:
PyYAML.x86_64 0:3.10-11.el7
libev.x86_64 0:4.15-4.el7
libyaml.x86_64 0:0.1.4-11.el7_0
m2crypto.x86_64 0:0.21.1-15.el7
python-babel.noarch 0:0.9.6-8.el7
python-backports-lzma.x86_64 0:0.0.2-8.el7
python-blinker.noarch 0:1.3-2.el7
python-flask.noarch 1:0.10.1-4.el7
python-gevent.x86_64 0:1.0-2.el7
python-greenlet.x86_64 0:0.4.2-3.el7
python-gunicorn.noarch 0:18.0-2.el7
python-itsdangerous.noarch 0:0.23-2.el7
python-jinja2.noarch 0:2.7.2-2.el7
python-markupsafe.x86_64 0:0.11-10.el7
python-requests.noarch 0:1.1.0-8.el7
python-six.noarch 0:1.3.0-4.el7
python-urllib3.noarch 0:1.5-8.el7
python-werkzeug.noarch 0:0.9.1-2.el7

Dependency Updated:
libgudev1.x86_64 0:208-11.el7_0.6 systemd.x86_64 0:208-11.el7_0.6
systemd-libs.x86_64 0:208-11.el7_0.6 systemd-python.x86_64 0:208-11.el7_0.6
systemd-sysv.x86_64 0:208-11.el7_0.6

Complete!
[root@localhost ~]#
3. Starting Docker at boot time:

[root@localhost ~]# systemctl enable docker.service
ln -s ‘/usr/lib/systemd/system/docker.service’ ‘/etc/systemd/system/multi-user.target.wants/docker.service’
[root@localhost ~]#
4. Starting the docker service:

[root@localhost ~]# systemctl start docker.service
[root@localhost ~]#
5.Verify the docker status:

[root@localhost ~]# systemctl status docker.service
docker.service – Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled)
Active: active (running) since Thu 2015-03-05 06:03:19 EST; 32s ago
Docs: http://docs.docker.com
Main PID: 19739 (docker)
CGroup: /system.slice/docker.service
+-19739 /usr/bin/docker -d –selinux-enabled -H fd://

Mar 05 06:03:15 localhost.localdomain docker[19739]: 2015/03/05 06:03:15 dock…
Mar 05 06:03:15 localhost.localdomain docker[19739]: [13982058] +job serveapi…
Mar 05 06:03:15 localhost.localdomain docker[19739]: [info] Listening for HTT…
Mar 05 06:03:19 localhost.localdomain docker[19739]: [13982058] +job init_net…
Mar 05 06:03:19 localhost.localdomain docker[19739]: [13982058] -job init_net…
Mar 05 06:03:19 localhost.localdomain docker[19739]: [info] Loading containers:
Mar 05 06:03:19 localhost.localdomain docker[19739]: [info] : done.
Mar 05 06:03:19 localhost.localdomain docker[19739]: [13982058] +job acceptco…
Mar 05 06:03:19 localhost.localdomain docker[19739]: [13982058] -job acceptco…
Mar 05 06:03:19 localhost.localdomain systemd[1]: Started Docker Application …
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]#

6.Let’s download a docker container:

[root@localhost ~]# docker pull centos
Pulling repository centos

……
[root@localhost ~]#docker pull ubuntu
Pulling repository ubuntu
2d24f826cb16: Download complete
511136ea3c5a: Download complete
fa4fd76b09ce: Download complete
1c8294cc5160: Download complete
117ee323aaa9: Download complete
Status: Downloaded newer image for ubuntu:latest

7. Check the docker images:

docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos 7 88f9454e60dd 39 hours ago 223.9 MB
centos centos7 88f9454e60dd 39 hours ago 223.9 MB
centos latest 88f9454e60dd 39 hours ago 223.9 MB
ubuntu 14.04 2d24f826cb16 13 days ago 192.7 MB
ubuntu latest 2d24f826cb16 13 days ago 192.7 MB
ubuntu trusty 2d24f826cb16 13 days ago 192.7 MB
ubuntu trusty-20150218.1 2d24f826cb16 13 days ago 192.7 MB
ubuntu 14.04.2 2d24f826cb16 13 days ago 192.7 MB

#docker run -i -t centos /bin/bash
[root@f93b7ef64ba4 /]# cat /etc/issue
\S
Kernel \r on an \m

[root@f93b7ef64ba4 /]# cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)

You are now using a bash shell inside of a centos docker container.

Lets login to Ubuntu machine:

[root@localhost ~]# docker run -i -t ubuntu /bin/bash

root@6566e477a430:/# lsb_release -d
Description: Ubuntu 14.04.2 LTS

Let’s install git in the Ubuntu container as shown below:

#apt-get install git

The container now has the git installed  stack. Type ‘exit’ to quit from the bash shell.

Next, we are going to create this as a golden image, so that the next time we need another GIT container, we don’t need to install it again.
Run the following command and please note the
‘CONTAINER ID’ of the image. In my case, the ID was
‘3de5614dd69c’:
[root@localhost ~] # docker ps -a

The ID shown in the listing is used to identify the container you are using, and you can use this ID to tell Docker to create an image.
Run the command below to make an image of the previously created LAMP container. The syntax is docker commit <CONTAINER ID> <name>.

I have used the previous container ID, which we got in the earlier step:

[root@localhost ~] # docker commit 3de5614dd69c lamp-image

That’s it. You can verify if the container holds git software already installed.

How to delete all docker containers?

$docker rm $(docker ps -aq)

Do you know?
=====================

There is a difference in docker ps -all and docker ps – -all. Try it out?

-l, –latest=false Show only the latest created container, include non-running ones.

[root@localhost dell]# docker ps –all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e98d2cef809e ubuntu:14.04 “/bin/bash” 8 days ago Exited (0) 8 days ago MyUbuntu1
f3804f721c1e ubuntu:14.04 “/bin/bash” 8 days ago Exited (0) 46 hours ago MyUbuntu
920e86fe624b ubuntu:14.04 “ps” 8 days ago Exited (0) 8 days ago cranky_feynman
1fa28a405c03 centos:7 “/bin/bash” 3 weeks ago Exited (0) 10 days ago dreamy_wilson
6566e477a430 ubuntu:14.04 “/bin/bash” 3 weeks ago Exited (127) 3 weeks ago insane_torvalds
f93b7ef64ba4 centos:7 “/bin/bash” 3 weeks ago Exited (0) 10 days ago elegant_fermi
c44787c9f28a centos:7 “/bin/bash” 3 weeks ago Exited (127) 3 weeks ago cocky_pare
[root@localhost dell]# docker ps -all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e98d2cef809e ubuntu:14.04 “/bin/bash” 8 days ago Exited (0) 8 days ago MyUbuntu1
[root@localhost dell]#

5 thoughts on “Docker ~ A Containerization

  1. In the competitive world of personal training, setting
    yourself apart from the competition means offering added value to the
    client.

  2. whoah this blog is magnificent i love reading your articles. Stay up the good work! You know, many people are searching around for this information, you could help them greatly.

  3. Say, you got a nice blog post.Really thank you! Really Great.

  4. Nice blog right here! Additionally your web site so much up fast! What host are you using? Can I get your affiliate hyperlink for your host? I want my site loaded up as fast as yours lol

  5. This is really interesting, You are a very skilled blogger. I’ve joined your feed and look forward to seeking more of your great post. Also, I’ve shared your web site in my social networks!

Leave a Reply

Your email address will not be published. Required fields are marked *