Join our Discord Server
Ajeet Raina Ajeet Singh Raina is a former Docker Captain, Community Leader and Arm Ambassador. He is a founder of Collabnix blogging site and has authored more than 570+ blogs on Docker, Kubernetes and Cloud-Native Technology. He runs a community Slack of 8900+ members and discord server close to 2200+ members. You can follow him on Twitter(@ajeetsraina).

Introduction to Docker Containers

4 min read

Docker is a new open source tool based on Linux container technology (LXC). LXC is an OS level virtualization method for running multiple isolated Linux operating systems or containers on single host. LXC does this by using kernel level name space, which helps to isolate containers from the host.

Docker is designed to change how you think about workload/application deployments. It helps you to easily create light-weight, self-sufficient, portable application containers that can be shared, modified and easily deployed to different infrastructures such as cloud/compute servers or bare metal servers. Docker mainly provide a comprehensive abstraction layer that allows developers to ‘containerize’ or ‘package’ any application and have it run on any infrastructure. Docker is based on container visualization and it is not new. There is no better tool than Docker to help manage kernel level technologies such as LXC, cgroups and a copy-on-write file system. It helps us manage the complicated kernel layer technologies through tools and APIs.

Is Docker secure?

Of course! The user name space separates the users of the containers and the host, ensuring that the container root user does not have the root privilege to log in to the host OS. Likewise, there are the process name space and the network name space, which ensure that the display and management of the processes run in the container but not on the host and the network container, which has its own network device and IP addresses.

How is containerization different from Virtualization?

Containers virtualize at the OS level, whereas both Type-I and Type-2 hypervisor-based solutions virtualize at the hardware level. Both virtualization and containerization are a kind of virtualization; in the case of VMs, a hypervisor (both for Type-I and Type-II) slices the hardware, but containers make available protected portions of the OS. They effectively virtualize the OS. If you run multiple containers on the same host, no container will come to know that it is sharing the same resources because each container has its own abstraction takes the help of name spaces to provide the isolated regions known as containers. Each container runs in its own allocated name space and does not have access outside of it. Technologies such as cgroups, union file systems and container formats are also used for different purposes throughout the containerization to existing files).

How to start with Docker?

1. Checking the system information:

[simterm]
[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)
[root@localhost ~]#
[/simterm]

2.On CentOS 7, installing Docker is straightforward:

[simterm]
[root@localhost ~]# yum -y install docker docker-registry
[/simterm]

3. Starting Docker at boot time:

[simterm]
[root@localhost ~]# systemctl enable docker.service
ln -s ‘/usr/lib/systemd/system/docker.service’ ‘/etc/systemd/system/multi-user.target.wants/docker.service’
[root@localhost ~]#
[/simterm]

4. Starting the docker service:

[simterm]
[root@localhost ~]# systemctl start docker.service
[root@localhost ~]#
[/simterm]

5.Verify the docker status:

[simterm]
[root@localhost ~]# systemctl status docker.service
docker.service – Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled)
Active: active (running) since Thu 2015-03-05 06:03:19 EST; 32s ago
Docs: http://docs.docker.com
Main PID: 19739 (docker)
CGroup: /system.slice/docker.service
+-19739 /usr/bin/docker -d –selinux-enabled -H fd://
[/simterm]

6.Let’s pull multiple docker Image from Dockerhub:

[simterm]

[root@localhost ~]# docker pull centos
Pulling repository centos
[/simterm]
……
[simterm]
[root@localhost ~]#docker pull ubuntu
Pulling repository ubuntu
2d24f826cb16: Download complete
511136ea3c5a: Download complete
fa4fd76b09ce: Download complete
1c8294cc5160: Download complete
117ee323aaa9: Download complete
Status: Downloaded newer image for ubuntu:latest
[/simterm]

7. Verify if docker images are pulled perfectly:

[simterm]
docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos 7 88f9454e60dd 39 hours ago 223.9 MB
centos centos7 88f9454e60dd 39 hours ago 223.9 MB
centos latest 88f9454e60dd 39 hours ago 223.9 MB
ubuntu 14.04 2d24f826cb16 13 days ago 192.7 MB
ubuntu latest 2d24f826cb16 13 days ago 192.7 MB
ubuntu trusty 2d24f826cb16 13 days ago 192.7 MB
ubuntu trusty-20150218.1 2d24f826cb16 13 days ago 192.7 MB
ubuntu 14.04.2 2d24f826cb16 13 days ago 192.7 MB
[/simterm]

Running a CentOS Docker Container

[simterm]
#docker run -i -t centos /bin/bash
[root@f93b7ef64ba4 /]# cat /etc/issue
\S
Kernel \r on an \m

[/simterm]

[simterm]
[root@f93b7ef64ba4 /]# cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)
[/simterm]

You are now using a bash shell inside of a centos docker container.

Lets login to Ubuntu machine:

[simterm]
[root@localhost ~]# docker run -i -t ubuntu /bin/bash

root@6566e477a430:/# lsb_release -d
Description: Ubuntu 14.04.2 LTS
[/simterm]

Let’s install git in the Ubuntu container as shown below:

[simterm]
#apt-get install git
[/simterm]

The container now has the git installed  stack. Type ‘exit’ to quit from the bash shell.

Next, we are going to create this as a golden image, so that the next time we need another GIT container, we don’t need to install it again.
Run the following command and please note the
‘CONTAINER ID’ of the image. In my case, the ID was
‘3de5614dd69c’:

[simterm]
[root@localhost ~] # docker ps -a
[/simterm]

The ID shown in the listing is used to identify the container you are using, and you can use this ID to tell Docker to create an image.

Run the command below to make an image of the previously created LAMP container. The syntax is docker commit <CONTAINER ID> <name>.

I have used the previous container ID, which we got in the earlier step:

[simterm]
[root@localhost ~] # docker commit 3de5614dd69c ajeetraina/lamp-image
[/simterm]

That’s it. You can verify if the container holds git software already installed.

How to delete all docker containers?

[simterm]
$docker rm $(docker ps -aq)
[/simterm]

Tips:

There is a difference in docker ps -all and docker ps – -all. Try it out?

-l, –latest=false Show only the latest created container, include non-running ones.

[simterm]
[root@localhost dell]# docker ps –all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e98d2cef809e ubuntu:14.04 “/bin/bash” 8 days ago Exited (0) 8 days ago MyUbuntu1
f3804f721c1e ubuntu:14.04 “/bin/bash” 8 days ago Exited (0) 46 hours ago MyUbuntu
920e86fe624b ubuntu:14.04 “ps” 8 days ago Exited (0) 8 days ago cranky_feynman
1fa28a405c03 centos:7 “/bin/bash” 3 weeks ago Exited (0) 10 days ago dreamy_wilson
6566e477a430 ubuntu:14.04 “/bin/bash” 3 weeks ago Exited (127) 3 weeks ago insane_torvalds
f93b7ef64ba4 centos:7 “/bin/bash” 3 weeks ago Exited (0) 10 days ago elegant_fermi
c44787c9f28a centos:7 “/bin/bash” 3 weeks ago Exited (127) 3 weeks ago cocky_pare
[root@localhost dell]# docker ps -all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e98d2cef809e ubuntu:14.04 “/bin/bash” 8 days ago Exited (0) 8 days ago MyUbuntu1
[root@localhost dell]#

[/simterm]

I hope it has been fun test driving Docker for the first time. In the future post, I am planning to cover other aspects of Docker platform.

Have Queries? Join https://launchpass.com/collabnix

Ajeet Raina Ajeet Singh Raina is a former Docker Captain, Community Leader and Arm Ambassador. He is a founder of Collabnix blogging site and has authored more than 570+ blogs on Docker, Kubernetes and Cloud-Native Technology. He runs a community Slack of 8900+ members and discord server close to 2200+ members. You can follow him on Twitter(@ajeetsraina).
Join our Discord Server