Docker is a new open source tool based on Linux container technology (LXC). LXC is an OS level virtualization method for running multiple isolated Linux operating systems or containers on single host. LXC does this by using kernel level name space, which helps to isolate containers from the host.
Docker is designed to change how you think about workload/application deployments. It helps you to easily create light-weight, self-sufficient, portable application containers that can be shared, modified and easily deployed to different infrastructures such as cloud/compute servers or bare metal servers. Docker mainly provide a comprehensive abstraction layer that allows developers to ‘containerize’ or ‘package’ any application and have it run on any infrastructure. Docker is based on container visualization and it is not new. There is no better tool than Docker to help manage kernel level technologies such as LXC, cgroups and a copy-on-write file system. It helps us manage the complicated kernel layer technologies through tools and APIs.
Is Docker secure?
Of course! The user name space separates the users of the containers and the host, ensuring that the container root user does not have the root privilege to log in to the host OS. Likewise, there are the process name space and the network name space, which ensure that the display and management of the processes run in the container but not on the host and the network container, which has its own network device and IP addresses.
How is containerization different from Virtualization?
Containers virtualize at the OS level, whereas both Type-I and Type-2 hypervisor-based solutions virtualize at the hardware level. Both virtualization and containerization are a kind of virtualization; in the case of VMs, a hypervisor (both for Type-I and Type-II) slices the hardware, but containers make available protected portions of the OS. They effectively virtualize the OS. If you run multiple containers on the same host, no container will come to know that it is sharing the same resources because each container has its own abstraction takes the help of name spaces to provide the isolated regions known as containers. Each container runs in its own allocated name space and does not have access outside of it. Technologies such as cgroups, union file systems and container formats are also used for different purposes throughout the containerization to existing files).
How to start with Docker?
1. Checking the system information:
2.On CentOS 7, installing Docker is straightforward:
3. Starting Docker at boot time:
4. Starting the docker service:
5.Verify the docker status:
6.Let’s pull multiple docker Image from Dockerhub:
7. Verify if docker images are pulled perfectly:
Running a CentOS Docker Container
You are now using a bash shell inside of a centos docker container.
Lets login to Ubuntu machine:
Let’s install git in the Ubuntu container as shown below:
The container now has the git installed stack. Type ‘exit’ to quit from the bash shell.
Next, we are going to create this as a golden image, so that the next time we need another GIT container, we don’t need to install it again.
Run the following command and please note the
‘CONTAINER ID’ of the image. In my case, the ID was
The ID shown in the listing is used to identify the container you are using, and you can use this ID to tell Docker to create an image.
Run the command below to make an image of the previously created LAMP container. The syntax is docker commit <CONTAINER ID> <name>.
I have used the previous container ID, which we got in the earlier step:
That’s it. You can verify if the container holds git software already installed.
How to delete all docker containers?
There is a difference in docker ps -all and docker ps – -all. Try it out?
-l, –latest=false Show only the latest created container, include non-running ones.
I hope it has been fun test driving Docker for the first time. In the future post, I am planning to cover other aspects of Docker platform.