Lab 2 : Docker Engine

Introduction

Docker is an open platform for developing, shipping, and running applications. Docker is designed to deliver user applications faster. With Docker user can separate applications from one infrastructure and treat as infrastructure like a managed application. Docker helps user to ship code faster, test faster, deploy faster, and shorten the cycle between writing code and running code.

1. Docker Components

Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing user Docker containers. Both the Docker client and the daemon can run on the same system, or user can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate via sockets or through a RESTful API.

Docker Daemon

As shown in the above diagram, Docker daemon is a background server side process that manages images and containers. The user does not directly interact with the daemon, but instead through the Docker client.

Docker Client

The Docker client, in the form of the Docker binary, is the primary user interface to Docker. It accepts commands from the user and communicates back and forth with a Docker daemon.

Docker Images

A Docker image is a read-only template. For example, an image could contain an Ubuntu operating system with Apache and web application installed. Images are used to create Docker containers. Docker provides a simple way to build new images or update existing images, or user can download Docker images that other users have already created. Docker images are the build component of Docker.

Docker Registries

Docker registries hold images. These are public or private stores from which user upload or download images. The public Docker registry is provided with the Docker Hub. It serves a huge collection of existing images for user use. These can be images user creates or can use images that others have previously created. Docker registries are the distribution component of Docker.

Docker Containers

Docker containers are similar to a directory. A Docker container holds everything that is needed for an application to run. Each container is created from a Docker image. Docker containers can be run, started, stopped, moved, and deleted. Each container is an isolated and secure application platform. Docker containers are the run component of Docker.

Docker Hub

Docker Hub is a registry of Docker images. User can think of the registry as a directory of all available Docker images. If required, one can host their own Docker registries and can use them for pulling images.

2. Docker Installation

Docker Engine is a client-server application with these major components:

• A server which is a type of long-running program called a daemon process.
• A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do.
• A command line interface (CLI) client.

The CLI makes use of the Docker REST API to control or interact with the Docker daemon through scripting or direct CLI commands. Many other Docker applications make use of the underlying API and CLI.

2.1 Prerequisites

Docker requires a 64-bit installation regardless of user CentOS version. Also, kernel must be 3.10 at minimum, which CentOS 7 runs.

Basic Configuration

Check the Network settings of AIO node,

Step 1: If you have not already, you will need to SSH to the control node (AIO node) and login as “centos”.

ssh centos@aio110

You should not need a password, but if one is requested, use centos as the password.

Then enter the following command, that allows you to become the root user (in the root home directory, which is important for many commands to operator properly). If a password is requested, use centos as the sudo password.

sudo su -

To check current kernel version, open a terminal and use uname -r to display kernel version:

uname -r

Output:

3.10.0-229.el7.x86_64

Finally, it is recommended that fully update system. Please keep in mind that system should be fully patched to fix any potential kernel bugs. Any reported kernel bugs may have already been fixed on the latest kernel packages.

2.2 Install

There are two ways to install Docker Engine. User can install using the yum package manager or can use curl. This second method runs an installation script which also installs via the yum package manager.

Install with yum

1. Log into machine as a user with sudo or root privileges.
2. Make sure existing yum packages are up-to-date.

yum update -y

3. Add the yum repo.

tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF

4. Install the Docker package.

yum install docker-engine -y

Once Docker is installed, will need to start the Docker daemon.

5. To start the Docker service on boot.

systemctl enable docker

6. Start the Docker daemon.

systemctl start docker

7. Check the Status of the Docker.

systemctl status docker

8. Verify Docker is installed correctly by running a test image in a container.

docker run hello-world

If you can see the below message, then everything is in the right place.



9. The docker ps command only shows running containers by default. To see all containers, use the -a.

docker ps -a

Output:

CONTAINER ID       IMAGE          COMMAND       CREATED              STATUS         PORTS         NAMES
448af945591e      hello-world     "/hello"    About a minute ago   Exited (0) About a minute ago                            

10. To list all the available Docker images on host.

docker images

Output:

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
hello-world         latest              c54a2cc56cbb        8 weeks ago         1.848 kB

11. To search for a Docker image, centos/ubuntu for instance.

docker search centos

12. Download it locally by running the below command (in this case centos image is downloaded and used).

docker pull centos

Output:

Using default tag: latest
latest: Pulling from library/centos
3d8673bd162a: Pull complete
Digest: sha256:a66ffcb73930584413de83311ca11a4cb4938c9b2521d331026dad970c19adf4
Status: Downloaded newer image for centos:latest

13. Check Docker image on host.

docker images

Output:

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              970633036444        4 weeks ago         196.7 MB
hello-world         latest              c54a2cc56cbb        8 weeks ago         1.848 kB

14. Run an interactive session into a container.

docker run -dit centos

Output:

e91a2703fd906a21620efae35a63522f4a8bbaf3be4f43429d53457ffe98773b

Note: dit - daemon interactive terminal (to run in active state).
15. Check all the running containers.

docker ps -a

CONTAINER ID     IMAGE            COMMAND           CREATED           STATUS            PORTS     NAMES
e91a2703fd90     centos           "/bin/bash"       2 minutes ago     Up 2 minutes                evil_panini
448af945591e     hello-world      "/hello"          41 minutes ago    Exited (0) 41 minutes ago   small_golick

Instructions to uninstall Docker

To uninstall the Docker software with yum.

• List the package you have installed.

yum list installed | grep docker

• Remove the package.

yum -y remove docker-engine.x86_64

Note: This command does not remove images, containers, volumes, or user-created configuration files on host.
• To delete all images, containers, and volumes, run the following command.

rm -rf /var/lib/docker

• Locate and delete any user-created configuration files.

groupdel docker

3. Getting started with the Docker

Creates a new container:

Creates a new container.

Syntax

docker create [OPTIONS] IMAGE [COMMAND] [ARG...]

Options:

-t: tty
-i: interactive

docker create --name node1 -t -i centos /bin/bash
docker ps -a

Output:

CONTAINER ID     IMAGE        COMMAND         CREATED              STATUS        PORTS        NAMES
bd219ad5c10e     centos      "/bin/bash"      About a minute ago   Created                    node1

running:

Docker runs processes in isolated containers. A container is a process which runs on a host. The host may be local or remote. When an operator executes docker run, the container process that runs is isolated in that it has its own file system, its own networking, and its own isolated process tree separate from the host.
The basic docker run command takes this form.

Syntax

docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG….]

The docker run command must specify an IMAGE to derive the container from.

docker run --name node2 ubuntu

With the docker run [OPTIONS] an operator can add to or override the image defaults set by a developer. And, additionally, operators can override nearly all the defaults set by the Docker runtime itself. The operator’s ability to override image.

docker run --name node3 -dit ubuntu
docker ps -a

Output:

CONTAINER ID    IMAGE     COMMAND         CREATED            STATUS        PORTS       NAMES
b858001acd74    ubuntu   "/bin/bash"    3 seconds ago       Up 3 seconds               node3

stop:

To stop a running container by sending SIGTERM and then SIGKILL after a grace period.

Syntax

docker stop 

docker stop node3
docker ps -a

start:

To start container,

Syntax

docker start 

docker start node3
docker ps -a

restart:

Restart a running container,

Syntax

docker restart [OPTIONS] CONTAINER [CONTAINER...]

docker restart node3

pause:

Pause all processes within a container.

Syntax

docker pause CONTAINER [CONTAINER...]

docker pause node3
docker ps -a

Output:

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
0bd48f82e0f6        ubuntu              "/bin/bash"         3 minutes ago       Up About a minute (Paused)                       node3

unpause:

Unpause all processes within a container.

Syntax

docker unpause CONTAINER [CONTAINER...]

docker unpause node3

daemonized:

Instead of running docker container with an interactive shell it is also possible to let docker container to run as a daemon which means that the docker container would run in the background completely detached from current shell. The following CentOS docker container will start as a daemonized container using -d option.

docker run --name node4 -d -it centos
docker ps -a

rename:

Rename an existing container to a NEW_NAME.

Syntax

docker rename OLD_NAME NEW_NAME

docker rename node4 newnode4
docker ps -a

Output

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
758db0ab3186        centos              "/bin/bash"         4 seconds ago       Created
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
04da4e192fab        centos              "/bin/bash"         3 minutes ago       Up 2 minutes                                    newnode4

images:

This command lists the images stored in the local Docker repository.

Syntax

docker images [OPTIONS] [REPOSITORY]

docker images
docker images centos

Output:

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              970633036444        4 weeks ago         196.7 MB

search:

Search the Docker Hub for images.

Syntax

docker search [OPTIONS] TERM

docker search fedora
docker search --filter=stars=3 fedora

pull:

To pull an image or a repository from a registry.

Syntax

docker pull [-a|--all-tags][help]NAME[:TAG]|[REGISTRY_HOST[:REGISTRY_PORT]/]NAME[:TAG]
-a, --all-tags=true|false

Download all tagged images in the repository. The default is false.

docker pull fedora
docker images

rmi:

Remove one or more images.

Syntax

docker rmi [OPTIONS] IMAGE [IMAGE...]

docker rmi fedora
docker images

rm:

Remove one or more containers.

Syntax

docker rm [OPTIONS] CONTAINER [CONTAINER...]

docker stop newnode4

docker rm newnode4
docker ps -a

save:

Save one or more images to a tar archive (streamed to STDOUT by default).

Syntax

docker save [OPTIONS] IMAGE [IMAGE...]

Let’s pull an image to backup,

docker pull fedora

docker images 

Let’s save the image,

docker save fedora > fedora-backup.tar

ls -lh

load:

Load an image from a tar archive or STDIN.

Syntax

docker load [OPTIONS]

Before loading remove the existing fedora image.

docker rmi fedora

Let’s load an image from a tar file.

docker load --input fedora-backup.tar

docker images

export:

Export the contents of a filesystem to a tar archive (streamed to STDOUT by default). Export the contents of a container's filesystem using the full or shortened container ID or container name. The output is exported to STDOUT and can be redirected to a tar file.

Syntax

docker export [OPTIONS] CONTAINER

docker export node3 > node3-latest.tar

ls -lh

import:

Create an empty filesystem image and import the contents of the tarball (.tar,.tar.gz, .tgz, .bzip, .tar.xz, .txz) into it, then optionally tag it.

Syntax

docker import URL|- [REPOSITORY[:TAG]]

docker images

docker import node3-latest.tar node3-cenos:ver1

docker images

attaching:

The docker attach command allows user to attach to a running container using the container’s ID or name, either to view its ongoing output or to control it interactively.

docker run -dit --name test1 centos

docker attach test1

exit

docker ps -a

docker start test1

docker ps -a

Or we can also use as given below

docker run -d --name test2 centos /usr/bin/top -b

docker attach test2

docker ps -a

docker start test2

docker ps -a

monitoring:

The docker stats command returns a live data stream for running containers. To limit data to one or more specific containers, specify a list of container names or ids separated by a space. User can specify a stopped container but stopped containers do not return any data.

docker stats

docker stats -a

docker stats test1

docker stats test1 test2

info:

Docker-info - Display system-wide information. This command displays system wide information regarding the Docker installation. Information displayed includes the kernel version, number of containers and images. The number of images shown is the number of unique images. The same image tagged under different names is counted only once.

Syntax

docker info

docker -D info

The global -D option tells all docker commands to output debug information.

events:

Get real time events from the server. Get event information from the Docker daemon. Information can include historical information and real-time information.
Docker containers will report the following events: attach, commit, copy, create, destroy, detach, die, exec_create, exec_detach, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause, update.

Syntax

docker events [OPTIONS]

docker events

docker events --since '2016-08-29'

inspect:

Return low-level information on a container or image. This displays all the information available in Docker for a given container or image. By default, this will render all results in a JSON array. If the container and image have the same name, this will return container JSON for unspecified type. If a format is specified, the given template will be executed for each result.

Syntax

docker inspect [OPTIONS] CONTAINER|IMAGE [CONTAINER|IMAGE...]

docker inspect --type=image centos

cp:

Copy files/folders between a container and the local filesystem. The docker cp utility copies the contents of SRC_PATH to the DEST_PATH. You can copy from the container's file system to the local machine or the reverse, from the local filesystem to the container.

Syntax

docker cp [--help] SRC_PATH CONTAINER:DEST_PATH

docker cp fedora-backup.tar node3:tmp

exec:

Run a command in a running container. The command started using docker exec will only run while the container's primary process (PID 1) is running, and will not be restarted if the container is restarted. If the container is paused, then the docker exec command will wait until the container is unpaused, and then run.

Syntax

docker exec [OPTIONS] CONTAINER COMMAND [ARG...]

docker exec -it node3 ls tmp

diff:

Inspect changes on a container's filesystem. Inspect changes on a container's filesystem. You can use the full or shortened container ID or the container name set using docker run --name option.

Syntax

docker diff [--help] CONTAINER

docker diff node3

Output

C /tmp
A /tmp/fedora-backup.tar

C -> Changed
A -> Added

history:

Show the history of when and how an image was created.

Syntax

docker history [OPTIONS] IMAGE

docker history fedora

kill:

Kill a running container using SIGKILL or a specified signal. The main process inside each container specified will be sent SIGKILL, or any signal specified with option --signal.

Syntax

docker kill [OPTIONS] CONTAINER [CONTAINER...]

docker kill node3

Lab Cleanup

To remove all the containers run the below commands,

docker rm `docker ps -a -q` -f

To remove all the images run the below commands,

docker rmi `docker images -q` -f