Skip to content

theresa-de-ocampo/docker-deep-dive

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
images
images
 
 
inspect
inspect
 
 
sample-yaml
sample-yaml
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
data-communication.md
data-communication.md
 
 
external.md
external.md
 
 
multipass.md
multipass.md
 
 

Repository files navigation

Docker Notes

Learning path from Docker Deep Dive of Nigel Poulton (2023 Edition)

Chapter 1 - Containers from 30,000 feet

Kubernetes

(pg. 19)

Kubernetes is an open-source project out of Google that has quickly emergered as the de factor orchestrator of containerized apps.

Kubernetes used to use Docker as its default container runtime - the low-level technology that pulls images and starts and stops containers. However, modern Kubernetes clusters have a pluggable container runtime interface (CRI) that makes it easy to swap-out different container runtimes.

Most new Kubernetes clusters use containerd which is the small specialized part of Docker that does the low-level tasks of starting and stopping containers.

Chapter 2 - Docker

Parts of Docker

  1. Runtime
  2. Daemon (a.k.a. engine)
  3. Orchestrator

  • The low-level runtime is called runc and is the reference implementation of Open Containers Initiative (OCI) runtime-spec. Its job is to interface with the underlying OS and start and stop containers. Every container on a Docker node was created and started by an instance of runc.

  • The high-level runtime is called containerd. This manages the entire container lifecycle including pulling images and managing runc instances.

  • The Docker daemon (dockerd) sits above containerd and performs higher-level tasks such as exposing the Docker API, managing images, managing volumes, managing networks, and more.

Docker Architecture

Chapter 4 - The Big Picture

Command Other Options Page
docker pull ubuntu:latest - 38
docker run -it ubuntu:latest /bin/bash --dns, --dns-search 38
ps -elf - 39
docker ps -a 39
docker images - 43
docker exec -it container_name bash - 40
docker stop container_name - 40
docker rm container_name - 40
ls -l - 42
cat Dockerfile - 42
docker build -t test:latest . - 43
docker run -d --name web1 --publish 8080:8080 test:latest - 43

Chapter 5 - The Docker Engine

(pg. 53)

Docker Engine Architecure

When you run a docker run command into the Docker CLI, the Docker client converts them into the appropriate API payload and POSTs them to the API endpoint exposed by the Docker daemon.

Once the daemon receives the command to create a new container, it makes a call to containerd. Remember that the daemon no longer contains any code to create containers!

Docker Engine Architecure

Chapter 6 - Images

Command Other Options Page
docker images --filter dangling=true before, since, label, reference="*:latest" 66
docker image prune -a, before, since, label, reference="*:latest" 66
docker inspect image:tag - 69
docker pull -a repository_name - 72
docker images --digests 73
docker rmi image_name - 73
docker manifest inspect remote_image_name | grep "architecture\|os" - 77
docker image inspect local_image_name | grep "Architecture\|Os" - -
docker buildx build --platform linux/arm/v7 -t myimage:armv7 . - 78
docker manifest create - 78
docker stop $(docker ps -a -q) - 79
docker remove $(docker ps -a -q) - 79
docker rmi $(docker images -q) -f 79

Chapter 7 - Containers

Command Other Options Page
docker start container_name - 91
docker run --name neversaydie -it --restart always alpine sh --restart unless-stopped, --restart on-failure 94
docker inspect neversaydie | grep "RestartCount" - 94
docker inspect --format="{{json .Config.Entrypoint}}" container_name - 98

Chapter 8 - Containerizing an App

Containerize a Single-Container App

Command Other Options Page
docker tag ddd-book:ch8.1 teriz/ddd-book:ch8.1 - 109
docker push teriz/ddd-book:ch8.1 - 110
docker history image_name - 112

Multi-Stage Builds

Command Other Options Page
docker build -t multi-stage/client --target prod-client -f Dockerfile-final . - 118
docker build -t multi-stage/server --target prod-server -f Dockerfile-final . - 118

Multi-Platform Builds

Command Other Options Page
docker buildx version - 119
docker buildx create --driver=docker-container --name=container - 119
docker buildx build --builder=builder_name --platform=your_list -t image_name:tag --push . --squash 119
docker buildx stop builder_name - -

Chapter 9 - Multi-Container Apps with Compose

Command Other Options Page
docker compose version - 128
docker compose up &, --detach 132
docker compose up -f prod-equus-bass.yml up & - 133
docker network ls - 134
docker volume ls - 134
docker compose down --volumes, --rmi (all|local) 135
docker compose ps a 136
docker compose top - 136
docker compose stop - 137
docker compose rm - 137
docker compose restart - 137
docker compose ls - 137
docker volume inspect multi-container_counter-vol - 138

Chapter 10 - Docker Swarm

Pre-requisites: Set-up nodes with Multipass or PlayWithDocker

Build a Secure Swarm Cluster

Command Other Options Page
docker swarm init --advertise-addr 10.0.0.1:2377 --listen-addr 10.0.0.1:2377 --autolock=true 148
docker node ls - 148
docker swarm join-token worker - 149
docker swarm join-token manager - 149
docker swarm join --token manager_or_worker_token leader_ip --advertise-addr this_ip --listen-addr this_ip - 150
docker swarm update --autolock=true - 153
docker swarm unlock - 153
docker swarm unlock-key - 153
docker node update --availability (active|pause|drain) manager1 - 154

Deploying Swarm Services

Command Other Options Page
docker service create --name web-fe -p 8080:8080 --replicas 5 image --mode global 155
docker service ls - 156
docker service ps web-fe - 156
docker service inspect --pretty web-fe - 157
docker service scale web-fe=10 - 158
docker service rm web-fe - 159
docker network create -d overlay uber-net - 160
docker network ls - 160
docker service create --name uber-service --network uber-net -p 8080: --replicas 12 nigelpoulton/ddd-book:web0.1 - 161
docker service update --image nigelpoulton/ddd-book:web0.2 --update-parallelism 2 --update-delay 20s uber-service - 163

More on docker network ls

Lists all the network the daemon knows about. This includes network that span across multiple hosts in a cluster.

[worker1] (local) root@192.168.0.13 ~
$ docker network ls
NETWORK ID     NAME              DRIVER    SCOPE
1624a8193671   bridge            bridge    local
78bed499d0c5   docker_gwbridge   bridge    local
81b60bc9270a   host              host      local
f9b63ydlmtph   ingress           overlay   swarm
02f1bcc66615   none              null      local

In Docker Swarm, the network named ingress is a built-in overlay network used for internal communication among the nodes in the swarm.

Other networks like bridge, docker_gwbridge, host, and none are standard networks with different purposes.

The ingress network is used by the swarm to route traffic route between services running on different nodes. It provides a way for containers on different nodes to communicate with each other seamlessly.

If you want more detailed information about the ingress network or other swarm-related details, you can use:

docker network inspect ingress

When you create a new overlay network (uber-net) and update a service's (uber-service) network to use this newly created overlay network, it doesn't affect the default ingress network directly. The ingress network remains a fundamental part of the Docker Swarm for internal communication between services, regardless of additional overlay networks you create.

The ingress network is used for routing traffice between services running on different nodes in the Docker Swarm. It is not replaced or superseded by other overlay networks; instead, overlay networks are additional and can be used for specific purposes.

The tasks of the service can then communicate using both the default ingress network and the new overlay network. It doesn't replace or remove the ingress network; it simply extends the network capabilities of the service.

Troubleshooting

Command Other Options Page
docker service logs --details, --follow, tail 165

Chapter 11 - Docker Networking

Command Other Options Page
docker inspect bridge | grep "bridge.name" 179
docker network create -d bridge local-net - 180
docker run -d --name c1 --network local-net alpine sleep 1d - 181
docker inspect your-network - 181
docker network create -d macvlan --subnet=10.0.0.0/24 --ip-range=10.0.0.0/25 --gateway=10.0.0.1 -o parent=eth0.100 macvlan 100 - 187
docker logs container_name - 190
docker service create -d --name svc1 --publish published=5001,target=80,mode=host ngnix - 194
docker network prune - 196
docker network rm network_name - 196

Chapter 13 - Volumes and Persistent Data

Command Other Options Page
docker volume create my-volume -d 215
docker volume ls - 216
docker volume rm volume_name - 216
docker run -it --name voltainer --mount source=bizvol,target=/vol alpine - 217
docker plugin install - 222
docker plugin ls - 222

What's Next?

About

Learning Docker

Topics

docker tutorial-based

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages