Docker Series Part 1: Simple Introduction

Containers have existed long before Docker came into the picture.  Let us see what is LXC(Linux Containers)

Linux users easily create and manage system or application containers. The goal of LXC is to create an environment as close as possible to a standard Linux installation but without the need for a separate kernel.

This is perfect for isolating applications and containerizing them; this is useful as the other processes can’t access resources in any other container. Let’s see what the Docker team says,

Docker containers wrap a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries – anything that can be installed on a server.

In much simpler terms, they provide a Virtual Machine like isolated environment with a few other benefits. But while Docker is more of application container, LXC is more of a OS container.  I suggest this article for an introduction to LXC.

Let’s get started with using Docker. First install Docker Engine following the instructions here.

Let’s run our first container.

docker run -it ubuntu

This will put you in a Ubuntu container. You will have the same experience whether you are on Linux, Mac OS or Windows. You have to keep in mind that Docker containers are not VMs. Containers are ephemeral.

If you install any software or create/modify any files, you will have to create a new image for these changes to persist. For this, you will have to commit your current changes in a new Docker image.

➜  ~ docker ps -a
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS                   PORTS               NAMES
89d5116abd2e        alpine                "sh"                     5 seconds ago       Exited (0) 2 seconds ago                       vigilant_kilby
➜  ~ docker commit 89d5116abd2e mynewimage

The docker commit will take the old container’s ID and the name of the new image as arguments.

I guess this is enough to get started. You can check more pre-built public images at the Docker Hub or the Docker Store.

Docker Series

This will be a small introduction series to the world of Docker.
I’ll be going over the following topics:

  • Simpler usage of docker containers.
  • Data Volumes and mounting host directory in a container.
  • Building your own docker image.
  • Running multiple containers simultaneously(Docker Compose).
  • Docker cluster management and orchestration features(Docker Swarm).

    Disclaimer: Most of the things that I will be going through will be for beginners and will contain stuff from the official documentation of Docker.

Docker Registry on local network.

So, we all have used Docker Hub and it’s private repositories, but sometimes, if we want to do some testing on the local network and want to save some bandwidth, we could set up our own Docker Registry. If you want to read that documentation that’s fine. But this is to just get you running.

The machine on which you want to configure the registry(Let’s call it the server) must have a static IP. Add an entry to your /etc/hosts file (Linux or MAC). Then follow these steps (Run these on the server only.)

mkdir -p certs && openssl req \ -newkey rsa:4096 -nodes -sha256 -keyout certs/docker.key \ -x509 -days 365 -out certs/docker.crt

Then, run this command. (Obviously you have docker installed and configured for your user! You’re not that dumb. 😉 )

docker run -d -p 5000:5000 --restart=always --name registry \
-v `pwd`/data:/var/lib/registry \
-v `pwd`/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/docker.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/docker.key \
registry:2

You are almost done! Just two more steps left to configure your docker engine to talk to this registry. (These must be done on your local machines)

  1. Copy the docker.crt file to /etc/docker/certs.d/docker.local:5000/ca.crt
  2. Restart Docker Engine. (systemctl restart docker)

Sources

  • https://docs.docker.com/registry/insecure/#/using-self-signed-certificates
  • https://docs.docker.com/registry/deploying/#get-a-certificate
  • https://docs.docker.com/registry/deploying/#storage