way that keep them isolated from the host system that they run on. - Allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies - Make it easier to provide a consistent experience between development and production environment - Easy to deploy and replicate deployments
entire operating system, just some components to make everything up and run. - Container use host kernel to ensure the isolation and resource control, instead of full layer of visualization - Therefore, containers are - Fast in both starting up and operation - Lower memory footprint - Lightweight
container was Chroot, 1982 - FreeBSD Jails, 2000 - Solaris Zones, 2004 - Linux OpenVZ, 2005 - LXC, 2008 - Docker, 2013 - Built on LXC - Moved to libcontainer (March 2014) - Moved to runC (July 2015)
of an image is called a container. - You can have many running containers of the same image. - Images are created with the build command, and they'll produce a container when started with run.
attached tags - All docker images with the same name are grouped - The most popular docker image registry is Docker Hub - https://hub.docker.com/r/library/postgres/tags/ - There are other public / private image registries from AWS, Google, etc.
to the redis server in postgres? + All containers are network isolated + It means that containers could not access others’ network and the host could not access containers’ network
container to outside with port 6378 docker run --name my-redis -p 6378:6379 redis - Test the redis server by command redis-cli -h localhost -p 6378 - And it works
postgres docker container and restart - Oops, all data is gone :’( - What did happen? + All containers are file system isolated + All containers data are not mounted (linked) to the host. When it starts again, no data is retained
all the commands a user could call on the command line to assemble an image. - It defines: - Is current image based on other image? If yes, what is it? - Dependencies installation commands - How to start the container of this image? - What environments are allowed to be passed in? - Which ports the container will expose? - etc.
and Redis container again we don't need to expose ports - Create a new file Dockerfile with the following content FROM ruby:2.4.0 RUN mkdir -p /app WORKDIR /app COPY Gemfile Gemfile.lock ./ RUN gem install bundler && bundle install --jobs 20 --retry 5 --without test COPY . ./ EXPOSE 9292 CMD ["bundle", "exec", "puma"]
docker image with command docker build -t ehavatar . - The building process fails. We fail to build RMgick gem. Need to add dependencies. Add this line to Dockerifle RUN apt-get update -qq --fix-missing && apt-get install -y libmagickwand-dev
And it is sure to be successful. - Start web server and sidekiq docker run -p 9292:9292 eh-avatar docker run -p 9292:9292 eh-avatar bundle exec sidekiq -r ./config/environment.rb - And it fails again. We fail to connect to redis and postgres
Docker applications. - Run multiple isolated environments on a single host with a single command. - Better Development environments. - Easier build / run / scale.
Specify a build context 3. Use a .dockerignore file 4. Use multi-stage builds 5. Avoid installing unnecessary packages 6. Minimize the number of layers 7. ….