Next up in my cheat sheet series — what is and using Docker
Something to understand from the get-go is Containers have been around for a while (Linux Containers, or LXC). Docker is just an orchestration system designed to manage containers. The skinny on what containers are is they are Linux namespaces to separate them from other namespaces, effectively making them look like a isolated island even though they are all connected by a common OS (usually some flavor of Linux).
Think of VMware vm’s off a host, everyone is isolated but tired to that physical host. Or think of a switch/router VRF instance. VRFs separate a routing table but its still tied to a physical router or switch. Thus, containers can “leak” into other containers if you choose to being on the same OS, just like we can do VRF leaking on our routers. Nice thing with this is unlike vms, you don’t need to manage a separate OS per vm, its all the same vm. Container is just spinning up a process or task, not the entire OS! Makes the container much lighter than a full blown vm.
ONCE AGAIN….LEARN LINUX
Nuff said, if you’ve been following my blog posts you know I’ve been saying this almost a year already. All these cloud tools will make MUCH more sense to you if you learn the basics of Linux.
THEORY BEHIND DOCKER
As I said before, Docker is like the orchestration tool used to manage the containers. Docker uses a concept of images/templates, and using this predefined template uses it to create an image. Images may hold a whole OS or a service like Apache. The image in turn is used to spin off containers, so multiple images can be used to make a container. Why do we need multiple containers? Maybe test an app and then kill off the container, or you want to run a process then change it later on. By using containers, you can spin up “vms” on the fly and much quicker than a full blown vm that we’ve had to do in the past.
Like Chef’s Supermarket, Docker has a “store” called Docker Hub with a bunch of Docker images contributed by the community.
HOW TO INSTALL DOCKER
A list of supported OS’ are here as well as their installation instructions. Rejoice Windows users, you can now install Docker as well (however, there is no GUI, its technically a Linux vm installed in Windows and you can manage it via CLI or PowerShell)! For Linux its a pretty straightforward process, you can do the whole thing in 5-10 minutes!
HOW TO MAKE A DOCKER CONTAINER
In Lunx its a simple command, use the sudo docker run command.
You can use a Linux bridge to connect multiple containers together. If you do a ifconfig, you’ll see dockerX listed, thats the local server subnet that the containers you create will use. So when you spin up a container, you’ll see their eth0 interface the same subnet as the dockerX interface (a RFC1918 assigned subnet). A veth gets created to use as a l2 bridge so that it can get out of the host box if it needs to. Also ensure iptables is allowing this type of communication.
Furthermore, we can use Port Fowarding from our Docker private subnet to the host IP so the rest of our networking can talk to our Docker processes. use the sudo docker run -p command to change the port for a container.
For more info about Docker networking use this doc.
So there IS a GUI for Docker, one of the popular ones is Kitematic. Its a download for Mac and Windows. Check out there site https://kitematic.com/ but there are a few out there so google away.
One thing I’ve been loving about the open source community is the documentation, its usually on point without fluff that we see from major vendors. To learn more about Docker, visit their user guide here.
COMMAND CHEAT SHEET
sudo docker run specific an app or script into a container
sudo docker ps see currently running containers
sudo docker start | stop being that a container is like a process, we can stop/start containers on the fly!
sudo docker images view list of images you have
sudo docker search search from the CLI Docker Hub images