INTRO TO

DOCKER
JACKY
12 SEPTEMBER 2019
C R E D I T S : L I N U X A C A D E M Y ( D O C K E R D E E P D I V E )
 END

OUTLINE

1. DOCKER 2. DOCKER 3. DOCKER 4. DOCKERFILE 5. DOCKER

ARCHITECTURE OBJECTS PROCESSES COMPOSE
DOCKER ARCHITECTURE
The Docker deamon
handles:
Client-server The client talks to the
architecture Docker deamon • Building
• Running
• Distributing

Both communicates
using Rest API
 DOCKER DAEMON
• The Docker daemon (dockerd): Listens for Docker API requests and manages
Docker objects:
- Images
- Containers
- Networks
- Volumes
DOCKER CLIENT & REGISTRY

• The Docker client (docker):

- Is how users interact with Docker
- The client sends these commands to dockerd

• Docker registries:
- Stores Docker images
- Public registry such as DockerHub
- Run your own private registry
 DOCKER ARCHITECTURE DIAGRAM

Back
DOCKER OBJECTS

IMAGES CONTAINERS SERVICES

Back
 Back

Read-only template with instructions

for creating a Docker container

Image is based on another image

DOCKER
IMAGES
Create your own images

Use a Dockerfile to build images

Back

Running instance of an image

Connect a container to a network

DOCKER
Attache Storage CONTAINERS
Create a new image based on its current
state

Isolated from other containers and the host

machine
 Back

Scale containers across multiple

docker daemons

Docker swarm
DOCKER
SERVICES
Define desired state

The services is load-balanced

DOCKER PROCESS SUMMARY
• runc
- Implementation of the OCI container-runtime-spec
- Lightweight CLI wrapper for libcontainer
- Create containers

• Containerd
- Manage container lifecycle: Start, Stop, Pause, Delete, Image management

• Shim
- containerd forks an instance of runc for each new container
- runc process exits after the container is created
- shim process becomes the container parent
- Responsible for:
a) STDIN and STDOUT
b) Reporting exit status to the Docker daemon
CREATING A CONTAINER
docker container run -it --name <NAME> <IMAGE>:<TAG>
• Creating a container:
1. Use the CLI to execute a command.
2. Docker client uses the appropriate API payload.
3. The command POSTs to the correct API endpoint.
4. The Docker daemon receives instructions.
5. The Docker daemon calls containerd to start a new container.
6. The Docker daemon uses gRPC, a CRUD style API.
7. containerd creates an OCI bundle from the Docker image.
8. Tells runc to create a container using the OCI bundle
9. runc interfaces with the OS kernal to get the constructs needed to create a container
10. This includes namespaces, cgroups, etc.
11. The container process is started as a child process
12. Once the container starts runc will exit
13. Which completes the process and the container is now running
Back
DOCKERFILE

• Set of docker instructions used to build an image.

FROM golang:1.12.4
WORKDIR /helloworld
COPY helloworld.go .
RUN GOOS=linux go build -a -installsuffix cgo -o helloworld .
CMD ["./helloworld"]

• To build the image from the Docker file :

“docker build -t inefficient . “
MULTI STAGE BUILD

FROM golang:1.12.4 AS compiler

WORKDIR /helloworld
COPY helloworld.go .
RUN GOOS=linux go build -a -installsuffix cgo -o helloworld .

FROM alpine:3.9.3
WORKDIR /root COPY --from=compiler /helloworld/helloworld .
CMD ["./helloworld"]
COMPARISON
FROM golang:1.12.4
WORKDIR /helloworld
COPY helloworld.go .
RUN GOOS=linux go build -a -
installsuffix cgo -o helloworld .
CMD ["./helloworld"]
784 MB
FROM golang:1.12.4 AS compiler
WORKDIR /helloworld
COPY helloworld.go .
RUN GOOS=linux go build -a -installsuffix
cgo -o helloworld .
FROM alpine:3.9.3
WORKDIR /root COPY --from=compiler
/helloworld/helloworld .
CMD ["./helloworld"]
7.53 MB
Back
DOCKER
COMPOSE
• Compose is a tool for defining and
running multi-container Docker
applications. With Compose, you use a
YAML file to configure your
application’s services. Then, with a
single command, you create and start
all the services from your
configuration.
THANK
YOU