Containerization is a way of sharing parts of a single operating system among multiple isolated applications, as opposed to virtualization which will support multiple apps with their own OS on top of a single hypervisor. This means that where it can take minutes to spin up a virtual machine, it can take seconds to start a container because you aren't having to fire up the OS as well. This is beneficial for massive distributed applications with lots of discrete parts that need to be summoned, run, and then killed in short order.
Application containerization is an OS-level virtualization method used to deploy and run distributed applications without launching an entire virtual machine (VM) for each app. Multiple isolated applications or services run on a single host and access the same OS kernel. Containers work on bare-metal systems, cloud instances and virtual machines, across Linux and select Windows and Mac OSes.
Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. Docker provides the ability to package and run an application in a loosely isolated environment called a container. The isolation and security allow you to run many containers simultaneously on a given host.
A Docker container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings. Container images become containers at runtime and in the case of Docker containers - images become containers when they run on Docker Engine. Available for both Linux and Windows-based applications, containerized software will always run the same, regardless of the infrastructure. Containers isolate software from its environment and ensure that it works uniformly despite differences for instance between development and staging.
By default Docker containers can make connections to the outside world, but the outside world cannot connect to containers. Each outgoing connection will appear to originate from one of the host machine’s own IP addresses thanks to an iptables masquerading rule on the host machine that the Docker server creates when it starts:
$ sudo iptables -t nat -L -n
...
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
...
Docker is written in Go programming language and takes advantage of several features of the Linux kernel to deliver its functionality. Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container. Docker Engine on Linux also relies on another technology called control groups (cgroups). A cgroup limits an application to a specific set of resources.
Docker containers that run on Docker Engine:
1. Standard: Docker created the industry standard for containers, so they could be portable anywhere
2. Lightweight: Containers share the machine’s OS system kernel and therefore do not require an OS per application, driving higher server efficiencies and reducing server and licensing costs
3. Secure: Applications are safer in containers and Docker provides the strongest default isolation capabilities in the industry
Microsoft WSL(Windows Subsystem for Linux) vs Windows Docker Container:
WSL is primarily designed to bring Linux command-line environment on Windows. WSL runs native Linux ELF-64 binaries directly on Windows, and enables you to run your favorite Linux tools atop your Windows "host" OS, sharing the same underlying file-system, networking, process list, etc. as the host OS. Docker, on the other hand, provides a way to quickly & easily create a container that essentially wraps a shared (host) kernel & OS, with additional layers of extra functionality (e.g. adding Java, Ruby, MySQL, etc.). It's also easy to pcakge, deploy, and/or share your Docker containers with others if you wish.
WSL is built as a productivity tool for developers & IT Pro's who need a local, immediate, genuine Linux-compatible environment that integrates with Windows, and allows Linux tools to run alongside and/or interact with Windows files/apps. Docker is built to enable isolated containers to be quickly, reliably, and repeatedly constructed, deployed and/or shared, but do not integrate deeply with your host machine's OS. WSL is a local dev productivity feature, but is not suitable as a host for production workloads - that's where Docker and/or VM's shine.
Linux(Ubuntu) Bash Shell Scripts for Docker commands:
docker_install() {
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get update
apt-cache policy docker-ce
sudo apt-get install -y docker-ce
}
docker_setup() {
sudo usermod -aG docker ${USER}
su - ${USER}
id -nG
docker_status
}
docker_info() {
sudo systemctl status docker
echo -e "\n\n docker info .. \n\n"
docker --version
docker info
echo -e "\n\n docker containers RUNNING \n\n"
docker container ls --all
}
docker_proxy_setup() {
mkdir /etc/systemd/system/docker.service.d
echo [Service] >> http-proxy.conf
echo Environment="HTTP_PROXY=$YOUR_PROXY/" >> http-proxy.conf
sudo systemctl daemon-reload
sudo systemctl show --property Environment docker
sudo systemctl restart docker
docker run hello-world
}
docker_containers_show() {
docker_containers_remove() {
Application containerization is an OS-level virtualization method used to deploy and run distributed applications without launching an entire virtual machine (VM) for each app. Multiple isolated applications or services run on a single host and access the same OS kernel. Containers work on bare-metal systems, cloud instances and virtual machines, across Linux and select Windows and Mac OSes.
Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. Docker provides the ability to package and run an application in a loosely isolated environment called a container. The isolation and security allow you to run many containers simultaneously on a given host.
A Docker container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings. Container images become containers at runtime and in the case of Docker containers - images become containers when they run on Docker Engine. Available for both Linux and Windows-based applications, containerized software will always run the same, regardless of the infrastructure. Containers isolate software from its environment and ensure that it works uniformly despite differences for instance between development and staging.
By default Docker containers can make connections to the outside world, but the outside world cannot connect to containers. Each outgoing connection will appear to originate from one of the host machine’s own IP addresses thanks to an iptables masquerading rule on the host machine that the Docker server creates when it starts:
$ sudo iptables -t nat -L -n
...
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
...
Docker is written in Go programming language and takes advantage of several features of the Linux kernel to deliver its functionality. Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container. Docker Engine on Linux also relies on another technology called control groups (cgroups). A cgroup limits an application to a specific set of resources.
Docker Containers have become extremely popular in modern software development. A delivery vehicle for applications, containers are self-contained execution environments with their own isolated CPU, memory, block I/O, and network resources, that share the kernel of the host operating system.
Docker containers that run on Docker Engine:
1. Standard: Docker created the industry standard for containers, so they could be portable anywhere
2. Lightweight: Containers share the machine’s OS system kernel and therefore do not require an OS per application, driving higher server efficiencies and reducing server and licensing costs
3. Secure: Applications are safer in containers and Docker provides the strongest default isolation capabilities in the industry
WSL is primarily designed to bring Linux command-line environment on Windows. WSL runs native Linux ELF-64 binaries directly on Windows, and enables you to run your favorite Linux tools atop your Windows "host" OS, sharing the same underlying file-system, networking, process list, etc. as the host OS. Docker, on the other hand, provides a way to quickly & easily create a container that essentially wraps a shared (host) kernel & OS, with additional layers of extra functionality (e.g. adding Java, Ruby, MySQL, etc.). It's also easy to pcakge, deploy, and/or share your Docker containers with others if you wish.
WSL is built as a productivity tool for developers & IT Pro's who need a local, immediate, genuine Linux-compatible environment that integrates with Windows, and allows Linux tools to run alongside and/or interact with Windows files/apps. Docker is built to enable isolated containers to be quickly, reliably, and repeatedly constructed, deployed and/or shared, but do not integrate deeply with your host machine's OS. WSL is a local dev productivity feature, but is not suitable as a host for production workloads - that's where Docker and/or VM's shine.
Linux(Ubuntu) Bash Shell Scripts for Docker commands:
docker_install() {
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get update
apt-cache policy docker-ce
sudo apt-get install -y docker-ce
}
docker_setup() {
sudo usermod -aG docker ${USER}
su - ${USER}
id -nG
docker_status
}
docker_info() {
sudo systemctl status docker
echo -e "\n\n docker info .. \n\n"
docker --version
docker info
echo -e "\n\n docker containers RUNNING \n\n"
docker container ls --all
}
docker_proxy_setup() {
mkdir /etc/systemd/system/docker.service.d
echo [Service] >> http-proxy.conf
echo Environment="HTTP_PROXY=$YOUR_PROXY/" >> http-proxy.conf
sudo systemctl daemon-reload
sudo systemctl show --property Environment docker
sudo systemctl restart docker
docker run hello-world
}
docker_containers_show() {
echo -e "\n\nDocker Containers list.. \n\n"
docker container ps -a
}docker_containers_remove() {
echo -e "\n\nDocker Containers list .. \n\n"
docker container ps -a
echo -e "\n\nStopping Docker Containers .. \n\n"
docker stop $(docker ps -qa)
docker rm $(docker ps -qa)
echo -e "\n\nDocker Containers list .. \n\n"
docker container ps -a
}
# $1 = docker container id
docker_container_ip_address() {
docker inspect -f '{{range .NetworkSettings.Networks}}{{.
}
# $1 = docker container name ; $2 = docker image name
docker_container_create() {
docker run -d --name $1 --rm -i -t $2 bash
# example: docker run -d --name ubuntu-1 --rm -i -t ubuntu bash
}
# $1 = source file name $2 = docker container name
docker_container_copy_files() {
docker cp $1 $2:/
# example: docker cp test_1 ubuntu-1:/
}
# $1 = docker container name ; $2 = process_to_execute
docker_container_exec() {
docker exec -it $1 $2
# example: docker exec -it ubuntu-1 ./test_process
}
ref:
Docker Documentation - https://docs.docker.com/
Docker FAQ - https://docs.docker.com/engine/faq/
Docker Commands Cheat Sheets -
1. https://www.docker.com/sites/default/files/Docker_CheatSheet_08.09.2016_0.pdf
2. https://github.com/wsargent/docker-cheat-sheet
3. https://hackernoon.com/docker-commands-the-ultimate-cheat-sheet-994ac78e2888
4. https://devhints.io/docker
5. https://www.linode.com/docs/applications/containers/docker-commands-quick-reference-cheat-sheet/
Docker Overview -
1. https://docs.docker.com/engine/docker-overview/
2. https://www.docker.com/resources/what-container
3. https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/overview_of_containers_in_red_hat_systems/introduction_to_linux_containers
4. https://ericchiang.github.io/post/containers-from-scratch/
Docker Security - https://docs.docker.com/engine/security/security/
Rancher OS(fast, ultra-lightweight container OS) - https://rancher.com/rancher-os/
Docker internals -
1. https://medium.com/@nagarwal/understanding-the-docker-internals-7ccb052ce9fe
2. https://itnext.io/chroot-cgroups-and-namespaces-an-overview-37124d995e3d
How is it possible to run a CentOS container on Ubuntu OS - https://forums.docker.com/t/how-is-this-possible-centos-container-on-ubuntu-newbie-question/21558/5
Misc =>
Docker FAQ - https://docs.docker.com/engine/faq/
Docker Commands Cheat Sheets -
1. https://www.docker.com/sites/default/files/Docker_CheatSheet_08.09.2016_0.pdf
2. https://github.com/wsargent/docker-cheat-sheet
3. https://hackernoon.com/docker-commands-the-ultimate-cheat-sheet-994ac78e2888
4. https://devhints.io/docker
5. https://www.linode.com/docs/applications/containers/docker-commands-quick-reference-cheat-sheet/
Docker Overview -
1. https://docs.docker.com/engine/docker-overview/
2. https://www.docker.com/resources/what-container
3. https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/overview_of_containers_in_red_hat_systems/introduction_to_linux_containers
4. https://ericchiang.github.io/post/containers-from-scratch/
Docker Security - https://docs.docker.com/engine/security/security/
Rancher OS(fast, ultra-lightweight container OS) - https://rancher.com/rancher-os/
1. https://medium.com/@nagarwal/understanding-the-docker-internals-7ccb052ce9fe
2. https://itnext.io/chroot-cgroups-and-namespaces-an-overview-37124d995e3d
How is it possible to run a CentOS container on Ubuntu OS - https://forums.docker.com/t/how-is-this-possible-centos-container-on-ubuntu-newbie-question/21558/5
Misc =>
