Docker basics
Table of Contents
In this section, we will introduce Docker basics. The first part covers the installation and configuration of Docker. We will see how some basic Docker commands work, such as searching, downloading and listing the images on a Docker Hub, searching through a client, creating and managing containers, and executing commands inside the container itself. The chapter ends with an emphasis on the on two important Docker commands. The first is image start or creating a container instance. The second command stops all containers.
Docker installation
The Docker basics in our example include Docker which we will install with the latest Linux operating system distribution – CentOS 8. CentOS is known to be a free distribution of the Red Hat Enterprise operating systems. With version 8, Red Hat no longer has Docker installed, but has its own container engines solutions – podman and buildah. With new version there were changes in packet manager. Although yum is still a supported, new packet manager is called dnf. Docker can be installed in two versions: Docker CE (Community Edition) and Enterprise Edition (EE). In this example, we are going to install Docker CE (Community Edition).
Prerequisites: CentOS 8 / RHEL 8, root privileges and Internet connection. Steps:
- Add the Docker repository to your local distribution
- Install Docker
- Check the Docker installation
1. Add Docker repository to your local distribution
a) Add repo with dnf packet manager (although yum can be used too):
[root@docker ~]# dnf config-manager –add
repo=https://download.docker.com/linux/centos/docker-ce.repo
Adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
b)Check if repository is active
[root@docker ~]# dnf list docker-ce
CentOS-8 – Appstream
CentOS-8 – Base
CentOS-8 – Extras
Docker CE Stable-x86_64
Available Packages
docker-ce.x86_64 3:19.03.7-3.el7
docker-ce-stable
2.Install Docker
a) dnf command to install docker
[root@docker ~]# dnf install docker-ce –nobest -y
Last metadata expiration check: 0:00:18 ago on Mon 09 Mar 2020 09:05:09 AM CET.
Dependencies resolved.
Problem: package docker-ce-3:19.03.7-3.el7.x86_64 requires containerd.io >= 1.2.2-3, but none of the providers can be installed
– cannot install the best candidate for the job
– package containerd.io-1.2.10-3.2.el7.x86_64 is excluded
– package containerd.io-1.2.13-3.1.el7.x86_64 is excluded
– package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
– package containerd.io-1.2.2-3.el7.x86_64 is excluded
– package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
– package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
– package containerd.io-1.2.6-3.3.el7.x86_64 is excluded
b) Start and enable docker service during boot
[root@docker ~]# systemctl start docker
[root@docker ~]# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
c)Check the Docker version
[root@docker ~]# docker –version
Docker version 19.03.7, build 7141c199a2
3) Start the test container – hello world to see if everything works as expected
[root@docker ~]# docker run hello-world
Unable to find image ‘hello-world:latest’ locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:fc6a51919cfeb2e6763f62b6d9e8815acbf7cd2e476ea353743570610737b752
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
COMMON QUESTIONS
Can we change the default docker settings?
It is important to note that the entire Docker configuration is located in the path: /var/lib/docker
For example, if we want to control the space used, we give daemon instructions to use another path:
{
“data-root”: “/mnt/docker”,
“storage-driver”: “overlay2”
}
What if the Docker client and server are on different machines?
Dockerd daemon by default communicates via a UNIX socket. For things to work, client and server must be on the same machine. That’s the fundamental part of Docker basics. In situations where client and server are on different machines, daemon has to be configured to work with TCP protocol. There is a big emphasis on remote connection security, and it is always recommended to use TLS certificates. If you want to configure a daemon process outside the default frames. It is important to note that daemon settings can be changed with systemd, flags during runtime and configuration file.
What about non-root user and Docker?
If we want to use non-root user to run Docker commands, user must be part of preinstalled Docker group.
Regular user does not have rights to execute Docker commands by default:
[admin@docker ~]$ docker run hello-world
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
As a root user, we can run command to add a user to the docker group which is installed with Docker:
#usermod -aG docker admin
Log back as admin user and run the command to run the image:
[admin@docker ~]$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
What if Docker connects to Internet via proxy?
If your Internet connection connects via proxy, you need to reconfigure the Docker. Docker daemon uses HTTP_PROXY, HTTPS_PROXY and NO_PROXY variables. Variables can be set via systemd or daemon.json. Since we are working with the CentOS operating system:
1) Create directory
mkdir -p /etc/systemd/system/docker.service.d
2) If you use HTTP create following file
touch /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]Environment=“HTTP_PROXY=http://proxy.example.com:80/”
3) If you use HTTPS create following file
touch /etc/systemd/system/docker.service.d/https-proxy.conf
[Service]
Environment=“HTTPS_PROXY=https://proxy.example.com:443/”4)
4) Restart daemon process
# sudo systemctl daemon-reload
5) Restart docker engine
#systemctl docker restart
6) Check new configuration
$ systemctl show –property=Environment dockerEnvironment=HTTPS_PROXY=https://proxy.example.com:443/
Docker commands
Image search on Docker Hub
Signing up on the Docker Hub (https://hub.docker.com/) gives you the access to thousands of images uploaded by developers around the world. The Docker Hub is the default location where Docker downloads and pushes the images. By choosing an individual image (for example-mysql we get more detailed information)
Image search on Docker client
We can also do the search on the machine where we installed the Docker. Note that non-root must be part of the docker group in order to successfully execute Docker commands. For example, if we want to search all the image related to apache we run:
[root@docker ~]# docker search apache
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
httpd The Apache HTTP Server Project 2897 [OK]
tomcat Apache Tomcat is an open source implementati… 2659 [OK]
cassandra Apache Cassandra is an open-source distribut… 1101 [OK]
maven Apache Maven is a software project managemen… 992 [OK]
solr Solr is the popular, blazing-fast, open sour… 736 [OK]
apache/nifi Unofficial convenience binaries and Docker i… 166 [OK]
….
Image download
If we want to download image from Docker Hub, we use the Docker docker pull command. Log in to your account before running this command:
[root@docker ~]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don’t have a Docker ID, head over to https://hub.docker.com to create one.
Username:
Password:
Example includes downloading the apache package. Unless we specify which version we want, the latest version is implied. If we want a specific version we use the tag: docker pull httpd: 2.1
[root@docker ~]# docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
68ced04f60ab: Downloading [===================================> ] 18.97MB/27.09MB
35d35f1e0dc9: Download complete
8a918bf0ae55: Download complete
d7b9f2dbc195: Downloading [======================> ] 11.21MB/24.38MB
d56c468bde81: Waiting
List all images on local system
If Docker is installed on the local system for the first time, the local cache does not contain any images. In previous examples we downloaded two images: hello-world and httpd. Handy command for listing all images on local system is docker images:
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest c5a012f9cf45 13 days ago 165MB
hello-world latest fce289e99eb9 14 months ago 1.84kB
Docker run image
We create containers with Docker command – docker run. The command first tries to retrieve the image locally and if it does’nt, it connects to the Docker Hub with command docker pull. Because we already have an httpd container in the local repository, we can run:
[root@docker ~]# docker run httpd
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message
[Tue Mar 10 14:30:25.723694 2020] [mpm_event:notice] [pid 1:tid 140666623128704] AH00489: Apache/2.4.41 (Unix) configured — resuming normal operations
[Tue Mar 10 14:30:25.724856 2020] [core:notice] [pid 1:tid 140666623128704] AH00094: Command line: ‘httpd -D FOREGROUND’
Notice that container has started at your terminal as a process, and we can stop it with Ctrl + C.
If we want the container to run as a background process, we start it with d switch:
[root@docker ~]# docker run -d httpd
2e2ab02a9ae604c2063dae850ab5c9c21fbd559b2e7e4729d6bddf321c1878a1
Verify with docker ps:
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2e2ab02a9ae6 httpd “httpd-foreground” 30 seconds ago Up 29 seconds 80/tcp mystifying_bose
Each container starts with a name. If no name is given, the docker automatically generates it for you:
docker run –name my-httpd httpd
If we want to start the container and automatically access its terminal we use switches i and i:
#docker run –name my-httpd –it httpd / bin / bash
[root@docker ~]# docker run –name httpd -it httpd /bin/bash
root@ee06c85526d1:/usr/local/apache2#
Exit from container:
root@ee06c85526d1:/usr/local/apache2# exit
exit
[root@docker ~]#
Running commands inside container
When a container is already running, we can use command docker exec CONTAINERID COMMAND to run commands inside container itself:
[root@docker ~]# docker exec b6a06aafad74 cat /etc/hostname
b6a06aafad74
Instead of CONTAINERID we can use container name:
[root@docker ~]# docker exec httpd cat /etc/hostname
b6a06aafad74
Managing container
To have a list of active containers use command docker ps:
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
da1e2ac6d8f5 httpd “httpd-foreground” 8 minutes ago Up 8 minutes 80/tcp quizzical_thompson
b6a06aafad74 httpd “httpd-foreground” 11 minutes ago Up 11 minutes 80/tcp distracted_austin
Output contains CONTAINER ID, IMAGE, COMMAND, STATUS and PORTS.
CONTAINERD is the universal container identification, IMAGE is the name of the image used at startup, COMMAND describes the command that was started at startup, STATUS shows the current uptime and PORTS shows exposed ports.
All inactive and stopped containers we can list with switch a:
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
da1e2ac6d8f5 httpd “httpd-foreground” 10 minutes ago Up 10 minutes 80/tcp quizzical_thompson
b6a06aafad74 httpd “httpd-foreground” 13 minutes ago Up 13 minutes 80/tcp distracted_austin
bfdc2119b82f httpd “/bin/bash” 14 minutes ago Exited (0) 14 minutes ago httpd1
ee06c85526d1 httpd “/bin/bash” 17 minutes ago Exited (127) 16 minutes ago httpd
….
To analysed inactive container content we use command docker inspect:
[root@docker ~]# docker inspect httpd
[
{
“Id”: “ee06c85526d16fa2095d9d9ffd104c14f87eb687bb593440a4b4f0ee712b434f”,
“Created”: “2020-03-10T14:42:36.641384747Z”,
“Path”: “/bin/bash”,
“Args”: [],
“State”: {
Container is stopped by command stop (gracefully) and kill (forcefully):
#Docker stop httpd
#Docker kill httpd
To restart stopped container we use command docker restart:
[root@docker ~]# docker restart my-httpd
my-httpd
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
da1e2ac6d8f5 httpd “httpd-foreground” 17 minutes ago Up 17 minutes 80/tcp quizzical_thompson
b6a06aafad74 httpd “httpd-foreground” 20 minutes ago Up 20 minutes 80/tcp distracted_austin
5e7b123825d5 httpd “httpd-foreground” 27 minutes ago Up 2 seconds 80/tcp my-httpd
If we want to delete container permanently, command docker rm is the answer:
[root@docker ~]# docker stop myhttpd
Myhttpd
[root@docker ~]# docker rm myhttpd
myhttpd
Docker stop all containers
If we want to avoid stopping all containers individually, very useful command is docker stop $ (docker ps –q):
Let’s check the status of the active containers:
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee06c85526d1 httpd “/bin/bash” 23 hours ago Up 16 seconds 80/tcp httpd
5e7b123825d5 httpd “httpd-foreground” 23 hours ago Up 1 second 80/tcp my-httpd
Stop all containers:
[root@docker ~]# docker stop $(docker ps -q)
ee06c85526d1
5e7b123825d5
Check the active container status:
[root@docker ~]# docker ps
We can delete all unactive container with command docker rm $(docker ps –aq):
Check the status of inactive containers:
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
da1e2ac6d8f5 httpd “httpd-foreground” 23 hours ago Exited (255) About a minute ago 80/tcp quizzical_thompson
b6a06aafad74 httpd “httpd-foreground” 23 hours ago Exited (255) About a minute ago 80/tcp distracted_austin
bfdc2119b82f httpd “/bin/bash” 23 hours ago Exited (0) 23 hours ago httpd1
ee06c85526d1 httpd “/bin/bash” 23 hours ago Exited (127) 23 hours ago httpd
….
…
Delete all inactive containers:
[root@docker ~]# docker rm $(docker ps -aq)
da1e2ac6d8f5
b6a06aafad74
bfdc2119b82f
2e2ab02a9ae6
06a90042482f
09ca6391f786
3e65082c81bf
95102dc9969c
ddbb1eaf7fcd
0b5c8adf1bc8
Check:
[root@docker ~]# docker rm $(docker ps -aq)
We see that Docker stopping all commands is an easy task.
I hope you enjoyed this article. The following is a Docker storage setup.