Docker basics

In this section, we will introduce Docker basics. The first part covers the installation and configuration of Docker. We will see how some basic Docker commands work, such as searching, downloading and listing the images on a Docker Hub, searching through a client, creating and managing containers, and executing commands inside the container itself. The chapter ends with an emphasis on the on two important Docker commands. The first is image start or creating a container instance. The second command stops all containers.

Docker installation

The Docker basics in our example include Docker which we will install with the latest Linux operating system distribution – CentOS 8. CentOS is known to be a free distribution of the Red Hat Enterprise operating systems. With version 8, Red Hat no longer has Docker installed, but has its own container engines solutions – podman and buildah. With new version there were changes in packet manager. Although yum is still a supported, new packet manager is called dnf. Docker can be installed in two versions: Docker CE (Community Edition) and Enterprise Edition (EE). In this example, we are going to install Docker CE (Community Edition).

Prerequisites: CentOS 8 / RHEL 8, root privileges and Internet connection. Steps:

  1. Add the Docker repository to your local distribution
  2. Install Docker
  3. Check the Docker installation

1. Add Docker repository to your local distribution

a) Add repo with dnf packet manager (although yum can be used too):

 [root@docker ~]# dnf config-manager –add

repo=https://download.docker.com/linux/centos/docker-ce.repo

 Adding repo from: https://download.docker.com/linux/centos/docker-ce.repo

b)Check if repository is active

 [root@docker ~]# dnf list docker-ce

CentOS-8 –  Appstream
CentOS-8 – Base
CentOS-8 – Extras       
Docker CE Stable-x86_64                                                                                           

Available Packages
docker-ce.x86_64 3:19.03.7-3.el7                                       
docker-ce-stable

2.Install Docker

a) dnf command to install docker

[root@docker ~]# dnf install docker-ce –nobest -y

Last metadata expiration check: 0:00:18 ago on Mon 09 Mar 2020 09:05:09 AM CET.

Dependencies resolved.

 Problem: package docker-ce-3:19.03.7-3.el7.x86_64 requires containerd.io >= 1.2.2-3, but none of the providers can be installed

  – cannot install the best candidate for the job

  – package containerd.io-1.2.10-3.2.el7.x86_64 is excluded

  – package containerd.io-1.2.13-3.1.el7.x86_64 is excluded

  – package containerd.io-1.2.2-3.3.el7.x86_64 is excluded

  – package containerd.io-1.2.2-3.el7.x86_64 is excluded

  – package containerd.io-1.2.4-3.1.el7.x86_64 is excluded

  – package containerd.io-1.2.5-3.1.el7.x86_64 is excluded

  – package containerd.io-1.2.6-3.3.el7.x86_64 is excluded

b) Start and enable docker service during boot

[root@docker ~]# systemctl start docker

[root@docker ~]# systemctl enable docker

Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.

c)Check the Docker version

[root@docker ~]# docker –version

Docker version 19.03.7, build 7141c199a2  

3) Start the test container – hello world to see if everything works as expected

[root@docker ~]# docker run hello-world

Unable to find image ‘hello-world:latest’ locally

latest: Pulling from library/hello-world

1b930d010525: Pull complete

Digest: sha256:fc6a51919cfeb2e6763f62b6d9e8815acbf7cd2e476ea353743570610737b752

Status: Downloaded newer image for hello-world:latest

Hello from Docker!

This message shows that your installation appears to be working correctly.

COMMON QUESTIONS

Can we change the default docker settings?

It is important to note that the entire Docker configuration is located in the path: /var/lib/docker

For example, if we want to control the space used, we give daemon instructions to use another path:

{

    “data-root”: “/mnt/docker”,

    “storage-driver”: “overlay2”

}

What if the Docker client and server are on different machines?

Dockerd daemon by default communicates via a UNIX socket. For things to work, client and server must be on the same machine. That’s the fundamental part of Docker basics. In situations where client and server are on different machines, daemon has to be configured to work with TCP protocol. There is a big emphasis on remote connection security, and it is always recommended to use TLS certificates. If you want to configure a daemon process outside the default frames. It is important to note that daemon settings can be changed with systemd, flags during runtime and configuration file.

What about non-root user and Docker?

If we want to use non-root user to run Docker commands, user must be part of preinstalled Docker group.

Regular user does not have rights to execute Docker commands by default:

[admin@docker ~]$ docker run hello-world

docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/create: dial unix /var/run/docker.sock: connect: permission denied.

As a root user, we can run command to add a user to the docker group which is installed with Docker:

#usermod -aG docker admin

Log back as  admin user and run the command to run the image:

[admin@docker ~]$ docker run hello-world

Hello from Docker!

This message shows that your installation appears to be working correctly.

 

What if Docker connects to Internet via proxy?

If your Internet connection connects via proxy, you need to reconfigure the Docker. Docker daemon uses HTTP_PROXY, HTTPS_PROXY and NO_PROXY variables. Variables can be set via systemd or daemon.json. Since we are working with the CentOS operating system:

1) Create directory

  mkdir -p /etc/systemd/system/docker.service.d

2) If you use HTTP create following file

   touch /etc/systemd/system/docker.service.d/http-proxy.conf

    [Service]Environment=“HTTP_PROXY=http://proxy.example.com:80/”

3) If you use HTTPS create following file

touch /etc/systemd/system/docker.service.d/https-proxy.conf

[Service]

Environment=“HTTPS_PROXY=https://proxy.example.com:443/”4)     

4) Restart daemon process

# sudo systemctl daemon-reload

5) Restart docker engine

#systemctl docker restart 

6) Check new configuration

$ systemctl show –property=Environment dockerEnvironment=HTTPS_PROXY=https://proxy.example.com:443/  

Docker commands

Image search on Docker Hub

Signing up on the Docker Hub (https://hub.docker.com/) gives you the access to thousands of images uploaded by developers around the world. The Docker Hub is the default location where Docker downloads and pushes the images. By choosing an individual image (for example-mysql we get more detailed information)

Image search on Docker client

We can also do the search on the machine where we installed the Docker. Note that non-root must be part of the docker group in order to successfully execute Docker commands. For example, if we want to search all the image related to apache we run:

[root@docker ~]# docker search apache

NAME                               DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED

httpd                              The Apache HTTP Server Project                  2897                [OK]

tomcat                             Apache Tomcat is an open source implementati…   2659                [OK]

cassandra                          Apache Cassandra is an open-source distribut…   1101                [OK]

maven                              Apache Maven is a software project managemen…   992                 [OK]

solr                               Solr is the popular, blazing-fast, open sour…   736                 [OK]

apache/nifi                        Unofficial convenience binaries and Docker i…   166                                     [OK]

….

Image download

If we want to download image from Docker Hub, we use the Docker docker pull command. Log in to your account before running this command:

 [root@docker ~]# docker login

Login with your Docker ID to push and pull images from Docker Hub. If you don’t have a Docker ID, head over to https://hub.docker.com to create one.

Username:

Password:

Example includes downloading the apache package. Unless we specify which version we want, the latest version is implied. If we want a specific version we use the tag: docker pull httpd: 2.1

 [root@docker ~]# docker pull httpd

Using default tag: latest

latest: Pulling from library/httpd

68ced04f60ab: Downloading [===================================>               ]  18.97MB/27.09MB

35d35f1e0dc9: Download complete

8a918bf0ae55: Download complete

d7b9f2dbc195: Downloading [======================>                            ]  11.21MB/24.38MB

d56c468bde81: Waiting

List all images on local system

If Docker is installed on the local system for the first time, the local cache does not contain any images. In previous examples we downloaded two images: hello-world and httpd.  Handy command for listing all images on local system is docker images:

[root@docker ~]# docker images

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

httpd               latest              c5a012f9cf45        13 days ago         165MB

hello-world         latest              fce289e99eb9        14 months ago       1.84kB

Docker run image

We create containers with Docker command – docker run. The command first tries to retrieve the image locally and if it does’nt, it connects to the Docker Hub with command docker pull. Because we already have an httpd container in the local repository, we can run:

[root@docker ~]# docker run httpd

AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message

AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message

[Tue Mar 10 14:30:25.723694 2020] [mpm_event:notice] [pid 1:tid 140666623128704] AH00489: Apache/2.4.41 (Unix) configured — resuming normal operations

[Tue Mar 10 14:30:25.724856 2020] [core:notice] [pid 1:tid 140666623128704] AH00094: Command line: ‘httpd -D FOREGROUND’

Notice that container has started at your terminal as a process, and we can stop it with Ctrl + C.

If we want the container to run as a background process, we start it with d switch:

[root@docker ~]# docker run -d httpd

2e2ab02a9ae604c2063dae850ab5c9c21fbd559b2e7e4729d6bddf321c1878a1

Verify with docker ps:

[root@docker ~]# docker ps

CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS              PORTS               NAMES

2e2ab02a9ae6        httpd               “httpd-foreground”   30 seconds ago      Up 29 seconds       80/tcp              mystifying_bose

Each container starts with a name. If no name is given, the docker automatically generates it for you:

docker run –name my-httpd httpd

If we want to start the container and automatically access its terminal we use switches  i and i:

#docker run –name my-httpd –it httpd / bin / bash

[root@docker ~]# docker run –name httpd -it httpd /bin/bash

root@ee06c85526d1:/usr/local/apache2#

Exit from container:

root@ee06c85526d1:/usr/local/apache2# exit

exit

[root@docker ~]#

Running commands inside container

When a container is already running, we can use command docker exec CONTAINERID COMMAND to run commands inside container itself:

[root@docker ~]# docker exec b6a06aafad74 cat /etc/hostname

b6a06aafad74

Instead of CONTAINERID we can use container name:

[root@docker ~]# docker exec httpd cat /etc/hostname

b6a06aafad74

Managing container

To have a list of active containers use command docker ps:

[root@docker ~]# docker ps

CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS              PORTS               NAMES

da1e2ac6d8f5        httpd               “httpd-foreground”   8 minutes ago       Up 8 minutes        80/tcp              quizzical_thompson

b6a06aafad74        httpd               “httpd-foreground”   11 minutes ago      Up 11 minutes       80/tcp              distracted_austin

Output contains CONTAINER ID, IMAGE, COMMAND, STATUS and PORTS.

CONTAINERD is the universal container identification, IMAGE is the name of the image used at startup, COMMAND describes the command that was started at startup, STATUS shows the current uptime and PORTS shows exposed ports.

All inactive and stopped containers we can list with switch a:

[root@docker ~]# docker ps -a

CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS                         PORTS               NAMES

da1e2ac6d8f5        httpd               “httpd-foreground”   10 minutes ago      Up 10 minutes                  80/tcp              quizzical_thompson

b6a06aafad74        httpd               “httpd-foreground”   13 minutes ago      Up 13 minutes                  80/tcp              distracted_austin

bfdc2119b82f        httpd               “/bin/bash”          14 minutes ago      Exited (0) 14 minutes ago                          httpd1

ee06c85526d1        httpd               “/bin/bash”          17 minutes ago      Exited (127) 16 minutes ago                        httpd

….

To analysed inactive container content we use command docker inspect:

 [root@docker ~]# docker inspect httpd

[

    {

        “Id”: “ee06c85526d16fa2095d9d9ffd104c14f87eb687bb593440a4b4f0ee712b434f”,

        “Created”: “2020-03-10T14:42:36.641384747Z”,

        “Path”: “/bin/bash”,

        “Args”: [],

        “State”: {

Container is stopped by command stop (gracefully) and kill (forcefully):

#Docker stop httpd

#Docker kill httpd

To restart stopped container we use command docker restart:

[root@docker ~]# docker restart my-httpd

my-httpd

[root@docker ~]# docker ps

CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS              PORTS               NAMES

da1e2ac6d8f5        httpd               “httpd-foreground”   17 minutes ago      Up 17 minutes       80/tcp              quizzical_thompson

b6a06aafad74        httpd               “httpd-foreground”   20 minutes ago      Up 20 minutes       80/tcp              distracted_austin

5e7b123825d5        httpd               “httpd-foreground”   27 minutes ago      Up 2 seconds        80/tcp              my-httpd

If we want to delete container permanently, command docker rm is the answer:

[root@docker ~]# docker stop myhttpd

Myhttpd

[root@docker ~]# docker rm myhttpd

myhttpd

Docker stop all containers

If we want to avoid stopping all containers individually, very useful command is docker stop $ (docker ps –q):

Let’s check the status of the active containers:

[root@docker ~]# docker ps

CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS              PORTS               NAMES

ee06c85526d1        httpd               “/bin/bash”          23 hours ago        Up 16 seconds       80/tcp              httpd

5e7b123825d5        httpd               “httpd-foreground”   23 hours ago        Up 1 second         80/tcp              my-httpd

Stop all containers:

[root@docker ~]# docker stop $(docker ps -q)

ee06c85526d1

5e7b123825d5

Check the active container status:

[root@docker ~]# docker ps

We can delete all unactive container with command docker rm $(docker ps –aq):

Check the status of inactive containers:

[root@docker ~]# docker ps -a

CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS                            PORTS               NAMES

da1e2ac6d8f5        httpd               “httpd-foreground”   23 hours ago        Exited (255) About a minute ago   80/tcp              quizzical_thompson

b6a06aafad74        httpd               “httpd-foreground”   23 hours ago        Exited (255) About a minute ago   80/tcp              distracted_austin

bfdc2119b82f        httpd               “/bin/bash”          23 hours ago        Exited (0) 23 hours ago                               httpd1

ee06c85526d1        httpd               “/bin/bash”          23 hours ago        Exited (127) 23 hours ago                             httpd

….

Delete all inactive containers:

[root@docker ~]# docker rm $(docker ps -aq)

da1e2ac6d8f5

b6a06aafad74

bfdc2119b82f

2e2ab02a9ae6

06a90042482f

09ca6391f786

3e65082c81bf

95102dc9969c

ddbb1eaf7fcd

0b5c8adf1bc8

Check:

[root@docker ~]# docker rm $(docker ps -aq)

We see that Docker stopping all commands is an easy task.

I hope you enjoyed this article. The following is a Docker storage setup.