part 1 - what is a container and how do I use it
What is docker
Docker is a tool which makes managing containers much easier.
What is a container?
Think of it as a “very lightweight virtual machine”. Note, that unlike virtual machines a countainer should only have 1 application running inside.
Why should I use containers?
- clean environment
Which means no problems with “it doesn’t work on my machine”.
If it works on one machine, it probably works on all machines.
If you ever had to handle an application that was deployed directly to a server by someone else, you know the pain of not knowing anything about the setup. Does it use cron jobs? Is this old directory used? This file has
deletemein the name, but is clearly being used? Dockerfile provides a clear way to build environment, which also serves as a documentation.
As you might notice, that’s a lot of
environment in one paragraph. In docker they are actually called
images, hence that’s what I’ll be calling them from now on.
How do I run containers?
The command is
docker run, but the interesting parts flags you can use:
-it- when you want your shell to be interactive
--rm- remove container after it exits (by default they stay on drive)
-e- sets environment variable inside container. Examples:
--name- sets name for container instead of randomly generated one.
-d- detached (run in background)
-p host:container- binds port from container to addr on host. Examples:
-p 127.0.0.1:2137:6969- bind container port 6969 to 127.0.0.1:2137 on host
-p 2137:6969- bind container port 6969 to 0.0.0.0:2137 on host
-v host:container- mount a directory from host into container during runtime. Examples:
-v $(pwd)/database:/var/lib/postgresql/data- binds
/var/lib/postgresql/datafrom container to
If anyone tells you that using
--privileged flag solved their problem - IGNORE THEM, THEY ARE DOING A HORRIBLE THING.
aditionally, you can specify command to run inside the container as an argument. This will override
CMD field form docker image.
$ docker run --rm -it ubuntu bash [email protected]:/# id uid=0(root) gid=0(root) groups=0(root)
It creates a simple temporary ubuntu container that auto-removes after.
Listing running containers
docker ps - lists running containers
docker ps -a - lists all containers (even stopped ones)
docker stop b3d55964e6da
Interacting with running container
docker exec is a similar command to
docker run, but it performs action on already running containers. Useful flags:
docker exec b3d55964e6da ps aux - lists processes inside container
docker exec -it b3d55964e6da bash - opens interactive shell inside container
Removing stopped container
docker rm b3d55964e6da
example usage of containers
$ ls -lha -rwxr-xr-x 1 root root 39K Mar 6 2020 unknown-binary $ docker run --rm -it -v $(pwd):/mnt ubuntu:latest bash [email protected]:/# apt update && apt install -y gdb [email protected]:/# cd /mnt [email protected]:/mnt# gdb ./unknown-binary
- creates temporary ubuntu container which auto-removes on exit
- mounts current working directory as
- opens bash inside container (all comands from now on are executed inside the container)
- installs gdb
- runs the binary under gdb
There are plenty more commands, but they are quite easy and simple to figure out on your own. Have fun experimenting!