My Learning Blog

Basic about Docker - 9/17/2024

VM vs docker

Docker was initially designed for Linux, and it works natively on Linux systems, Docker supports Windows and macOS through Docker Desktop, where runs Linux containers using a lightweight virtual machine(using a hypervisor layer with a lightweight Linux distro).

Disadvantages of VMs and advantages of Docker

In simple terms, Docker is like packing a small suitcase with just the essentials for a quick trip, while a VM is like moving your entire house to travel somewhere—it’s bigger, heavier, and takes longer to set up.

Docker’s architecture

Docker’s architecture is based on client-server communication, where the Docker client communicates with the Docker daemon to build, run, and manage containers. Here’s a breakdown of its main components:

Docker Engine is the overarching term for the Docker platform, which includes both the Docker client and daemon, as well as additional components that help manage containerization.

The Docker API is the communication layer between the client (CLI or external tools) and the Docker daemon. The API defines the commands that can be used to interact with the Docker Engine.

Docker CLI is the user-facing tool that sends commands to the Docker daemon via the API.

User -----> [Docker CLI] -----> [Docker API] -----> [Docker Daemon (Server)] -----> Containers, Images, Volumes, Network,etc.

Docker container vs process

A Docker container is very similar to a process, but with some important differences:

In summary, you can think of a Docker container as a highly isolated, lightweight process that includes everything needed to run an application.

Summary of Docker Workflow:

1.Write code → 2. Create Dockerfile → 3. Build image → 4. Run container → 5. Test/debug → 6. Push to registry (optional) → 7. Deploy to production → 8. Manage containers

Flie system

Docker uses UnionFS, a type of file system that allows multiple file system layers to be stacked on top of each other. This enables efficient use of storage by allowing shared, read-only layers while allowing specific writable changes in containers.

A Docker layer refers to a unit of data (changes made to the file system) in a Docker image, more like a checkpoint in a version control system (like Git commits):

Layers and Images

Container Layer (Writable)

How copy-on-Write mechanism works

When you run a container:

Diagram Update:

## Container's Writable Layer (Only modified files)

/etc/config (modified)

## Read-Only Layers from Image

Layer 3: Custom App (unchanged)
Layer 2: Libraries (unchanged)
Layer 1: Base OS (except /etc/config, which was copied)

Volumes (Persistent Storage)

Volumes are generally recommended for data that needs to persist across container lifecycles,they are portable.

Example of using a volume:

docker run -v myvolume:/app/data mycontainer

Bind Mounts:

Bind mounts are useful when you need direct access to host files, such as for development environments where you want the container to use files from your local machine.

Example of using a bind mount:

docker run -v /host/path:/container/path myapp
# This ensures data written to /container/path is persisted on /host/path.

Volumes are specifically created and managed by Docker. Bind mounts directly map to a host directory or file without Docker’s management.

Summary:

Basic Commands

Start container: docker run , docker start

# Creates and starts a new container from an image.
docker run -d -p 8080:80 --name mysql_latest mysql
# restarts a container that was previously created (and might have stopped)
docker start <container_name_or_id>

Debug CLIs

# view logs from a running or stopped container , you can use -f to follow the logs in real-time, or --tail to show the last few lines:
docker logs <container_name_or_id>
docker logs -f <container_name_or_id>
docker logs --tail 50 <container_name_or_id>
#  opens a shell inside the container where you can explore the file system
docker exec -it <container_name_or_id> /bin/bash
# check Running Processes
docker exec -it <container_name_or_id> /bin/bash
ps aux
# monitor Resource Usage (CPU, memory, network I/O) for running containers.
docker stats <container_name_or_id>