Containers - Docker, podman et al.
This wiki entry is incomplete and is under construction.
Yet another blog post on containers? Why?
- Because I write for myself first, so that I can understand stuff better and come back to refer it in future.
- It is so easy to get lost in the the “container” ecosystem with a lot of acronyms and confusing naming schemes. I want to aggregate all information up to date as of writing.
- Attempt to see past the hype and give practical examples that makes it obvious.
Containers != Docker
Containers != Virtual machines
Containers are an abstraction that is better than that is provided by a "process" in Linux and more flexible and efficient than that provided by a virtual machine running its own redundant kernel.
Lets pick one tool - podman and try to run some containers and see what they can do.
Podman is a container management tool that replaces Docker by overcoming a few common shortcomings. Podman allows you to run containers without needing a daemon process owned by root or needing to be a root user. For our intent to learn the basics of containers, treat podman == docker.
-istands for interactive mode - to give you a shell once this container is started.
-t stands for tty - to give you a pseudo tty.
The ^ command would try to find the ubuntu:latest image locally, since it is not present, pulls it from one of the available container registries and then runs it. It then connects the user to the shell inside the container.
Unable to find image 'ubuntu:latest' locally latest: Pulling from library/ubuntu d51af753c3d3: Pull complete fc878cd0a91c: Pull complete 6154df8ff988: Pull complete fee5db0ff82f: Pull complete Digest: sha256:747d2dbbaaee995098c9792d99bd333c6783ce56150d1b11e333bbceed5c54d7 Status: Downloaded newer image for ubuntu:latest root@c3a7172fb543:/# uname -a Linux c3a7172fb543 4.19.76-linuxkit #1 SMP Fri Apr 3 15:53:26 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Containers are ephemeral by default. Whatever we run in this root shell in the container will be lost when the container is stopped and restarted.
The idea is to treat containers like cattle rather than pets. Always start new containers if you need something changed. Treat your infrastructure as code.
Container basic operations
|Run an interactive container||
|Run a container in foreground||
|Run a container in background||
|Show running containers||
|Show containerID of recently ran container||
|View logs of a container||
|Stop a container|
|Kill a container|
|Show all containers(incl stopped)|
|Give container a name|
|Rename a container|
|Inspecting the configuration of a container|
|Execute a command inside a container|
Run it as a daemon(background)
Show running containers
-lqshows the container ID of the last container that was started(useful for scripting purposes)
View logs of a container
STOP a container
Kill a container
Show all your containers - even stopped ones
Give your container a name
Renaming your container
Inspecting the configuration of a container
Execute a command inside a container
Container crashed! What now?
Export a container filesystem to local
That was a controlled operation of containers using an images that we pulled from a registry like dockerhub. Lets understand how to work with images.
List all images
Search for images
Pull an image to the host
Interactively build an image
configuratively build an image with Dockerfile
Since this is important, lets understand using Dockerfiles in detail.