sudo apt install docker.io -y
sudo systemctl start docker
sudo systemctl enable docker
docker --version
There is a good chance that if you are not performing commands as the root user, ypu will be not be able to run
majority of the commands needed. if you run the example following command, you may experience an access issue connectig
to the Docker daemon
docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json: dial unix /var/run/docker.sock: connect: permission denied
To resolve this, add current user to the Docker group
sudo usermod -aG docker ${USER}
To activate these changes, restart computer or create new session for your current user
sudo su ${User}
Run the Docker ps command again to ensure that user changes were successfull
docker ps
docker pull <image_name>
docker build -t <image_name> .
docker run --name <container_name> -d -p <localPort>:<containerPort> <image_name>
-d - detach
-p - publish
docker stop <container_name>
docker stop <container_id>
docker kill <container_id>
docker kill <container_name>
docker start <container_name>
docker start <container_id>
docker restart <container_name>
docker restart <container_id>
docker images
docker ps
docker container ls
docker ps -a
docker container ls --all
docker tag <currentName>:<newName>
docker rm <container_name>
docker rm <container_id>
docker container rm <container_id>
docker container rm <container_name>
delete multiple containers at once
docker container rm <container_name1> <container_name2>
sudo docker rmi <image_name>
sudo docker rmi <image_container>
sudo docker image rm <image_name>
force delete - even if image IN_USE by a container
sudo docker image rm <image_name> -f
docker system prune -a
A Dockerfile is the text file that contains instructions on how to create a Docker image
The format of a Dockerfile is as follows:
# This is a comment
DIRECTIVE argument
- currently Dockerfile supports single line comments only
- Dockerfile are not case-sensitive. Even though the DIRECTIVE is case-insensitive, it is a best practice to write all directives in uppercase to distinguish them from arguments
- FROM
- LABEL
- RUN
- CMD
- ENTRYPOINT
A Dockerfile usually starts with the FROM directive. This used to specify parent image of our customer Docker image. Ubuntu, CentOS, Nginx and MySQL are some of examples for parent images. The FROM directive takes valid image name and a tag as arguments. If the tag is not specified, the latest tag will be used
FROM <image>:<tag>
FROM scratch
A LABEL is a key-value pair that can be used to add metadata to a Docker image. These labels can be used to organize the Docker images properly
LABEL <key>=<value>
LABEL maintainer=shenal@mydomain.com
LABEL version=1.0
LABEL environment=dev
to see existing LABEL
docker image inspect <image_name>
The RUN directive is used to execute commands during the image build time. This will create a new layer on top of the layer existing. The RUN directive used to install and update required packages
RUN <command>
RUN npm install
RUN apt-get update
RUN apt-get install nginx-y
RUN npm install && npm test
A Docker container is normally expected to run one process. A CMD directive as used to provide this default initialization command that will be executed when a container is created from Docker image. A Dockerfile can executes only one CMD directive. If there is more than one CMD directive in the Dockerfile, Docker will execute only the last one.
CMD ["executable", "param1", "param2", "param3", ...]
CMD ["echo", "Hello World"]
However, if we send any command-line arguments with docker container run image, these arguments will replace over the CMD command that we defined
Both RUN and CMD directives used to execute a shell command. The main difference between these two directives is that the command provided with RUN directive will be executed during the image build process, while the command provided with the CMD directive will be executed once a container is launched from the build image
Similar to the CMD directive, the ENTRYPOINT directive is also used to pammaarovide this default initialization command that will be executed when a container is created from the Docker image. The difference between the CMD directive and the ENTRYPOINT directive is that, unlike CMD directive, we cannot override the ENTRYPOINT command using the command-line parameters sent with docker container run command
NOTE:
--entrypoint flag can be sent with the docker container run command to override the default ENTRYPOINT of the image
We can use CMD directive with the ENTRYPOINT directive to provide additional arguments to the executable
ENTRYPOINT ["echo", "Hello"]
CMD ["World"]
Some other useful directives
- ENV Directive
- ARG Directive
- WORKDIR Directive
- COPY Directive
- ADD Directive
- USER Directive
- VOLUME Directive
- EXPOSE Directive
- HEALTHCHECK Directive
- ONBUILD Directive
The ENV directive is used to set the environment variables
ENV <key> <value>
ENV PATH $PATH:/usr/local/bin
# set multiple env variables
ENV PATH=$PATH:?usr/local/bin VERSION=1.0.0
the ARG directive is used to define variables that the user can pass at build time.
docker build -t <image>:<tag> --build-arg <varName>=<value> .
in Dockerfile
ARG <varname>
ARG USER
ARG VERSION
ARG directive can also have an optional default value defined. Unlike ENV variables, ARG variables are not accesble from the running container
the WORKDIR directive is used to specify the current working directory of the Docker container. Any subsequent ADD CMD COPY ENTRYPOINT and RUN directives will be executed in this directory.
WORKDIR /path/to/workdir
The COPY directive can be used to copy files and folders from the local filesystem to the Docker image during the build process.
COPY <source> <destination>
COPY . .
The ADD directive is also similar to the COPY but however in addition it allows us to use URL as the source parameter
ADD <source> <destination>
ADD http://localhost:3000/sample.txt /dir
Docker will use the root user as the default user of a Docker container. We can use the USER directive to change this default behavior and specify a non-root user as the default user of a Docker container
USER <user>
USER coderx
In Docker, the data generated and used by Docker containers will be stored within container filesystem. When w edelete the cotainer, all the data will be lost. to overcome this issue, Docker came up with the concept of volumes. Volumes are used to persist the data and share the data between containers
The VOLUME directive generally takes a JSON array
VOLUME ["/path/to/volume"]
# or we can specify a plain string with multiple paths:
VOLUME /path/to/volume1 /path/to/volume2
To check available VOLUME
docker container inspect <container>
docker volume inspect <volume>
The EXPOSE directivd is used to inform Docker that the container is listening on the specified ports at runtime.
EXPOSE <port>
EXPOSE 4000
However, the ports exposed with the EXPOSE directive will only be accessible from within the other docker containers. To expose these ports outside the Docker container, we can publish the ports with -p flag with the docker run command
Health checks are used in Docker to check whether the containers are running healthily. For example, we can use the health checks to make sure the application is running within the docker container
There can be only one HEALTHCHECK directive in a Dockerfile, If there is more than one, last one will take effect
HEALTHCHECK [OPTIONS] CMD command
HEALTHCHECK CMD curl -f http://localhost:3000/healthcheck || exit 1
HEALTHCHECK --interval=1m --timeout=2s --start-period=2m --retries=3 CMD curl -f http://localhost:3000/healthcheck
The ONBUILD directie is used in the Dockerfile to create a reusable Docker image that will be used as the base for another Docker image(as parent image).
ONBUILD <instruction>
ONBUILD ENTRYPOINT ["echo", "Running ONBUILD directive"]
<h3>Multi Stage Build</h3>