Lightweight process virtualizations, or containers, make use of Linux kernel cgroups and namespace support. A namespace abstracts a global system resource so that a process in that namespace appears to have its own isolated instance of a resource. Namespaces include filesystems, processes, network, and user IDs, among other things. In basic terms, cgroups allow us to allocate resources among user defined process groups.
Containers can orchestrate via network sockets and can mount data volumes on the host system. It is common to use Docker volumes to write data from the container to the host, so little data needs to be written to the container itself. However, keeping data inside the container is also possible using Docker storage drivers. From the different storage drivers available to Docker, overlay2, which uses the kernel's OverlayFS support, is the default storage as it is the one that provides the best performance and stability.
Docker also provides the following features:
- Application portability
- Automated builds using Dockerfiles
- Git-style versioning
- Reusable containers and a public registry (https://hub.docker.com/) for third party containers
Let's see some common Docker commands. To query the Docker daemon, use the following:
$ docker info
To run a new container, do the following:
$ docker run [-d] [--rm] [-i] [-t] <image> <command> <arguments>
In the previous example:
- image is the name of the container image to run
- command is the command to be passed to the container
- arguments are the command's arguments
The options shown have the following meaning:
- -d detaches from the container and leaves it running on the background
When running on the foreground,
- -i keeps stdin open even when not attached
- -t allocates a pseudo-tty
Both (-it) are needed when running an interactive process like a shell.
- --rm cleans up the container and removes the file system on exit. Otherwise they are kept
To list Docker containers, use the following command:
$ docker ps -a
To attach to a running container, use the following command:
$ docker attach <container_name>
To stop and remove containers, use the following commands:
$ docker stop <container_id>
$ docker rm <container_id>
Both container_name and container_id can be obtained from the preceding docker ps command.