Master Docker: From Basics to Advanced Container Management

Overview

Docker is an open‑source container engine written in Go and released under the Apache 2.0 license. It lets developers package applications and their dependencies into lightweight, portable containers that can run on any popular Linux host, effectively providing a form of virtualization.

Basic Concepts

Containers use sandbox isolation, have minimal performance overhead, and behave like independent apps on a phone.

Advantages

Simplify deployment : Package an app with all dependencies into a portable container and run it on any Linux machine.

Speed: Tasks that previously took days can be completed in seconds with Docker.

Cost savings: Reduce hardware expenses by leveraging shared resources and cloud environments.

Comparison with Traditional VMs

Containers start and stop in seconds, whereas VMs take minutes.

Containers consume megabytes of disk space; VMs consume gigabytes.

Performance is near‑native for containers, while VMs are slower.

A single host can run thousands of containers compared to dozens of VMs.

Architecture

Docker follows a client‑server (C/S) model and uses a remote API to manage containers. Images are the blueprint for containers, analogous to classes in object‑oriented programming.

Fundamental Technologies

Namespaces – provide isolation (user, mnt, network, uts, ipc, pid).

cgroups – control resource usage (cpu, blkio, device, freezer, memory).

UnionFS (aufs/overlayfs) – enable layered images.

Key Components

docker client – sends requests to the Docker daemon.

docker daemon – processes requests and manages containers.

docker registry – central repository for images.

Installation & Deployment

Prerequisites

Docker runs on 64‑bit CentOS 7 (kernel ≥ 3.10) or CentOS 6.5+ (kernel ≥ 2.6.32‑431).

Installation Commands

yum install docker -y          # install
systemctl start docker         # start
systemctl enable docker        # enable on boot

Basic Commands

docker search centos   # search images

Use a mirror (e.g., DaoCloud) to accelerate image pulls.

curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://d6f11267.m.daocloud.io
echo "{\"registry-mirrors\": [\"http://d6f11267.m.daocloud.io\"]}" > /etc/docker/daemon.json
systemctl restart docker

docker pull docker.io/ansible/centos7-ansible

for i in `docker search centos|awk '!/NAME/{print $2}'`;do docker pull $i;done

docker images

Command Reference

Container lifecycle

docker create          # create without starting
docker run             # create and start
docker stop            # stop (SIGTERM)
docker start           # start stopped container
docker restart         # restart container
docker rm              # remove container
docker kill            # send SIGKILL
docker attach          # attach to running container
docker wait            # block until container stops

Inspecting containers

docker ps              # list running containers
docker ps -a           # list all containers
docker inspect        # detailed info
docker logs           # view stdout/stderr
docker events         # real‑time events
docker port            # show port mappings
docker top             # show processes
docker diff            # show filesystem changes

Execution

docker exec -it CONTAINER_ID /bin/bash

Simple Practice

docker run -i -t docker.io/1832990/centos6.5 /bin/bash

-t allocate a pseudo‑TTY.

-i keep STDIN open.

-d run in background.

/bin/bash starts a shell inside the container.

Install MySQL inside the container, set it to start on boot, then commit the changes:

docker ps -l
docker commit -m "Add MySQL" -a "user" ID tag

Dockerfile Basics

Create a Dockerfile with instructions such as:

FROM 603dd3515fcc
MAINTAINER Docker xuel
RUN yum install mysql mysql-server -y
RUN mkdir /etc/sysconfig/network
RUN /etc/init.d/mysqld start

Build the image:

docker build -t "centos6.8:mysqld" .

Note: An image cannot exceed 127 layers. Use ADD to copy files, EXPOSE to declare ports, and CMD to define the default command.

Dockerfile Instructions

FROM – specify base image (must be first).

MAINTAINER – author information.

RUN – execute commands during build.

CMD – default command when container starts (last CMD wins).

ENTRYPOINT – executable that runs with optional CMD parameters.

USER – set user (default root).

EXPOSE – declare listening ports.

ENV – set environment variables.

ADD – copy files/directories (auto‑extract archives).

VOLUME – define mount points for persistent data.

WORKDIR – change working directory.

Storage

Data Volumes

Docker images consist of layered read‑only filesystems; a writable layer is added on top for each container. Persistent data (e.g., logs, databases) should be stored in data volumes that survive container removal.

docker run -i -t -v /mnt --name nginx docker.io/nginx /bin/bash

Mount a host directory into a container:

docker run -d -p 80:80 --name nginx -v /webdata/wordpress:/usr/share/nginx/html docker.io/sergeyzh/centos6-nginx

Data Containers

Create a container solely to hold data and share it with other containers:

docker create -v /mnt -it --name newnginx docker.io/nginx /bin/bash
docker run --volumes-from newnginx --name nginx1 -it docker.io/nginx /bin/bash

Volume Management

docker volume ls                     # list volumes
docker volume ls -f dangling=true    # list unused volumes
docker volume rm VOLUME_NAME          # remove a volume
# Remove container and its volume
docker rm -v newnginx

Networking

Docker provides several network drivers that determine how containers communicate with each other and the outside world.

Bridge (default)

Containers are attached to a virtual bridge docker0. They receive IP addresses from the bridge’s subnet and can communicate with each other. Port forwarding is implemented via iptables DNAT rules.

Host

Containers share the host’s network namespace, using the host’s IP address and ports while remaining isolated in filesystem and process space.

None

Containers get a network namespace but no network configuration; you must manually add interfaces and IPs.

Port Mapping

docker run -d -p 80 docker.io/sergeyzh/centos6-nginx   # random host port → container 80
docker run -d -p 80:80 docker.io/sergeyzh/centos6-nginx # host 80 → container 80