Master Docker: From Basics to Advanced Deployment and Networking

Overview

Docker is an open‑source container engine written in Go and released under the Apache 2.0 license. It lets developers package applications and their dependencies into lightweight, portable containers that run on any Linux host, offering low‑overhead virtualization.

Key advantages include simplified packaging, rapid startup (seconds vs. minutes for VMs), reduced resource consumption (thousands of containers per host), and seamless integration with cloud environments.

Comparison with Traditional VMs

Containers start and stop in seconds.

Minimal system resource usage; thousands of containers can share a single host.

Simple image distribution using Docker commands.

Dockerfile enables automated image creation.

Containers consume negligible extra resources, preserving application performance.

Built‑in security features such as namespaces, cgroups, and image signing.

Installation & Deployment

Prerequisites

Docker runs on 64‑bit CentOS 7 (kernel ≥ 3.10) or CentOS 6.5+ (kernel ≥ 2.6.32‑431).

Install Docker

yum install docker -y          # install
systemctl start docker         # start
systemctl enable docker        # enable on boot

Basic Commands

docker search centos   # search images

Configure a faster mirror for image pulls:

curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://d6f11267.m.daocloud.io
# writes {"registry-mirrors": ["http://d6f11267.m.daocloud.io"]} to /etc/docker/daemon.json
systemctl restart docker

Container Operations

docker create               # create without starting
docker run                  # create and start
docker stop                  # stop container
docker start                # start stopped container
docker restart              # restart container
docker rm                   # remove container
docker kill                 # send SIGKILL
docker attach               # attach to running container
docker wait                 # block until container stops

Image Management

docker images               # list local images
docker pull docker.io/ansible/centos7-ansible
for i in `docker search centos|awk '!/NAME/{print $2}'`; do docker pull $i; done
docker inspect ID           # view detailed info
docker push ID              # upload image

Dockerfile Basics

Create a Dockerfile with the required instructions:

FROM 603dd3515fcc
MAINTAINER Docker xuel
RUN yum install mysql mysql-server -y
RUN mkdir /etc/sysconfig/network
RUN /etc/init.d/mysqld start

Build the image:

docker build -t "centos6.8:mysqld" .

Dockerfile Instructions

FROM : specify base image (must be first).

MAINTAINER : author information.

RUN : execute commands during build.

CMD : default command when container starts (only last CMD is used).

ENTRYPOINT : executable that runs when container starts; can combine with CMD for default arguments.

USER : set user for container processes.

EXPOSE : declare ports to be exposed.

ENV : set environment variables.

ADD : copy files/directories or remote URLs into the image.

VOLUME : define mount points for persistent storage.

WORKDIR : change working directory for subsequent instructions.

Image Import/Export

docker save -o centos6.5.tar centos6.5
docker export f9c99092063c > centos6.5.tar
docker load --input centos6.5.tar
# or
docker load < centos6.5.tar

Removing Containers

docker rm -v newnginx   # remove container and its volumes

Storage

Data Volumes

Data volumes persist beyond container lifecycles. Mount a host directory into a container:

docker run -i -t -v /mnt --name nginx docker.io/nginx /bin/bash

Or map a host path to a container path:

docker run -d -p 80:80 --name nginx -v /webdata/wordpress:/usr/share/nginx/html docker.io/sergeyzh/centos6-nginx

Data Containers

Create a container that only provides a volume, then share it with other containers:

docker create -v /mnt -it --name newnginx docker.io/nginx /bin/bash
docker run --volumes-from newnginx --name nginx1 -it docker.io/nginx /bin/bash

Volume Management

docker volume ls                     # list volumes
docker volume ls -f dangling=true    # list unused volumes
docker volume rm VOLUME_NAME         # remove a volume

Networking

Docker provides several network drivers that define container communication.

Bridge (default)

Containers on the bridge network can communicate with each other; external access requires port mapping.

Host

Containers share the host's network namespace, using the host's IP and ports.

None

Containers have a network namespace but no network configuration; users must set up interfaces manually.

Port Mapping

docker run -d -p 80:80 docker.io/sergeyzh/centos6-nginx   # map host port 80 to container port 80

Use -p to map a random high‑port or a specific host port to a container port.

-p parameter maps a host port to a container port.

Inspecting Networks

docker network ls        # list networks
docker inspect CONTAINER_ID   # view network settings, IP addresses