Containers - Docker, podman et al.
Info
This wiki entry is incomplete and is under construction.
Yet another blog post on containers? Why?
- Because I write for myself first, so that I can understand stuff better and come back to refer it in future.
- It is so easy to get lost in the the “container” ecosystem with a lot of acronyms and confusing naming schemes. I want to aggregate all information up to date as of writing.
- Attempt to see past the hype and give practical examples that makes it obvious.
Containers != Docker
Containers != Virtual machines
Containers are an abstraction that is better than that is provided by a "process" in Linux and more flexible and efficient than that provided by a virtual machine running its own redundant kernel.
Lets pick one tool - podman and try to run some containers and see what they can do.
Podman primer
Podman is a container management tool that replaces Docker by overcoming a few common shortcomings. Podman allows you to run containers without needing a daemon process owned by root or needing to be a root user. For our intent to learn the basics of containers, treat podman == docker.
Basics
Run it!
-i stands for interactive mode - to give you a shell once this container is started.
-t stands for tty - to give you a pseudo tty.
The ^ command would try to find the ubuntu:latest image locally, since it is not present, pulls it from one of the available container registries and then runs it. It then connects the user to the shell inside the container.
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
d51af753c3d3: Pull complete
fc878cd0a91c: Pull complete
6154df8ff988: Pull complete
fee5db0ff82f: Pull complete
Digest: sha256:747d2dbbaaee995098c9792d99bd333c6783ce56150d1b11e333bbceed5c54d7
Status: Downloaded newer image for ubuntu:latest
root@c3a7172fb543:/# uname -a
Linux c3a7172fb543 4.19.76-linuxkit #1 SMP Fri Apr 3 15:53:26 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Warning
Containers are ephemeral by default. Whatever we run in this root shell in the container will be lost when the container is stopped and restarted.
But, why?
The idea is to treat containers like cattle rather than pets. Always start new containers if you need something changed. Treat your infrastructure as code.
Container basic operations
| Action | Command |
|---|---|
| Run an interactive container | podman run -it ubuntu:latest |
| Run a container in foreground | podman run hello-world |
| Run a container in background | podman run -d hello-world |
| Show running containers | podman ps |
| Show containerID of recently ran container | podman ps -lq |
| View logs of a container | podman logs <container ID> |
| Stop a container | |
| Kill a container | |
| Show all containers(incl stopped) | |
| Give container a name | |
| Rename a container | |
| Inspecting the configuration of a container | |
| Execute a command inside a container |
Run it as a daemon(background)
Show running containers
-lq shows the container ID of the last container that was started(useful for scripting purposes)
View logs of a container
podman logs 299b36c035e196ea8d4244fb05a10990aaa437edeac581a956ad869222b4fad2
Hello from Docker!
.....
STOP a container
Kill a container
Show all your containers - even stopped ones
Give your container a name
Renaming your container
Inspecting the configuration of a container
Execute a command inside a container
Container crashed! What now?
Export a container filesystem to local
That was a controlled operation of containers using an images that we pulled from a registry like dockerhub. Lets understand how to work with images.
Images
List all images
Search for images
Pull an image to the host
Image tags
Interactively build an image
configuratively build an image with Dockerfile
Since this is important, lets understand using Dockerfiles in detail.