Research estimates that 75% of attacks against Web servers are entering through applications and not at the network level. And when a company makes even minor changes on its webs...
By: Omi Tewary | February 8, 2016
According to the docker’s website, “Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications.”
In simple words, it’s one of the methods to run and deploy your software application. Docker allows you to create lightweight “virtual machines”. Here lightweight virtual machines are nothing but docker containers.
Docker comes into two pieces:
- Docker engine: You need to install this in your system. Docker engine runs your application.
- Docker hub: It is a website and cloud service that allows everyone to share their docker images.
- Easily portable and hence good for distributed environment.
- Very less overhead compared to traditional VM.
- Doesn’t require extensive resources like VMs.
Docker engine provides virtual environment required by your application. It does not require computing resources to duplicate virtual hardware in guestOS unlike VMs that use computing resources of host OS.
Containers are where your application runs. You can create a container from the images (either created from scratch or pulled from docker hub) and then modify the image. It is equivalent of creating VM from a snapshot but way lighter than traditional VMs
For example, you can pull ubuntu image from docker hub, modify it by installing jenkins and your app with all of its dependencies. Then you can create a container from that image, which runs your app whenever it starts.
Docker allows you to expose specific ports of container from where it can expose its services. Containers have one big difference that separate them from VMs, they are designed to run a single process and don’t simulate a complete environment.
docker run [OPTIONS] IMAGE [COMMAND] [ARGUMENT]
Let’s pull an image from docker hub and create container from that image.
Pulling an image:
docker pull IMAGE:tag
Run a container
List out all the container
docker ps //list all active containers.
docker ps -a //list out all the containers.
Images are the way you save the state of your container. Images on docker are like snapshot of VMs and yet again they are much more lightweight!
To create an image you take one image and modify it to create a child image. This can be done either through a file (Dockerfile) that specifies a base image and required modifications, or live by “running” an image, modifying it and committing it.
To list out all the images use command,
Docker images have intermediate layers that allows each layer to be cached, hence allowing reusability and speed up the docker build process.
ssh into docker
To access the container you can use docker exec command
docker exec [option] $container_ID/$container_name [command]
Above command will create a new bash session in the running container. You can now install new stuffs into this container and take a snapshot of this container by creating image.
Modifying Existing Image
After accessing container with docker exec command you can install packages or set environment variables inside container
Here inside our container we are installing vim.
When you are done modifying your container you must exit by running the exit command. Once we exit the container, we need to find the container ID by running
docker ps -a
Commit the changes
docker commit [option] $container_ID new_name:tag
Now doing docker images will show your new image test vim
You cannot remove running container.Therefore you first need to stop container and then remove it using following command:
docker stop $container_ID
docker rm $container_ID
docker rmi $image_ID