What is docker? (src)
Docker is the world’s leading software container platform.
Developers use Docker to eliminate “works on my machine” problems when collaborating on code with co-workers.
Operators use Docker to run and manage apps side-by-side in isolated containers to get better compute density.
Enterprises use Docker to build agile software delivery pipelines to ship new features faster, more securely and with confidence for both Linux and Windows Server apps.
What is a Container?
Using containers, everything required to make a piece of software run is packaged into isolated containers.
Unlike VMs, containers do not bundle a full operating system – only libraries and settings required to make the software work are needed. This makes for efficient, lightweight, self-contained systems and guarantees that software will always run the same, regardless of where it’s deployed.
But docker needs kernel headers… so i guess it is compiling/needs a kernel module?
- containers harddisk space once used – does not shrink!? (unless you export/import)
- i would understand this if all files were in ONE FILE but they are NOT, i really do NOT understand, that when you copy a large file into your container and delete it from the container… the harddisk space is still in USE!
- exporting containers takes 3x times the harddisk space it needs for a container
- so if you have a container that uses 50GBytes of harddisk space and your harddisk is only 100GBytes you are screwed! you can not migrate your docker container to a bigger harddisk by commit and save.
- fail2ban / iptables does not work!?
- not in the container and not on the host!?
- more strange problems: “can’t remove directory” under certain conditions
it seems the docker-complexity is going south!
the concept is great – similar to OpenVZ increasing server density even more – (hardware -> virtualization -> container) but i am seriously thinking about not using it again for exactly those issues.
su; # become root apt-get install linux-headers-$(uname -r); # install kernel headers apt-get remove docker docker-engine docker.io; # make sure old version is removed if installed apt install lsb-release software-properties-common apt-transport-https; # install software add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" wget -q https://download.docker.com/linux/debian/gpg -O- | apt-key add - apt-get update apt-get install docker-ce apt-cache madison docker-ce; # show all available docker verions apt-get install docker-ce=17.03.2~ce-0~debian-stretch; # install specific docker version docker -v; # show installed docker version # enhance security
non root user usage
in order to allow non-root users to use docker add them to the group „docker“
# create group docker groupadd docker # add user username to group docker usermod -aG docker username
re-login to activate changes. non-root user username should be able to run:
docker run hello-world; # download and run image hello-world
looks like this
docker run hello-world Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://cloud.docker.com/ For more examples and ideas, visit: https://docs.docker.com/engine/userguide/