Docker for newbies

 · 6 min read
 · Mikhail K
Table of contents

Read in Russian 🇷🇺


karpov_logo Few years ago when I first time met with the NAS I discovered cool technology which I didn't use before. I was interested in new services, smart home, extend functionality of NAS up to 200% and it was possible only with the docker, because there aren't many native apps in a build-in app center. Also docker allowed to install all what I want without impact to host system. That fact makes possible any experiments without fear broke something. But what was the problem? .. I totally didn't know docker :)

Knowledge for free

Guys from karpov.courses made a great course for everyone. You no need programming skills, knowing bash or something else, it suits for absolutely everyone. Nevertheless it comprehensively describes docker from different sides. Despite of I learnt docker by this years I discovered some insights for instance how to set up container with separate IP address. I would be happy to find this valuable course at the beginning of my learning path because it tells topic by topic in a simple form. Special thanks to Anton Sidorin as an author.

Course highlight's

Before starting observe what new things I dig from course I have to announce: That things attracted me, not you, so perhaps you will find useful something else.

Basic

1. Bash tips

It doesn't directly refer docker functionality, but it shows how quickly you can stop all running containers for 1 step.

docker stop $(docker ps -q)

Similar you can delete all containers

docker rm $(docker ps -qa)

Redirecting logs to file it's also typical for bash through the > / >> operator, but I didn't think about it in that context.

2. ENTRYPOINT command vs. CMD

I don't know why I was stuck with this command and didn't see to the documentation where is pretty clear description. So I refer to it.

Both CMD and ENTRYPOINT instructions define what command gets executed when running a container. There are few rules that describe their co-operation.

  • Dockerfile should specify at least one of CMD or ENTRYPOINT commands.
  • ENTRYPOINT should be defined when using the container as an executable.
  • CMD should be used as a way of defining default arguments for an ENTRYPOINT command or for executing an ad-hoc command in a container.
  • CMD will be overridden when running the container with alternative arguments.

3. Multi build

Good feature to split your build into several steps for reducing size of your final image or for reusing this step in a next stages.

FROM <image> AS builder
. . .


FROM <image> 
. . .
COPY --from=builder <path_from_builder> <path_to_current_build>

5. Volumes difference

There are 2 types of volumes:

  • Bind mount
  • Volumes

Before this course it was strange for me for what volumes might be use. But let's look to the docs again. Volumes have several advantages over bind mounts:

  • Volumes are easier to back up or migrate than bind mounts.
  • You can manage volumes using Docker CLI commands or the Docker API.
  • Volumes work on both Linux and Windows containers.
  • Volumes can be more safely shared among multiple containers.
  • Volume drivers let you store volumes on remote hosts or cloud providers, to encrypt the contents of volumes, or to add other functionality.
  • New volumes can have their content pre-populated by a container.
  • Volumes on Docker Desktop have much higher performance than bind mounts from Mac and Windows hosts.

So now I'll easily make a decision what to use. If it some persistent data generated by container which you don't plan to manage by yourself - select volumes, otherwise bind mount best chose for external files which should be in container.

Read only flag is another cool feature of volumes.

docker run -d \
  --name=nginxtest \
  -v nginx-vol:/usr/share/nginx/html:ro \
  nginx:latest

4. Making images from running state of other container

I have never met real case where to use it. But perhaps as an alternative to rebuilding each time images you can run it and install some additional packages, modify files, fix bugs and then create once "snapshot" of this container as an new image.

docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]

Networks

The most interesting part for me was a network section. Compare with other parts I knew less and exactly this fact motivated me to pass entire course.

1. Addressing to container by name if using custom network

Do you want to discover IP address of each container for setting it to another? Not me and docker provides build-in DNS resolver. Just set container name via attribute --name <container_name> and access to it by name. Really cool, is't it?

2. Using multiple networks by one container

Not obvious thing, but it is. Nothing to tell more.

3. Giving container external IP address

That what I need for several times. Hope I will explain it in details in separate article, but wor now just mention cases:

  • Using Ad Blocking instruments (AdGuard, PiHole etc.) and external DNS Server can't co-exists on the same host because of ports conflicts. But what should I use then? Virtual Machine helped to resolve the problem before, but now I can assign external IP for container.
  • What if you want to use VPN or IPS provider for special container, but not to entire host? Yeah, external IP for container helps me again.

I was confused a little bit about what attributes according official tutorial should I fill to achieve my goal.

docker network create -d macvlan \
  --subnet=192.168.1.0/24 \
  --gateway=192.168.1.1 \
  -o parent=ovs_eth0 \
  my-macvlan-net

Pay attention that you will use IP ranges of your current network, so it might be conflicts there. You also need to specify the parent, which is the interface the traffic will physically go through on the Docker host (unfortunately there is a bug with MacOS). You can find appropriate via ifconfig command (see those where assign real IP.)

YAML notation

Previously I didn't think about YAML as a format. I mean that I didn't understand it as a format with the rules. It seems like habitual text file, where you are able to write whatever you want, almost. For instance others formats will be broken if you will make a mistake somewhere but YAML doesn't seem to other as I thought, but I was mistaken. And course shown the basics, rules, structure etc. It was surprisingly to see how data structures like list was implemented in a native form.

One more feature with anchors of YAML was explained on Airflow docker compose file, it is a perfect bullseye. Real and practical example for me, because of when I opened this first time, I was confused what was that and I tried to find out in ... docker documentation. For sure there is nothing there.

DRY principle in action: Anchor - & Alias - <<: *

definitions: 
  steps:
    - step: &build-and-test
        name: Build and test
        script:
          - mvn package
        artifacts:
          - target/**

pipelines:
  branches:
    develop:
      - step: *build-and-test
    master:
      - step: *build-and-test

Summary

After all maybe I didn't know docker as well as I thought, because of it's too much useful insights was appears for me. And there are tons of other feature which I don't know yet. But I suppose it's all because course was really great. Check it out yourself!