Linux Tips Weekly

- [Instructor] Containers offer a way of running an operating system in a controlled, confined space with much less overhead than a traditional virtual machine would require. There are a handful of technologies we can use to run containers on Linux, including Lexi and Docker. I'd like to spend a few minutes for this episode covering the basics of Docker on Linux. The container starts out with an image file representing the operating system that will run inside the container. This image contains most of an operating system. Most notably, the operating system in the image doesn't include a kernel. Containers use the host system's kernel and that means that containers on Linux can only be Linux containers, though we can run different distributions inside of containers. And for this reason, many popular containers are based on Alpine Linux, a very minimal distro that's well-suited to providing just the essentials and otherwise getting out of the way. To customize a container and control what state it has when it starts, we can write a Docker file containing commands telling Docker to do various configuration, and telling the operating system inside the container to perform certain tasks, like installing software, downloading files, or setting up some kind of configuration within the system. In many cases, we'll use standard predefined images paired with a Docker file to make customizations at launch, though we can create custom images with configurations, tools, and settings baked in. Both approaches are common and which one you use will be determined by how you need your deployment to operate. Unlike a traditional virtual machine, every time a Docker container starts up its state is returned to exactly what's contained in the image it starts from. Any changes made within the container while it runs are lost when the container stops running, unless those changes are committed to an image file. Docker containers can also be configured to start up with storage attached, giving us a way to allow the container to read and write information that will persist, and which can even be accessed by other containers at the same time. Containers allow us to modularize the services and applications, rather than running them on a monolithic server or VM. An application could be broken up into a variety of containers. For example, into an app server, a database server, and a container that handles storage. And each of these, if the application is designed correctly, can be scaled out in response to demand or easily moved to other hardware to reduce downtime if the host hardware needs to be maintained. Containers can provide some security benefits, but they're primarily a technology that gives us reproducibility, flexibility, and scalability. While it's common to use Docker directly, either for development or in production, it's also often used with an orchestration system, like Kubernetes, on top of it to manage containers and configurations. With that in mind, let's take a brief look at running a Docker container on Linux. Here on my Ubuntu system, I'll update my package lists and then I'll install Docker with apt install docker.io. On other distros the package may have a different name. For example, on Fedora or CentOS, you'd need to run dnf install docker instead. Once that's installed, I'll start the Docker service with systemctl start docker. To start up a Docker container, we'll need an image. And I can search for interesting ones with docker search and a search term. Some Docker containers are just a bare operating system and others are pre-configured with certain software, which lets us avoid having to do so much manual configuration in a Docker file. So for example, I can look for an image that's just Alpine Linux. And here I can see an official image that offers Alpine Linux. I could also search for one that includes Maria DB if I wanted to work with the database server. And here's a container that offers that. I've zoomed out a little here so we can see the formatting better. Here, I can see that this image is official. It's published by Docker themselves. To keep things simple here, I'll just get the Alpine image with docker pull alpine, and then I can use docker run to start a container using that image, and nothing happens. That's because the container only exists for as long as something's running inside it. Normally that would be a service or process or some software that waits for input to do something. We can also run specific programs inside of a container through the command line, which can be useful for development and troubleshooting. This, for example, will start the Alpine container and run the Almquist shell, the default shell in Alpine Linux, so we can look around inside the container. And here I am at the Ash prompt, and you can see that this Alpine container is running the Ubuntu kernel, even though it's Alpine Linux. I'll type Exit here and end the shell session, and then Docker will end this container. That's where I'll leave it for now. I encourage you to explore our other courses on Docker if you're interested to learn about deployment, configuration, or developing software with containerization in mind.