Docker basics images
A Docker image is the basic template for a Docker container. An image usually contains the OS and applications that readily installed. The Docker image is used to run the container, you can find many images with a variety of operating systems and software that has been installed in the Docker Hub https://hub.docker.com/.
Docker Container is an image which can be read and written to that runs on top of the Docker image. Docker is using the union-file-system as backend for the container, any changes that are made in the container will be saved in a new layer above the base image. The container is the layer where we install applications in. Each container that runs isolated in the host machine and therefore, provides a secure application platform.
Docker registry is a repository for Docker images. It provides public and private repositories. The public Docker registry is called the Docker Hub. Here we can push and pull our own images.
$ sudo docker info | grep Registr
Registry: https://registry.access.redhat.com/v1/
Insecure Registries:
Registries: registry.access.redhat.com (secure), docker.io (secure)$ sudo docker search rhel7.3
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/audricdhoest/rhel7.3-msssqlserver Microsoft SQL server 14 0
docker.io docker.io/shuiliuwusheng/rhel7.3ssh_userpasswd_admin 0
redhat.com registry.access.redhat.com/rhel7.3 This platform image provides a minimal run... 0
redhat.com rhel7.3-beta/rhel7.3 This platform image provides a minimal run... 0Point your browser to
https://hub.docker.com
and type search term on the search bar
Docker is pushing now for its Docker Store hub
❗ NOTE
Please read the Docker image documentation which often gives usefull hints how to run the given container and also explains the configuration options for authentication, data and security
Click on the Dockerfile link marked with red and it brings you to the Dockerfile source used for building this image
FROM debian:jessie-backports
# add our user and group first to make sure their IDs
# get assigned consistently, regardless of whatever dependencies get added
#RUN groupadd -r www-data && useradd -r --create-home -g www-data www-data
ENV HTTPD_PREFIX /usr/local/apache2
ENV PATH $HTTPD_PREFIX/bin:$PATH
RUN mkdir -p "$HTTPD_PREFIX" \
&& chown www-data:www-data "$HTTPD_PREFIX"
WORKDIR $HTTPD_PREFIX
# library for mod_http2
ENV NGHTTP2_VERSION 1.18.1-1
ENV OPENSSL_VERSION 1.0.2k-1~bpo8+1
.
.
.in GitHub project https://github.com/docker-library/httpd
❗ NOTE
Checking the Docker's image Dockerfile gives deep insight how the image was created and what extension and configuration options exist for it
Especially important parts are the ENV, EXPOSE and VOLUME directives
Now you can try to search for the official image of Apache HTTPD server image with docker command
$ sudo docker search -f "is-official=true" httpd
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/httpd The Apache HTTP Server Project 1032 [OK]$ sudo docker pull docker.io/httpd
Using default tag: latest
Trying to pull repository docker.io/library/httpd ...
latest: Pulling from docker.io/library/httpd
6d827a3ef358: Pull complete
b40da44b9cf6: Pull complete
82a159e7f9b4: Pull complete
2b315b9fb087: Pull complete
26ea4a6a7b74: Pull complete
68fbe3269d3a: Pull complete
23c8a2c49c5d: Pull complete
Digest: sha256:fc9b21c3faf2e1aa4cbe91d60df40a0d30ff151d8a5f5228d77fe5e0a18fa3c2$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/httpd latest 278cd55ca6c5 3 weeks ago 176.9 MBNow we are ready to run the official Docker image for Apache HTTPD
It is very simple to test of your Docker installation works well
$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
Trying to pull repository registry.access.redhat.com/hello-world ...
Trying to pull repository docker.io/library/hello-world ...
latest: Pulling from docker.io/library/hello-world
78445dd45222: Pull complete
Digest: sha256:c5515758d4c5e1e838e9cd307f6c6a0d620b5e07e6f927b07d05f6d12a1ac8d7
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://cloud.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/❗ NOTE
We did not pull the
hello-worldDocker image, but Docker was able to run it after pulling it automatically.
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/httpd latest 278cd55ca6c5 3 weeks ago 176.9 MB
docker.io/hello-world latest 48b5124b2768 3 months ago 1.84 kBWithout looking at the image options in its official documentation we try running it
$ sudo docker run -d docker.io/httpd
8eaef3aed126c23f94e57a5518acb73bc16f7bf3d316b0409f36771e3422f42bWe have executed Docker image as a new container in background -d option detaching
if from terminal
Let's see of the container is running
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8eaef3aed126 docker.io/httpd "httpd-foreground" 12s ago Up 10s 80/tcp naughty_mayerLet's see if container logs do not show problems by passing the CONTAINER ID to logs
Docker command
$ sudo docker logs 8eaef3aed126
AH00558:
httpd: Could not reliably determine the server's fully qualified domain name,
using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558:
httpd: Could not reliably determine the server's fully qualified domain name,
using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Mon Apr 17 22:32:03.210773 2017] [mpm_event:notice] [pid 1:tid 139691907590016]
AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations
[Mon Apr 17 22:32:03.211216 2017] [core:notice] [pid 1:tid 139691907590016]
AH00094: Command line: 'httpd -D FOREGROUND'There are issues, but it seem it is operational let's test if the Apache HTTPD is up and running in the container
$ sudo docker exec 8eaef3aed126 ps -ef | grep httpd
root 1 0 0 22:32 ? 00:00:00 httpd -DFOREGROUND
daemon 8 1 0 22:32 ? 00:00:00 httpd -DFOREGROUND
daemon 9 1 0 22:32 ? 00:00:00 httpd -DFOREGROUND
daemon 10 1 0 22:32 ? 00:00:00 httpd -DFOREGROUNDIt seems running well, so let's see what is the IP address of the container
$ sudo docker inspect 8eaef3aed126 | grep '"IPAddress":'
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",Let's check if the container is reachable
[user00@user00 ~]$ ping -c 3 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.052 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.064 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.052 ms
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.052/0.056/0.064/0.005 msLet's test if Apache works inside the container
[user00@user00 ~]$ curl http://172.17.0.3<html><body><h1>It works!</h1></body></html>Let's check what is inside the running container by executing interactive shell sessoin in the running container
$ sudo docker exec -it 8eaef3aed126 bash
root@8eaef3aed126:/usr/local/apache2# whoami
rootroot@8eaef3aed126:/usr/local/apache2# pwd
/usr/local/apache2root@8eaef3aed126:/usr/local/apache2# ps -efUID PID PPID C STIME TTY TIME CMD
root 1 0 0 22:32 ? 00:00:00 httpd -DFOREGROUND
daemon 8 1 0 22:32 ? 00:00:00 httpd -DFOREGROUND
daemon 9 1 0 22:32 ? 00:00:00 httpd -DFOREGROUND
daemon 10 1 0 22:32 ? 00:00:00 httpd -DFOREGROUND
root 98 0 0 23:09 ? 00:00:00 bash
root 105 98 0 23:10 ? 00:00:00 ps -efroot@8eaef3aed126:/usr/local/apache2# cat /etc/os-releasePRETTY_NAME="Debian GNU/Linux 8 (jessie)"
NAME="Debian GNU/Linux"
VERSION_ID="8"
VERSION="8 (jessie)"
ID=debian
HOME_URL="http://www.debian.org/"
SUPPORT_URL="http://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"root@8eaef3aed126:/usr/local/apache2# envHTTPD_VERSION=2.4.25
HOSTNAME=8eaef3aed126
NGHTTP2_VERSION=1.18.1-1
HTTPD_PREFIX=/usr/local/apache2
PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/usr/local/apache2
SHLVL=1
HOME=/root
OPENSSL_VERSION=1.0.2k-1~bpo8+1
HTTPD_ASC_URL=https://www.apache.org/dist/httpd/httpd-2.4.25.tar.bz2.asc
HTTPD_SHA1=bd6d138c31c109297da2346c6e7b93b9283993d2
HTTPD_BZ2_URL=https://www.apache.org/dyn/closer.cgi?action=download&filename=httpd/httpd-2.4.25.tar.bz2
_=/usr/bin/envLet's type exit and see what happens
root@8eaef3aed126:/usr/local/apache2# exit
exit[user00@user00 ~]$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8eaef3aed126 docker.io/httpd "httpd-foreground" 43 min ago Up 43 min 80/tcp naughty_mayerNow let's stop the container and re-start the container
$ sudo docker stop 8eaef3aed126
8eaef3aed126
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
$ sudo docker restart 8eaef3aed126
8eaef3aed126
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8eaef3aed126 docker.io/httpd "httpd-foreground" 48 min ago Up 2s 80/tcp naughty_mayerLet's stop the container then run it interactively and type CTRL-C after some time
$ sudo docker stop 8eaef3aed126
8eaef3aed126
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
$ sudo docker run -ti docker.io/httpd
AH00558:
httpd: Could not reliably determine the server's fully qualified domain name,
using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name,
using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Mon Apr 17 23:24:11.856018 2017] [mpm_event:notice] [pid 1:tid 140305631307648]
AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations
[Mon Apr 17 23:24:11.856580 2017] [core:notice] [pid 1:tid 140305631307648]
AH00094: Command line: 'httpd -D FOREGROUND'
^C[Mon Apr 17 23:25:03.803799 2017] [mpm_event:notice] [pid 1:tid 140305631307648] AH00491: caught SIGTERM, shutting down
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES❗ NOTE
When running a container interactively without
-doption and sending SIGTERM signal, e.g.CTRL-Cyou shutdown the container completely
Let's do it again but with CTRL-P-Q instead
$ sudo docker run -ti docker.io/httpd
AH00558:
httpd: Could not reliably determine the server's fully qualified domain name,
using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name,
using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Mon Apr 17 23:30:29.279463 2017]] [mpm_event:notice] [pid 1:tid 140305631307648]
AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations
[Mon Apr 17 23:30:29.279617 2017] [core:notice] [pid 1:tid 140305631307648]
AH00094: Command line: 'httpd -D FOREGROUND'
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5e1ce44345bf docker.io/httpd "httpd-foreground" 9s ago Up 8s 80/tcp furious_minskyContainer is still running!
Let's restart the other container!
$ sudo docker restart 8eaef3aed126
8eaef3aed126
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5e1ce44345bf docker.io/httpd "httpd-foreground" 7 min ago Up 7 min 80/tcp furious_minsky
8eaef3aed126 docker.io/httpd "httpd-foreground" 59 min ago Up 2s 80/tcp naughty_mayerLet's test both of them and let's use docker network inspect command to see IP address in the "Containers" section
$ sudo docker network inspect bridge
...
"Containers": {
"5e1ce44345bf64139d48b0e35e054a1430fef6d4c9a6e27fb75e39316f06cc12": {
"Name": "furious_minsky",
"EndpointID": "638b2c78b10a78038ced2237c7173aef705e9e1e9dbfc844269e8458d272b9d9",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"8eaef3aed126c23f94e57a5518acb73bc16f7bf3d316b0409f36771e3422f42b": {
"Name": "naughty_mayer",
"EndpointID": "c5155fd3a43d57340a83e61693391fffb34323d8dcd9a446b8dd3dcf6a8d4ee5",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
}
},
...$ curl -s 172.17.0.3<html><body><h1>It works!</h1></body></html>$ curl -s 172.17.0.4<html><body><h1>It works!</h1></body></html>Login into secure private Docker training registry
$ sudo docker login training.rcconsult.biz:5000
Username: xxxxx
Password: yyyyy
Login SucceededThis is Docker image registry V2 API, work in progress, search API not available yet.
We can see what is inside with curl
$ curl -u xxxx:yyyy https://training.rcconsult.biz:5000/v2/_catalog{
"repositories": [
"dgsi/priv-registry",
"dgsi/rhel"
]
}Let's pull an image
$ sudo docker pull training.rcconsult.biz:5000/dgsi/priv-registry:2
Trying to pull repository training.rcconsult.biz:5000/dgsi/priv-registry ...
2: Pulling from training.rcconsult.biz:5000/dgsi/priv-registry
12a7970a6783: Pull complete
bb9291d659e1: Pull complete
4ab866128436: Pull complete
b02e22b09c92: Pull complete
80702e2b70f6: Pull complete
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
training.rcconsult.biz:5000/dgsi/priv-registry 2 136c8b16df20 11 days ago 33.17 MBLet's logout and pull the second image
$ sudo docker logout training.rcconsult.biz:5000
Remove login credentials for training.rcconsult.biz:5000
$ sudo docker pull training.rcconsult.biz:5000/dgsi/rhel
Using default tag: latest
Trying to pull repository training.rcconsult.biz:5000/dgsi/rhel ...
Pulling repository training.rcconsult.biz:5000/dgsi/rhel
Error: image dgsi/rhel:latest not foundWe do not have any valid authentication for the registry so the message tells us it did not find an image, but it can't see it without a valid authentification or OAuth token.
Let's login again
$ sudo docker login training.rccosnult.biz:5000
Username: xxxxx
Password: yyyyy
Login SucceededLet's pull again
$ sudo docker pull training.rcconsult.biz:5000/dgsi/rhel
Using default tag: latest
Trying to pull repository training.rcconsult.biz:5000/dgsi/rhel ...
latest: Pulling from training.rcconsult.biz:5000/dgsi/rhel
d6f8da31915a: Pull complete
6ee1a99f85dd: Pull complete
Digest: sha256:e28cf6aa8cffe703f833b690fe3f50ff86a30451ee1d9601faac7b6c4ee8c991
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
training.rcconsult.biz:5000/dgsi/rhel latest 59fd232b7e05 12 days ago 192.7 MBLet's archive our Apache HTTPD image in the private registry
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/httpd latest 278cd55ca6c5 3 weeks ago 176.9 MB
$ sudo docker tag 278cd55ca6c5 training.rcconsult.biz:5000/dgsi/httpd:user00
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/httpd latest 278cd55ca6c5 3 weeks ago 176.9 MB
training.rcconsult.biz:5000/dgsi/httpd user00 278cd55ca6c5 3 weeks ago 176.9 MB
$ sudo docker push training.rcconsult.biz:5000/dgsi/httpd
The push refers to a repository [training.rcconsult.biz:5000/dgsi/httpd]
73ff04cf8df5: Pushed
e70070ad9b01: Pushed
10cd1ea92057: Pushed
b7fac20846c1: Pushed
5789daa1c37d: Pushed
aa4c186185aa: Pushed
5d6cbe0dbcf9: Pushed
user00: digest: sha256:95c9b9867ef3e4016647e1749eeda40cf0fa897ab9fbf0f40929f0ed9a794c02 size: 1780$ curl -u dgsi:dgsi https://training.rcconsult.biz:5000/v2/_catalog{
"repositories": [
"dgsi/httpd",
"dgsi/priv-registry",
"dgsi/rhel"
]
}