Skip to content

Docker

Jump to bottom
Brandon Elam Barker edited this page Feb 26, 2019 · 1 revision

Docker is an open-source management system for Linux containers, enabling applications to be made portable, modular and easily distributable even if the constituent components are somewhat complexly configured. Thus, Docker should be considered as an indispensable tool for reproducible science. When using Dockerfiles for specifying application/container configuration, compared to Nix expressions, Docker is likely easier to use, but does not have as many safeguards for reproducibility. However, this can be slightly mitigated by snapshots at the expense of requiring much more storage. This should be viewed as a last resort, and Dockerfiles should be preferred over images for updating and distributing one's Docker application as they include the logic and all the steps for building an instance (even if some of those steps may be slightly ambiguous).

Docker on Aristotle

There is currently no support for running Docker containers directly in OpenStack, however, it is easy to use Docker with Aristotle; simply follow the Docker installation guide for whichever Linux distribution your instance is running.

Quick reference

  • Install an image from a docker repo, e.g., docker pull ubuntu

  • List images: docker images

  • Run an image with an ENTRYPOINT or CMD as a container and attach to it on the command line:

    docker run -dit my_image_name
docker ps

    Running docker ps should give you the container id; it should look vaguely like the following hexadecimal number: d84c02b7c7f9. Now use that in the following attach command:

    docker exec -it d84c02b7c7f9 /bin/bash

    You may run into terminal size issues; if so, the following workaround should help:

    $ docker exec -it foo /bin/bash
foo@649fb21d747c:~$ stty size
0 0
foo@649fb21d747c:~$ reset -w
foo@649fb21d747c:~$ stty size
24 80
foo@649fb21d747c:~$ # That was still wrong. Now resize the terminal to get a SIGWINCH.
foo@649fb21d747c:~$ stty size
69 208
foo@649fb21d747c:~$ exit
exit
$ docker exec -it foo /bin/bash # Try it again.
foo@649fb21d747c:~$ stty size
69 208
foo@649fb21d747c:~$ # Doesn't happen anymore for this session.

  • Run an image without an ENTRYPOINT or CMD; you must specify a command to run at the end of your docker run command, then attach to it - example follows:

    $ docker run -dit afd01a343b7b /bin/bash
1719336d1be012420f3e909795016e104d20089fa5e20c623998c560bdd9fa07
$ docker attach 1719336d1be012420f3e909795016e104d20089fa5e20c623998c560bdd9fa07
bash-4.3$ 
bash-4.3$ pwd
/envs

  • List running containers: docker ps.

  • List all containers (including stopped containers): docker ps -a

  • Build a docker image from a Dockerfile:

    docker build -t my_image_name -f MyDockerFile.in .

    Ideally, you want to assign a tag to the build that corresponds to the git commit hash that corresponds to that particular dockerfile by appending a : followed by the commit hash, like this:

    docker build -t my_image_name:08b7669a61ac991e2959c1702866ba93b812666e

    This will make it easier to understand exactly which code corresponds to a given image, which can be critical when debugging or when referencing particular code used for scientific purposes.

Data transfer

When possible, it is best to directly access host OS files using the VOLUME command in a dockerfile or the -v host_path:container_path during runtime to mount a host directory as a volume in the container. This avoids file transfer times. If you do need to transfer files, you can use docker cp from the host OS. Remote file transfer could be performed using standard file transfer utilities, such as sftp or Globus if they are properly configured in the container and the other remote systems that are involved.

Image maintenance

Keeping images updated

Generally it is not a good idea to run system upgrades (e.g., apt-get upgrade) on your image, but to instead pull the latest base image. Among others, this can wreak havoc on system configuration files that may have been altered in some intermediate image layer.

  • Using docker-compose (usually for multiple variations of an image): docker-compose build --force-rm --pull Note this requires a valid docker compose file.

Image cleanup

You may need to free up images that are no longer in use; you'll get more of these than you might think when trying to build or update your own images:

docker rmi $(sudo docker images -f "dangling=true" -q)

Image hosting

Aristotle Public Repositories

Resources

Docker on Windows

  • Windows 10 Containers - Currently allows you to use containers on your desktop (both Windows and Linux containers), but runs through Hyper-V virtualization rather than directly on the host kernel, as in Windows Server 2016.

Dockerfiles

Development Environments

  • Java/Scala/IntelliJ - Uses Nix for package management on top of a base Ubuntu system. Suitable for running locally on personal system or on a cloud system.

Biology

Statistics

  • Rocker - R language Docker containers; see also Bioconductor under Biology

References

  • Best Practices: 1 2
Clone this wiki locally