csRina

2026-01-24 - LDIAMOL_2

| 2 min read

chapter 2:

  • docker run IMAGE
    • starts a container from an application package
    • if it cannot find the package locally it will download it
    • it will also run the application in the container it started
  • image: a container package
  • rerunning the same container will often result in it having different names and ip's
  • container
    • an isolated box within the same computer
    • isolated in the sense that it has its own virtual env like hostname ip and disk
    • this virtual env is managed by docker
  • density: running as many apps on a machine as possible to fully utilize its resources
  • density conflicts with isolation
  • VM's (container's predecessor) were also boxes
    • they were bulkier boxes each VM instance having its own OS
  • Containers use the machines' OS instead of having their own, they end up being leaner and more efficient
  • docker run --interactive --tty IMAGE
    • interactive: set up a connection to a container
    • tty: connect to a terminal session inside the container
  • docker container ls
    • lists running containers
    • container ID should match the machine's hostname
    • --all shows all containers even stopped and exited ones
      • exited container don't use up memory or cpu but do use up disk space, they don't get removed unless you remove them
  • docker container top CONTAINERID: same as top when connected to a machine (shows whats runnning in the continer)
  • docker container logs CONTAINER-ID
  • docker container inspect - details of a container, usefull for debugging
  • containers are exited once the application procss ends they don't keep running by themselves
  • docker run --detach --publish 8088:80 IMAGE
    • run a container in the background
    • container's port 80 goes to your machines port 8088
  • how containers' IP work:
    • Docker creates and manages a virtual network
    • it injects itself into the computer's network layer
    • nothing besides docker can directly access this virtual network
    • publishing it a port makes it acciessible
  • docker container states CONTAINER-ID - shows cpu, memory, network I/O
  • docker container rm --force - remove any containers even if they are running
  • docker container rm --force $(docker container ls --all --quiet) - tidy up and close any container still running at eod
  • docker cli -> docker api -> docker engine -> containerd -> OS
    • the api isn't always your machine, could be a remote machine
    • containerd: open source component overseen by the CNCF and OCI
  • CNCF: cloud native computing foundation
  • OCI: open container initiative

Lab:

  • can't use interactive mode with web app containers
  • docker container exec CONT-ID ls PATH - runs ls on the path inside the container
  • docker container cp LOCAL-FILE-NAME CONT-ID:/PATH/FILE-NAME - copies a local file into the running container