1. What is Docker ?

Docker is a containarization Platfrom using which we can package

our applications(code) & required softwares to run application in the form of
containers.

2. What is Docker Container?

Containers are the ready applications created from Docker Images or you can say
a Docker Container
is a running instance of a Docker Image and they hold the entire package needed
to run the application.

Sequence : Dokckerfile --> Image --> Container

Docker Image: It's package which will have all the required components like
application
code & softwares which are required to run application.

Base Images : Software images which contains some software.Like

ubuntu,centos,tomcat,mysql,jenkins ..etc.

Custom Images: We can create our own image using docker file on top of base image
which
can have application code + Softwares.

-> Write Dokckerfile:

FROM ubuntu:16.04
MAINTAINER "Your Name"
RUN apt-get update -y
RUN apt-get install nginx -y
COPY index.html /var/www/html
RUN service nginx start
EXPOSE 80

index.html:
<html>
<body style="background-color:powderblue;">
<h1 style="color:red;">MY FIRST DOCKER FILE</h1>
</body>
</html>

Docker Image commands

=====================

Image Commands
=============
# List Images

docker images

docker image ls

# Will return only image ids.

docker images -q

# Build Image

docker build -t <imageName> .

# If you have docker file with custom name using -f <fileName> while building
docker image.

docker build -f DockerfileMaven -t <imageName> .

Note: Image name should have repository details along with name and version.

# Private Repo: JFROG

docker build -t registry/repository:tag <docker build context>

Defautl Docker file Name: Dockefile

here "-t" is tag

Eg: docker build -t JfrogURL/folder:tag .

# Authenticate with JFROG

JFROG:

docker login -u <username> -p <password> <URL>

ex:

docker login -u admin -p admin <REPOURL>

ECR:

docker login -u <username> -p <password> 487587857192.dkr.ecr.ap-south-

1.amazonaws.com

# Push Docker Image to Repo

docker push <imageName>

# Downlod Image from repo

 docker pull <imageName>

Inspect Docker Image

==================

# Get more details about an image

docker image inspect <imageId/ImageName>

docker inspect <imageId/ImageName>

# Get Layers of an image/history of docker image

docker history <imageId/ImageName>

Delete Image
============

docker rmi <imageId/Name>

docker rmi -f <imageId/Name>

Note: We cann't remove images if there are running container for the image.We
cann't force delete images if there is running container.

If container is in stopped(exited) state we can force delete image for the stopped
container.

what is dangling images in docker?

The image which doesn't have repository mapping or tag.

# How to delete all the images?

docker rmi -f $(docker images -q)

# docker system prune

Will delete all stopped containers , unused docker networks and dangling
images.

# docker image prune

Will delete dangling images.

We can tag image with repo.

==========================

# We can use docker tag to tag images with multiple repo.

docker tag <ImageId/ExistingImageName> <ImageName>

# What is working directory of docker?

 /var/lib/docker

- Images live in /var/lib/docker/image.

- Containers live in /var/lib/docker/containers

===================================================================================
=======

How can we move/copy images from one server to another server with out repo?

In Source Server(where you have image)

# It save image(All the layers) as a tar file

docker save -o <fileName>.tar <imageName/Id>

Then SCP tar file from Source Server to Destination Server

# In destination server
docker load -i <fileName>.tar

===================================================================================
========

# List Dangling images

docker images -f dangling=true

#Remove Dangling Images

docker rmi $(docker images -f dangling=true -q)

# docker system prune

This will remove:

- all stopped containers
- all networks not used by at least one container
- all dangling images

# docker image prune

This will remove:

- all dangling images

# docker contianer prune

This will remove:

- all stopped containers

# docker network prune

This will remove:

- all networks not used by at least one container

# Building our own Image
Two Ways to create docker image:
1. docker "commit" (We can create docker image out of container)
2. docker "build" cmd with Dockerfile

# Creating docker image using "docker commit" command steps

- create container from ubuntu:16.04 image

- Install nginx manually in that container
- exit the container
$ exit
- create a docker image from the container
docker commit "docker-id/name" nginx:v1
- check if image has been created
docker images
- test your image by spinning-up a new container.
docker run -itd --name nginxcommit -P nginx:v1

Docker Container Commands:

=========================

# Command to create container:

docker run -d -it -p 8080:8080 --name <name-of-container> <image name>

-i: interactive mode : allows a session to remain open

-t: gives us a kind of terminal like an ssh connection into the container.
-it : provides interactive shell

what is port publish or port mapping in docker ? (-p option in docker run command)

If We have to access application which is running as container from out side of

docker we can't access using continerIP & ContainerPort. We can publish contianer
port using host port using -p or --publish.
So that we can access using HostIP(docker server IP) and Host Port from outside
docker.

List Running Containers

=======================

docker ps
docker container ls

List All Containers

==================

docker ps -a

docker container ls -a

List only running container ids

==============================

docker ps -q

docker container ls -q
List all container ids
==============================

docker ps -aq

docker container ls -aq

Start the container

===================
docker start <containerId/Name>

# Restart Container

docker restart <containerId/Name>

# Stop Container

docker stop <containerId/Name>

# Kill container

docker kill <containerId/Name>

# What is the difference b/w docker stop & docker kill?

docker stop will first send SIGTERM then SIGKILL it will kill process with
grace period. Docker kill send SIGKILL it will kill process with out any grace
period.

Inspect container
=================

docker inspect <containerId/Name>

docker container inspect <containerId/Name>

It will container if it is stopped.

docker rm <containerId/Name>

Force Remove If container is runing we can force remove

docker rm -f <containerId/Name>

How to delete only stopped containers

docker rm $(docker ps -aq --filter status="exited")

How to delete all containers

docker rm -f $(docker ps -aq)

How to trouble shoot or debug application which is running as a container?

# to see container logs

 docker logs <containerId/Name>
docker logs --tail <NoOflines> <containerId/Name>

# It will display process details which is runing inside a container.

docker top <containerId/Name>

# It will display resource(RAM,CPU) consumtion details.

docker stats <containerId/Name>

# Execute commands on a runinging container.

docker exec <containerId/Name> <cmd>

How to go inside a container?

docker exec -it <containerId/Name> /bin/bash

# Docker attach will attach container process or shell to host server

docker attach <containerId/Name>

===================================================================================
===
How to copy files from container to host system or host system to container?

docker cp

# Container to the system

docker cp <containerName>:</pathOftheContainerFile> <SystemPath>/<fileName>

# system to the Container

docker cp <SystemPath>/<fileName> <containerName>:</pathOftheContainerFile>

===================================================================================
=========

docker rename <ContainerId/NameOld> <NewName> ===> rename the container

# Using docker commit we can create image from the continer.

docker commit <containerId/Name> <imageName> ===> to create image from

container
 Dockerfile keywords

===================

FROM

MAINTAINER

COPY

ADD

RUN

CMD

ENTRYPOINT

WORKDIR

ENV

EXPOSE

USER

VOLUME

LABEL

ARG

FROM: --> FROM indicates from which base image,you want to create your own image.

ex:
FROM ubuntu (Only OS no Softwares)
FROM centos (Only OS no Softwares)
FROM tomcat:openjdk-8 (OS + Java+ Tomcat Sofwares)

MAINTAINER: --> It's just info about who is maintaining/created the docker file.
It's about author of dockefile.

ex: MAINTAINER "Name of the Author"

COPY: --> It can copy files from host/local system(Where u are building an image)
to image while creating an image.

Ex: COPY <sourceFilePath> <destinationPath>

ADD: --> It can copy files from remote http and https locations to docker image.

Ex: ADD <sourceFilePath> <destinationPath>

RUN --> RUN instruncation will execute commands.RUN commands or instructions will
be executed while creating an image on top of the previous layers(Image).
 EX:
RUN mkdir -p /opt/app
RUN tar -xvzf /opt/apache-tomcat-8.5.54.tar.gz

CMD --> CMD instruncation will execute commands. CMD commands or instructions will
be executed while creating a container.
CMD insturction can be used to start the process inside the container.

#Shell Form
CMD <commond with args>
#Executable Form
CMD ["commond" , "Arg1","Arg2"]

# Shell Form
CMD java -jar springapplication.jar.
# Executable form
CMD ["java", "-jar" , "springapplication.jar"]

ENTRYPOINT --> ENTRYPOINT configures a container that will run as an

executable.ENTRYPOINT is a command or script that is executed when you run the
docker container.

#Shell Form
ENTRYPOINT <commond with args>
#Executable Form
ENTRYPOINT ["commond" , "Arg1","Arg2"]

Please go through below points , these are most important :

What is difference b/w RUN & CMD?

RUN instructions will be executed while creating a image. CMD Instructions will be
executed while creating a
container.We can have more than one RUN keyword in a docker file. All the RUN
keywords will be processed while creating an image in the defined order(top to
bottom).

# Can we have more than one CMD in dockerfile?

Yes you can have. But only the last one/recent one in the order will be
proccessed while creating a container.

# Can we have both CMD & ENTRYPOINT in docker file?

Yes we can have both in a docker file. CMD instructions will not be executed
if we have both CMD & ENTRYPOINT.CMD instructions will be passed as an arguments
for ENTRYPOINT.

Q)What is difference between CMD & ENTRYPOINT ?

CMD can be overridden while creating a container.
ENTRYPOINT can't be overrridden while creating a contianer.

Q)Can we have both CMD & EntryPoint in a dockerfile?

Yes We can have both in a Dockerfile.If we have both CMD & EntryPoint.
CMD will be passed as an argument for ENTRYPOINT.

Difference between CMD and ENTRYPOINT:

CMD is mutable and ENTRYPOINT is immutable.

The ENTRYPOINT specifies a command that will always be executed when the container
starts.
If we have both CMD and ENTRYPOINT in the Dockerfile , CMD will append with
ENTRYPOINT .
If you want to make an image dedicated to a specific command you will use
ENTRYPOINT ["/path/dedicated_command"]
Otherwise, if you want to make an image for general purpose,
you can leave ENTRYPOINT unspecified and use CMD ["/path/dedicated_command"] as you
will be able to override the setting by supplying arguments to docker run.

EXPOSE: -->

The EXPOSE instruction informs Docker that the container listens on the specified
network ports at runtime.

The EXPOSE instruction does not actually publish the port. It functions as a type
of documentation between the person who builds the image and the person who runs
the container, about which ports are intended to be published. To actually publish
the port when running the container, use the -p flag on docker run to publish and
map one or more ports.

EXPOSE 8080

WORKDIR: --> We can set Working directory using WORKDIR key for image/container.

WORKDIR /usr/local/tomcat

ENV: --> It will set an environment varibale for an image.ENV variables can be
acessed while creating
image or with in container we can access.ENV is for future running
containers

ENV JAVA_HOME /usr/local/java

ENV CATALINA_HOME /usr/local/tomcat

USER: -->

The USER instruction sets the user name (or UID) and optionally the user group (or
GID) to use when running the image and for any RUN,
CMD and ENTRYPOINT instructions that follow it in the Dockerfile

Docker Networking

-----------------
One cotnainer can to talk to another container if both contaienrs are in same
docker network.

Docker has 3 types of networks by default.

# List Networks

docker network ls

1) bridge(default bridge)
2) host
3) none

bridge
default bridge
custom bridge

Custom bridge network:

In custom bridge network container to container communications can happen using

container IPs or Names(Host Names).

# Create Network

Syntax: docker network create -d <driver> <networkName>

->docker network create -d bridge springappnw (Creating custom bridge network)

->docker network inspect springappnw

->docker network rm <NetworkName> ==> remove network

->Add containers in the springappnw bride network

$docker run -itd --name=alpine1 --network=springappnw alpine

$docker run -itd --name=alpine2 --network=springappnw alpine

We can ping the alpine2 container from alpine1 container by using IP Address or
container name.

Here alpine1 container ip address is 172.18.0.2/16

alpine2 container ip address is 172.18.0.3/16

2)Host:

we are attching container to host network , we cann access container using

ip of EC2 instance and port number

->docker run --network host nginx

(we can access the application using http://192.168.10:80)

3)None: docker container is not attachd to any network. Container can't reach
outside world.
No One from outside world can reach to container.if we create multiple
containers they can't talk to each other.
Container will be created in none/null network.Container will not have
ip.Can't be accessable.

->docker run --network none nginx

->docker run --network none nginx
->docker inspect <contid> (it will have none network and doesn't have ip address)

-> when ever container is created docker creates network namespace by default.

4)Overlay is multi host docker network ( if we use docker with dockerswarm )

-> we can create Overlay networks in docker swarm machines only.

-> docker network create -d overlay flipkartovelay
Error response from Daemon: This node is not a swarm manager. Use " docker swarm
init" or "docker swarm join" to
connect this node to swarm and try again.

5)Calico,Flannel,Weave Net ( if we use docker with kubernetes)

Docker Volumes

==============

->To take data backup from container we have to use volumes.Data maintained in
external file systems
instead of container file systems.We are mounting container file system with some
external file system.

To take data backup from container we have to use volumes.

-> we have 2 types of docker volumes

1)Bind Mounts
2)Docker Persistent Volumes
a)Volume Mounts
b)Network Volumes

1.Bind Mounts:
We can mount host server file system to container file system so that data will
be maintained in the docker host file system.
In the Bind Mounts docker can't extract the number of volumes it has. Since it is
a directory someone can mistakely corrupt the data.
Problem during docker migration(we don't know which folder is having bind
mount),since we don't have track of bind mounts.
->mkdir mongodbdata
->ls mongodbdata/
->pwd
o/p: /home/ec2-user/
->docker run -itd --name mongodb -v /home/ec2-user/mongodbdata:/data/db --
network=prathimatech \
-e MONGO_INITDB_ROOT_USERNAME=mongodevdb -e MONGO_INITDB_ROOT_PASSWORD=dev@1234
mongo

->docker inspect mongodb (we can check the bind mounts information under "Mounts":
[] section )
o/p:
"Mounts": [
{
"Type": "bind",
"Source": "/home/ec2-user/mongodbdata",
"Destination": "/data/db",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
},

2.Volume Mounts:

Volume mount mounts a volume from the volumes directory.

docker volume create mongodb

Use above volume while creating container.

docker run -d --name mongo -v mongodb:/data/db:ro -e

MONGO_INITDB_ROOT_USERNAME=devdb -e MONGO_INITDB_ROOT_PASSWORD=devdb1234 --network
springappnetwork mongo (read only)
docker run -d --name mongo -v mongodb:/data/db:rw -e
MONGO_INITDB_ROOT_USERNAME=devdb -e MONGO_INITDB_ROOT_PASSWORD=devdb1234 --network
springappnetwork mongo (read and write)

3.Network Volumes:
Storing container data outside of docker server. We can use S3,EBS,EFS,NFS volumes.
We need to install volume plugin drivers for mounting them.

EX: REX ray plugin for AWS-EBS

Docker Compose
==============

Docker Compose is a tool for defining and running multicontainer applications.

Without docker compose when we want to create mulitiple containers we need

mulitiple run commands.

with docker compose yaml file , with single command we can create mulitiple
applications

Example Compose file : Below file will create a Front end spring container and back
end Mongo Database container
version: '3.1'
services:
springboot:
image: spring-boot-mongo:latest
container_name: springboot
environment:
- MONGO_DB_HOSTNAME=mongo
- MONGO_DB_USERNAME=devdb
- MONGO_DB_PASSWORD=devdb@123
ports:
- 8080:8080
depends_on:
- mongo
networks:
- springappnetwork
mongo:
image: mongo
container_name: springboot-mongo
environment:
- MONGO_INITDB_ROOT_USERNAME=devdb
- MONGO_INITDB_ROOT_PASSWORD=devdb@123
volumes:
- mongodbvol:/data/db
networks:
- springappnetwork
volumes:
mongodbvol:
driver: local

networks:
springappnetwork:
driver: bridge

Create container :

this command will useful

docker-compose -f docker-compose-springapp.yml up -d

Docker Compose Commands:

config Validate and view the Compose file

create Create services
down Stop and remove containers, networks, images, and volumes
exec Execute a command in a running container
help Get help on a command
images List images
kill Kill containers
logs View output from containers
pause Pause services
port Print the public port for a port binding
ps List containers
pull Pull service images
push Push service images
restart Restart services
rm Remove stopped containers
 run Run a one-off command
scale Set number of containers for a service
start Start services
stop Stop services
top Display the running processes
unpause Unpause services
up Create and start containers
version Show the Docker-Compose version information

diffrence between docker and docker swarm ?