Containerization uses the kernel on the host operating system to run multiple root file systems. Each root file system is called a container, each container also has it's own processes, memory, devices and network stack. For more on Containers, see my Containers 101 post. As mentioned in that previous post, Docker has built a very strong ecosystem and simple way of consuming and using containers. Let's take a look at a couple basics for docker and work from there. We will look at Images & Layers, Repositories and Dockerfile.
Images & Layers
Images are collections of files and additional metadata; which contain multiple layers including a base layer. Layers are read only images that contains the software that you want to run. Any changes are saved to a writeable layer using copy on write from the read-only layer.
When you make a modification to a Docker image for (update an app) a new layer will get built. Instead of replacing the whole image or rebuilding the entire image, as you may do with a virtual machine, only that layer is added or updated. Now you don’t need to distribute a whole new image, just the update, making distributing Docker images faster and simpler.
Every image starts from a base image, for example centos, a base CentOS image, or debian, a base Debian image. You can also use images of your own as the basis for a new image, for example if you have a base NGINX image you could use this as the base of all your web application images.
Repositories come from vendors like CentOS, Red hat, Redis, etc. The Docker Hub promote official repositories are a certified and combined set of Docker repositories. An official repositories is comprised of base images for Linux Operating systems along with images commonly used programming languages, development tools, web and application servers.
The Official Repositories program is open to any community group or software ISV willing to commit resources to on-going maintenance of an application according to the program’s guidelines. Official repositories are identified as official on the Docker Hub and also marked on the official column within the terminal output.
Dockerfile is an automated delivery method for adding layers to a container. Dockerfile is a text file that contains all the commands, in sequence, required to build a particular image. Docker images can be built automatically by leveraging the instructions from a Dockerfile. Dockerfiles adhere to a specific format and use a specific set of instructions.
A commonly used scenario for using Dockerfile is ensuring that the latest packages versions are up to date using apt-get update and apt-get install. This use case is commonly known as 'cache busting'. Utilizing &&, you are able issue both commands in a single and efficient line of code.
RUN apt-get update && apt-get install -y
If you wanted to ensure to remove all .deb files that are no longer on the system you can leverage and tailing lines in the Dockerfile like below:
&& apt-get clean \ && rm -rf /var/lib/apt/lists/*
Using a cleanup at the end of the update section of the dockerfile keeps the image size small and lean.
Docker has written a great article on Dockerfile Best Practices along with a laundry list of commands to get you started on the Dockerfile Reference page. Digitial Ocean also provides a very comprehensive guide to Dockerfile.