1. Explain Docker Architecture
Before understanding architecture, lets understand how docker works in a simple way..
When you want to run a docker container, using command something like
docker run -d -p 8080:80 --name mynginx nginx
this actually tries to fetch nginx image that is not present in local, download nginx image from Docker Registry like Docker Hub and then runs container
what exactly happened here?. when command was run, it actually was run in docker client, which actually uses REST API´s to call Docker Daemon, and this docker daemon uses service called containerd, which runs the container either by pulling local image or from Docker Hub/Docker Registry
Here DockerDaemon manages core services like containers, volumes, images , networks and listens for API requests
And here REST API allows communication between server and client
containerd - manages lifecycle of container
2.What is Container Lifecycle?
lets understand container lifecyle by commands
docker create nginx
this command creates container with nginx image by pulling from docker hub or uses local image but does not run it
docker start <containerid>
this command runs the container
docker run nginx
this command brings the image and runs container, more like a combination of create and start
docker stop <containerid>
this command stops containers
docker rm <containerid>
this command deletes the container
docker pause <containerid>
this command pauses the process running inside container whereas docker stop command completely stops all the process running inside container
docker unpause <containerid>
it resumes the process that are needed
3. Explain Docker Networking and its various types
Docker networking helps containers to communicate with each other, with host, also with outside world
Different types of Network
1.Bridge
Its a default network which applies container IP to each container , you can say it mostly like private internal network
to expose to host, port mapping is required
2.host
docker run --network host nginx
this does not use seperate IP and uses same host IP directly, the container IP would be same as host IP
3.None
docker run --network none nginx
this has No IP address, No internet , like Nginx starts but other containers, neither localhost can access it
4.Overlay Network
this network is used when you have two different containers running in two different severs, and we need to establish communication between these two containers , thats when overlay network is used
5.Macvlan Network
Assigns a real MAC address to container, to behave like a complete seperate physical device
4.What is Dockerfile and Docker compose file
Dockerfile is how you build container image using step by step instructions
Explained in Docker live session
Docker Compose file is a file to run different containers together
5. What are Different Layers in Docker
In Dockerfile, each line can be considered as layer, while there are few mandatory layers for dockerfile to build an image, others can be optional
Docker also uses these layers as cache to make image much faster, and also to use same image for other containers
reference: Docker Official
Also for Docker file
# Base Image Layer
FROM node:18
# Metadata Layer
LABEL maintainer="devops@example.com"
LABEL project="docker-layer-demo"
# Environment Variable Configuration
ENV NODE_ENV=production
# Set Working Directory Inside Container
WORKDIR /usr/src/app
# Copy Dependency File Into Image
COPY package.json .
# Install Application Dependencies
RUN npm install
# Copy Application Source Code
COPY . .
# Add Archive File and Extract It
ADD config.tar.gz /usr/src/app/config
# Run Container as Non-Root User
USER node
# Document Container Port
EXPOSE 3000
# Create Mount Point for Persistent Storage
VOLUME ["/usr/src/app/logs"]
# Container Health Monitoring
HEALTHCHECK --interval=30s --timeout=5s \
CMD curl -f http://localhost:3000 || exit 1
# Default Command When Container Starts
CMD ["node", "server.js"]
# Main Executable of the Container
ENTRYPOINT ["node"]
6. What is Different between ADD/COPY, RUN/CMD/ENTRYPOINT
Reference: Docker live session
7.How to reduce Docker file size?
1.Use light base images like FROMUbuntu to FROM:node:18-alpine
2.Combine RUN commands to reduce layers
RUN apt-get update
RUN apt-get install -y curl
RUN apt-get install -y git.
can be re-written as
RUN apt-get update && \
apt-get install -y curl git
3.use dockerignore file to ignore copying unneccesary files
.dockerignore
node_modules
.git
logs
.env
tmp
4.use multistage builds
# Build Stage
FROM node:18 AS builder
WORKDIR /app
COPY . .
RUN npm install
RUN npm run build
# Production Stage
FROM node:18-alpine
WORKDIR /app
COPY --from=builder /app/dist ./dist
CMD ["node","dist/app.js"]
8.How to Debug Docker Container?
First we can start by container status
1. docker ps -a #even containers that are not running will be shown
2.To check logs
docker logs container_id/ container_name
3. to login to container
docker exec -it container_id /container_name /bin/bash
4. to check configuration of docker container
docker inspect container_id/container_name
5. To check reosurce status of container
docker stats container_id/container_name
8.How to Save Container as image?
#convert container to image
1. docker commit contaner_name image_name:tag_name
#save converted image to compressed file
2. docker save -o image_name.tar image_name:tag_name
#you can send tar file to anywhere you want and now to load image in any server
3. docker load -i image_name.tar
9.What are Docker volumes?
When a Docker container is deleted, it deletes data stored in it . to keep data persistent, we will use docker volumes, you can think of it like hard drive to your laptop/desktop
# to create volume
1. docker volume create myvolume
#to check volumes listed
2. docker volume ls
#to run volume inside a container
3. docker run -d -v myvolume:/app/data nginx
even if container is deleted, you can still use volume and attach it to another container
#to use hostpath as volume
#docker run -d -v hostpath:containerpath image
docker run -d -v /Users/sagar/dockerdata:/app/data nginx
#to check volume
4. docker volume inspect myvolume
#to remove volume
5. docker volume rm myvolume
Comments
Post a Comment