Docker 4 - How to manage Docker Containers

Introduction

• A Docker container has a lifecycle that you can use to manage and track the state of the container.

Container Lifecycle:

• The lifecycle of a container includes the following states:
  • Created: The container is created but not running.
  • Running: The container is running.
  • Paused: The container is paused.
  • Stopped: The container is stopped.
  • Exited: The container has exited.

Running a Container:

• Use the run command to start a container.
• You can restart a running container; it receives a termination signal to allow graceful shutdown before stopping.

Container States:

• A container is considered running until it’s paused, stopped, killed, or exits on its own.
• A container can self-exit when its process completes or enters a fault state.

Pausing a Container:

• Use the pause command to suspend all processes in a running container.

Stopping a Container:

• Use the stop command to gracefully shut down a container by sending a termination signal to its processes.

Killing a Container:

• Use the kill command to forcefully terminate a container by sending a kill signal directly to the container’s kernel.

Removing a Container:

• Use the remove command to delete a stopped container.
• All data stored in the container is destroyed upon removal.

How to view available containers

• To list running containers, run the docker ps command. To see all containers in all states, pass the -a argument.

docker ps -a

• Here’s the output from that command:

CONTAINER ID    IMAGE               COMMAND                CREATED          STATUS              PORTS         NAMES
d93d40cc1ce9    tmp-ubuntu:latest  "dotnet website.dll …"  6 seconds ago    Up 5 seconds        8080/tcp      happy_wilbur
33a6cf71f7c1    tmp-ubuntu:latest  "dotnet website.dll …"  2 hours ago     Exited (0) 9 seconds ago            adoring_borg

• Reviewing Docker Output:

  • IMAGE Column: Shows the image name (e.g., tmp-ubuntu:latest).

    • You can create multiple containers from the same image, enabling scaling.

  • STATUS Column: Displays the container’s current status (e.g., running, exited).

    • Status helps you quickly assess the container’s health.

  • NAMES Column: Lists the container’s name.

    • If not specified, Docker assigns a random name.
    • To assign a specific name, use the --name flag with the run command.

• Why Containers Have Names:

  • Names allow you to run multiple instances of the same image.
  • Container names are unique; you can’t reuse a name unless you remove the previous container first.

Running a Container:

• Use the docker run command with the image name or ID to start a container.
• Example to run in the background: docker run -d tmp-ubuntu.
• Docker finds the image, loads the container, and executes the entry point command.

Pausing a Container:

• Use the docker pause command to suspend all processes in a container.
• Example: docker pause happy_wilbur.
• To resume, use docker unpause.

Restarting a Container:

• Use the docker restart command to stop and then start a container.
• Example: docker restart happy_wilbur.
• If the container doesn’t stop, a kill signal is sent.

Stopping a Container:

• Use the docker stop command to send a termination signal and stop a running container.
• Example: docker stop happy_wilbur.

Removing a Container:

• Use the docker rm command to remove a container.
• Example: docker rm happy_wilbur.
• Removing a container destroys all data in it; containers should be considered temporary for data storage.

Docker Container Storage Configuration

• Temporary Nature of Container Storage:

  • Data written to a container’s filesystem (e.g., log files) is lost when the container is removed.
  • Container storage is tied to the host machine, making data access and transfer difficult.
  • Storage drivers used in containers are less performant due to extra abstraction layers.

• Options for Persistent Data Storage:

  • Volumes:

    • Stored on the host filesystem in a specific folder managed by Docker.
    • Created using the docker volume create command, either manually or as part of a Dockerfile.
    • Volumes can be shared across multiple containers and persist after a container stops.
    • Example: Logs stored in a volume remain accessible even after the container is removed.
    • Third-party plugins, like Azure Storage, can be used as volumes.

  • Bind Mounts:

    • Similar to volumes but can mount any file/folder from the host.
    • More performant but depend on the host’s folder structure.
    • Used when the host system might need to modify the mounted data.
    • Volumes are the preferred method for container data storage.

  • SMB Paths for Windows Containers:

    • Mount SMB paths as volumes, allowing different containers on various hosts to use the same storage.

Docker Container Network Configuration

• Default Network Configuration:

  • Isolates containers on the Docker host, allowing secure inter-container communication.

• Linux Network Options:

  • Bridge (default): Internal, private network for containers; isolates them from the host network.
  • Host: Directly uses the host’s network, eliminating network isolation.
  • Overlay, IPvLan, MACvLan, None: Other options for advanced scenarios.

• Windows Network Options:

  • NAT (default): Similar to Linux’s bridge network.
  • Transparent, Overlay, L2Bridge, L2Tunnel, None: Additional options.

Bridge Network:

• Containers are assigned IPs and can communicate via IP addresses.
• Hostname-based communication is not supported by default.
• Use the --publish flag to map container ports to host ports.
• The publish flag effectively configures a firewall rule that maps the ports.
• In this example, your tracking portal is accessible to clients browsing to port 80.
• You’ll have to map port 80 from the container to an available port on the host.
• You have port 8080 open on the host, which enables you to set the flag like this:

--publish 8080:80

• Any client browsing to the Docker host IP and port 8080 can access the tracking portal.
• Aside from Linux-specific configurations, the NAT network on Windows hosts functions the same as a bridge network.
• Also, NAT is the default network on Windows, and all containers will connect to it unless otherwise specified.

Host Network:

• Runs the container directly on the host’s network, using the host IP.
• Only available on Linux; Windows lacks this option.

Overlay Network:

• Creates a virtual network switch, enabling containers to get IPs from the same network as the host.

None Network:

• Disables networking for containers, useful for applications that don’t require network access.

Operating System Considerations

• OS-Specific Limitations:
  • macOS doesn’t support the Docker0 bridge network interface or host-network configuration.
  • Windows and macOS desktops have different networking capabilities compared to Linux.
  • Container orchestrators may add additional networking configurations.