Post

Docker 4 - How to manage Docker Containers

Introduction

Docker Container lifecycle

  • A Docker container has a lifecycle that you can use to manage and track the state of the container.

Container Lifecycle:

  • The lifecycle of a container includes the following states:
    • Created: The container is created but not running.
    • Running: The container is running.
    • Paused: The container is paused.
    • Stopped: The container is stopped.
    • Exited: The container has exited.

Running a Container:

  • Use the run command to start a container.
  • You can restart a running container; it receives a termination signal to allow graceful shutdown before stopping.

Container States:

  • A container is considered running until it’s paused, stopped, killed, or exits on its own.
  • A container can self-exit when its process completes or enters a fault state.

Pausing a Container:

  • Use the pause command to suspend all processes in a running container.

Stopping a Container:

  • Use the stop command to gracefully shut down a container by sending a termination signal to its processes.

Killing a Container:

  • Use the kill command to forcefully terminate a container by sending a kill signal directly to the container’s kernel.

Removing a Container:

  • Use the remove command to delete a stopped container.
  • All data stored in the container is destroyed upon removal.

How to view available containers

  • To list running containers, run the docker ps command. To see all containers in all states, pass the -a argument.
1
docker ps -a
  • Here’s the output from that command:
1
2
3
CONTAINER ID    IMAGE               COMMAND                CREATED          STATUS              PORTS         NAMES
d93d40cc1ce9    tmp-ubuntu:latest  "dotnet website.dll …"  6 seconds ago    Up 5 seconds        8080/tcp      happy_wilbur
33a6cf71f7c1    tmp-ubuntu:latest  "dotnet website.dll …"  2 hours ago     Exited (0) 9 seconds ago            adoring_borg
  • Reviewing Docker Output:

    • IMAGE Column: Shows the image name (e.g., tmp-ubuntu:latest).

      • You can create multiple containers from the same image, enabling scaling.
    • STATUS Column: Displays the container’s current status (e.g., running, exited).

      • Status helps you quickly assess the container’s health.
    • NAMES Column: Lists the container’s name.

      • If not specified, Docker assigns a random name.
      • To assign a specific name, use the --name flag with the run command.
  • Why Containers Have Names:

    • Names allow you to run multiple instances of the same image.
    • Container names are unique; you can’t reuse a name unless you remove the previous container first.

Running a Container:

  • Use the docker run command with the image name or ID to start a container.
  • Example to run in the background: docker run -d tmp-ubuntu.
  • Docker finds the image, loads the container, and executes the entry point command.

Pausing a Container:

  • Use the docker pause command to suspend all processes in a container.
  • Example: docker pause happy_wilbur.
  • To resume, use docker unpause.

Restarting a Container:

  • Use the docker restart command to stop and then start a container.
  • Example: docker restart happy_wilbur.
  • If the container doesn’t stop, a kill signal is sent.

Stopping a Container:

  • Use the docker stop command to send a termination signal and stop a running container.
  • Example: docker stop happy_wilbur.

Removing a Container:

  • Use the docker rm command to remove a container.
  • Example: docker rm happy_wilbur.
  • Removing a container destroys all data in it; containers should be considered temporary for data storage.

Docker Container Storage Configuration

  • Temporary Nature of Container Storage:

    • Data written to a container’s filesystem (e.g., log files) is lost when the container is removed.
    • Container storage is tied to the host machine, making data access and transfer difficult.
    • Storage drivers used in containers are less performant due to extra abstraction layers.
  • Options for Persistent Data Storage:

    • Volumes:

      • Stored on the host filesystem in a specific folder managed by Docker.
      • Created using the docker volume create command, either manually or as part of a Dockerfile.
      • Volumes can be shared across multiple containers and persist after a container stops.
      • Example: Logs stored in a volume remain accessible even after the container is removed.
      • Third-party plugins, like Azure Storage, can be used as volumes.
    • Bind Mounts:

      • Similar to volumes but can mount any file/folder from the host.
      • More performant but depend on the host’s folder structure.
      • Used when the host system might need to modify the mounted data.
      • Volumes are the preferred method for container data storage.
    • SMB Paths for Windows Containers:

      • Mount SMB paths as volumes, allowing different containers on various hosts to use the same storage.

Docker Container Network Configuration

  • Default Network Configuration:

    • Isolates containers on the Docker host, allowing secure inter-container communication.
  • Linux Network Options:

    • Bridge (default): Internal, private network for containers; isolates them from the host network.
    • Host: Directly uses the host’s network, eliminating network isolation.
    • Overlay, IPvLan, MACvLan, None: Other options for advanced scenarios.
  • Windows Network Options:

    • NAT (default): Similar to Linux’s bridge network.
    • Transparent, Overlay, L2Bridge, L2Tunnel, None: Additional options.

Bridge Network:

  • Containers are assigned IPs and can communicate via IP addresses.
  • Hostname-based communication is not supported by default.
  • Use the --publish flag to map container ports to host ports.
  • The publish flag effectively configures a firewall rule that maps the ports.
  • In this example, your tracking portal is accessible to clients browsing to port 80.
  • You’ll have to map port 80 from the container to an available port on the host.
  • You have port 8080 open on the host, which enables you to set the flag like this:
1
--publish 8080:80
  • Any client browsing to the Docker host IP and port 8080 can access the tracking portal.
  • Aside from Linux-specific configurations, the NAT network on Windows hosts functions the same as a bridge network.
  • Also, NAT is the default network on Windows, and all containers will connect to it unless otherwise specified.

Host Network:

  • Runs the container directly on the host’s network, using the host IP.
  • Only available on Linux; Windows lacks this option.

Overlay Network:

  • Creates a virtual network switch, enabling containers to get IPs from the same network as the host.

None Network:

  • Disables networking for containers, useful for applications that don’t require network access.

Operating System Considerations

  • OS-Specific Limitations:
    • macOS doesn’t support the Docker0 bridge network interface or host-network configuration.
    • Windows and macOS desktops have different networking capabilities compared to Linux.
    • Container orchestrators may add additional networking configurations.
This post is licensed under CC BY 4.0 by the author.