IN ACTION SECOND EDITION Jeff Nickoloff Stephen Kuenzli F Bret Fisher OREWORD BY M A N N I N G Docker running three containers on a Linux system Container Container Container spaceA space B space C Database Command line Docker CLI Web server User space Hello World Docker daemon Operating system IO CPU Memory Network interface Persistent storage Devices Praise for the first edition “All there is to know about Docker. Clear, complete, and precise.” —Jean-Pol Landrain, Agile Partner Luxembourg “A compelling narrative for real-world Docker solutions. A must-read!” —John Guthrie, Pivotal, Inc. “An indispensable guide to understanding Docker and how it fits into your infrastructure.” —Jeremy Gailor, Gracenote “Will help you transition quickly to effective Docker use in complex real-world situations.” —Peter Sellars, Fraedom “. . . a superlative introduction to, and reference for, the Docker ecosystem.” —Amazon reader Docker in Action SECOND EDITION JEFF NICKOLOFF STEPHEN KUENZLI FOREWORD BY BRET FISHER MANNING SHELTER ISLAND For online information and ordering of this and other Manning books, please visit www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact Special Sales Department Manning Publications Co. 20 Baldwin Road PO Box 761 Shelter Island, NY 11964 Email: [email protected] ©2019 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine. Manning Publications Co. Development editor: Jennifer Stout 20 Baldwin Road Technical development editor: Raphael Villela PO Box 761 Review editor: Aleksandar Dragosavljevic´ Shelter Island, NY 11964 Project editor: Janet Vail Copy editor: Sharon Wilkey Proofreader: Keri Hales Technical proofreader: Niek Palm Typesetter: Dennis Dalinnik Cover designer: Marija Tudor ISBN: 9781617294761 Printed in the United States of America For Jarrod Nickoloff and William Kuenzli contents foreword xiii preface xv acknowledgments xviii about this book xx about the authors xxii about the cover illustration xxiii 1 Welcome to Docker 1 1.1 What is Docker? 3 “Hello, World” 3 ■ Containers 5 ■ Containers are not virtualization 5 ■ Running software in containers for isolation 6 ■ Shipping containers 7 1.2 What problems does Docker solve? 8 Getting organized 9 ■ Improving portability 10 Protecting your computer 11 1.3 Why is Docker important? 12 1.4 Where and when to use Docker 13 1.5 Docker in the larger ecosystem 14 1.6 Getting help with the Docker command line 14 vii viii CONTENTS PART 1 PROCESS ISOLATION AND ENVIRONMENT- INDEPENDENT COMPUTING................................17 2 Running software in containers 19 2.1 Controlling containers: Building a website monitor 20 Creating and starting a new container 21 ■ Running interactive containers 22 ■ Listing, stopping, restarting, and viewing output of containers 23 2.2 Solved problems and the PID namespace 25 2.3 Eliminating metaconflicts: Building a website farm 28 Flexible container identification 28 ■ Container state and dependencies 31 2.4 Building environment-agnostic systems 34 Read-only filesystems 34 ■ Environment variable injection 37 2.5 Building durable containers 40 Automatically restarting containers 41 ■ Using PID 1 and init systems 42 2.6 Cleaning up 44 3 Software installation simplified 47 3.1 Identifying software 48 What is a named repository? 48 ■ Using tags 49 3.2 Finding and installing software 50 Working with Docker registries from the command line 50 Using alternative registries 51 ■ Working with images as files 52 Installing from a Dockerfile 53 ■ Using Docker Hub from the website 54 3.3 Installation files and isolation 56 Image layers in action 57 ■ Layer relationships 58 Container filesystem abstraction and isolation 59 Benefits of this toolset and filesystem structure 60 Weaknesses of union filesystems 60 4 Working with storage and volumes 62 4.1 File trees and mount points 63 4.2 Bind mounts 64 4.3 In-memory storage 67