Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Project Title
A Report Submitted
in Partial Fulfillment of the Requirements
for the Degree of
Bachelor of Technology
in
Computer Science & Engineering
by
Your Name goes here
to the
COMPUTER SCIENCE AND ENGINEERING DEPARTMENT
MOTILAL NEHRU NATIONAL INSTITUTE OF TECHNOLOGY
ALLAHABAD
April, 2017
UNDERTAKING
April, 2017
Allahabad
(Your Name goes here)
ii
CERTIFICATE
April, 2017
iii
Preface
A good B.Tech. thesis is one that helps you in furthering your interest in a specific
field of study. Whether you plan to work in an industry or wish to take up academics
as a way of life, your thesis plays an important role.
Your thesis should judiciously combine theory with practice. It should result
in a realization of reasonably complex system (software and/or hardware). Given
various limitations, it is always better to extend your predecessors work. If you
plan it properly, you can really build on the experience of your seniors.
iv
Acknowledgements
Here it will go something like this............It is a great pleasure to thank the giants
on whose shoulders I stand. First of all, I would like to thank my supervisor ...
v
Contents
Preface iv
Acknowledgements v
1 Introduction 1
3 Docker Images 5
3.1 Containers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2 Useful Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2.1 Listing Docker Images . . . . . . . . . . . . . . . . . . . . . . 6
3.2.2 Searching Docker images . . . . . . . . . . . . . . . . . . . . . 7
3.2.3 Docker Pull . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.2.4 Remove an image . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.3 Manipulating a container . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.4 Building your own Docker Image . . . . . . . . . . . . . . . . . . . . 10
3.4.1 Docker File . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4 Docker Hub 12
6 Docker Swarm 16
6.1 Docker swarm Components . . . . . . . . . . . . . . . . . . . . . . . 16
vi
6.2 Docker swarm Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
7 Docker Security 19
A Appendix A 22
A.1 Difference Between VM and docker . . . . . . . . . . . . . . . . . . . 22
A.2 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
References 24
vii
Chapter 1
Introduction
Figure 1: Docker
Docker is an open source platform which can be used to package, distribute and
run your applications. Docker provides an easy and efficient way to encapsulate
applications (e.g. a Java web application) and any required infrastructure to run
that application (e.g. Red hat Linux OS, Apache web server, Tomcat application
server, mySQL database etc.) as a single Docker image which can then be shared
through a central, shared Docker registry. The image can then be used to launch
a Docker container which makes the contained application available from the host
where the Docker container is running. Docker provides some convenient tools to
1
build Docker images in a simple and efficient way. A Docker container on the other
hand is a kind of light weight virtual machine with considerably smaller memory
and disk space footprint than a full blown virtual machine. Docker also has a
native clustering called Docker swarm.By enabling fast, convenient and automated
deployments, Docker has the effect of shortening the cycle between writing code,
testing code and getting it live on Production. The most common analogy used to
help people understand Docker is saying that Docker containers are like shipping
containers: they provide a standard, consistent way of shipping just about anything.
Docker containers provide a standard, consistent way of packaging just about any
application
2
Chapter 2
Docker is a container management system that helps easily manage Linux Containers
in an easier and universal fashion . There is no need for a complete operating system
Figure 2: Difference
every time we need to bring up a new container, which cuts down on the overall
size of containers. Docker relies on using the host OSs Linux kernel for the OS it
was built upon, such as Red Hat, CentOS, Ubuntu, and so on. For this reason,you
can have almost any Linux OS as your host operating system . With containers,
you share the underlying resources of the Docker host and you build an image that
is exactly what you need to run your application. You start with the basics and
you add what you need. VMs are built in the opposite direction. You are going
3
to start with a full operating system and, depending on your application, might be
strip out the things you dont want. As compared to virtual machines, containers
can be faster and less resource heavy as long as the user is willing to stick to a single
platform to provide the shared OS. A virtual machine could take up several minutes
to create and launch whereas a container can be created and launched just in a few
seconds. Applications contained in containers offer superior performance, compared
to running the application within a virtual machine.
A full virtualized system gets its own set of resources allocated to it, and does
minimal sharing. You get more isolation, but it is much heavier (requires more
resources). With Docker you get less isolation, but the containers are lightweight
(require fewer resources). So you could easily run thousands of containers on a host,
and it wont even blink.
There are pros and cons for each type of virtualized system. If you want full
isolation with guaranteed resources, a full VM is the way to go. If you just want
to isolate processes from each other and want to run a ton of them on a reason-
ably sized host, then Docker seems to be the way to go. Virtual Machines provide
high flexibility whereas Docker containers prime focus is on applications and their
dependencies
4
Chapter 3
Docker Images
An image is a filesystem and parameters to use at runtime . It doesnt have state and
never changes. A Docker image is made up of filesystems layered over each other.
At the base is a boot filesystem, bootfs , which resembles the typical Linux/Unix
boot filesystem. A Docker user will probably never interact with the boot filesys-
tem. Indeed, when a container has booted, it is moved into memory, and the boot
filesystem is unmounted to free up the RAM used by the initrd disk image.
5
an image into a container, the Docker engine takes the image, adds a read-write
filesystem on top and initialises various settings including network ports, container
name, ID and resource limits.
3.1 Containers
A container is a running instance of an image.Docker originally used linux Containers
(LXC), but later switched to runC (formerly known as libcontainer), which runs in
the same operating system as its host. This allows it to share a lot of the host
operating system resources. Also, it uses a layered filesystem (AuFS) and manages
networking. AuFS is a layered file system, so you can have a read only part and
a write part which are merged together. One could have the common parts of
the operating system as read only (and shared amongst all of your containers) and
then give each container its own mount for writing. A running container has a
currently executing process, but a container can also be stopped (o exited in Dockers
terminology). An exited container is not the same as an image, as it can be restarted
and will retain its settings and any filesystem changes.
The above command shows the available images on your host , the output of this
command may vary from host to host . In the screenshot , the first column you see
is the Repository column , this column shows the name of the repository on docker
hub from which the image is pulled . The next column, the TAG column, will show
you different versions of a repository . As you can see in the preceding screenshot
with the Ubuntu repository, there are tag names for the different versions. So, if
you want to specify a particular version of a repository in your Dockerfile , you are
able to. This can help in backward compatibility . The next column, IMAGE ID ,
6
shows the unique id of the image . The last two columns are pretty straightforward;
the first being the creation date for the repository, followed by the virtual size of
the image
with docker search you can search for images based on different criteria . For
example, we can search for all the images with the term ubuntu in them and see
what all is available. Here is what we would get back in our results; it would go as
follows:
We can see the name of the repository, a reduced description, how many people
have starred and think it is a good repository, whether its an official repository;
which means its been approved by the Docker team, when we find a suitable images
we can pull it using docker pull command
7
Figure 5: Docker pull
To remove an image from the your host computer , you can use docker rmi ubuntu
or you can also mention the image id
We start off with docker run command , followed by two switches (flags) -t and -i .
The -i gives us an interactive shell into the running container , the -t will allocate a
pseudo-tty that, while using interactive processes, must be used together with the
-i switch. You can also use switches together . For example, -it is commonly used
for these two switches . This will help you test the container to see how it operates
before running it as a daemon .
8
Figure 6: Dockerrun
If the container is correctly set up , you will see it running status of the containers
can be known using docker ps command
We get a lot of other important information indicating that the container is
running . We can see the container ID , the image name that is running , the
command that is running on the container to keep the image live , when the container
started , its cur rent status , if any ports were exposed they would be listed here ,
as well as the name given to the container . Now, these names are random, unless
it is specified otherwise by the - - name switch . You can also expose the ports on
your containers by using the -p switch as follows
This will run the ubuntu 14.10 container in the demonized mode, exposing port
8080 of the Docker host to port 80 on the running container: Stopping Containers :
For various reasons , you may want to stop containers, there are various commands
to do that, docker stop, docker kill , docker pause, docker unpause) . Docker kill
command will shutdown the container immediately . For a graceful shutdown of
the container, you would want to use the docker stop command. Mostly, when
you are testing , you will be using docker kill . When youre in your production
environments, you will want to use the docker stop to ensure you dont corrupt any
data you might have in the docker volumes . With the docker rename command ,we
can change the name that has been randomly generated for the container . When we
9
performed the docker run command, a random name was assigned to our container
most times these names are fine . But if you are looking for an easy way to manage
the containers , fine. But if you are looking for an easy way to manage the containers
, a name can be sometimes easier to remember. For this, you can use the docker
rename command as follows :
10
Figure 7: Docker File
contact you if they have any questions of find ant errors in yout file . In docker file
only one process can be done at a time. The EXPOSE line will expose the ports to
anything external to the container and to the host it is running on . The last line is
the command that is run when the container is launched.
The last line CMD in Dockerfile will be launched upon the container that isrun-
ning. This also helps emphasize the one process per container rule. Affter making
the dockerfile , using docker build command you can build the image
The most important thing to remember is the . the dot or period at the very end.
This is to tell the docker build command to build in the current folder. If you
are using your own registry to push your images, then you can use any naming
convention that you would like to use. But try to keep it simple and easy to identify
by looking at name
11
Chapter 4
Docker Hub
The Docker Hub is a location on the cloud, where you can store and share images
that you have created. You can also link your images to the GitHub repositories that
can be built automatically . There are two types of repositories on the Docker Hub:
the public and private repositories . Pushing to a repository is very straightforward.
Once you have the image built on your machine, there are two commands you need
to run. One you will only have to run once and the other command you will use every
time. docker login This will prompt you for your Docker Hub credentials and the
e-mail address you are using on Docker Hub docker push REPOSITORY:TAG
This will show the progress of your push, kicking back to the command prompt
when completed. You will then be able to see the image in either the command-line
search. By default, repositories are pushed as public. If you want to set them to
private, you need to log in to the Docker Hub website and set the repository to
12
Make Private.
13
Chapter 5
14
Creating a docker image
Open browser of the host and you will see the website up and running.
To attach a mysql database , we have to run two containers at a time .For that we
can use docker compose or simple flags.
The above command runs the mysql as a container with a specified name . Now we
need to start the PHP server back up, but we need to allow it access to the MySQL
server.
The link section is what allows this docker to talk to other dockers specified (eg.
mysqlserver), otherwise they are all kept separate. If both of these Dockers are up
and running, you can find out the internal IP address of each of them by running
this command. This gets the IP for mysqlserver.
docker inspect mysqlserver grep IPAddress
15
Chapter 6
Docker Swarm
In this chapter,we will be taking a look at Docker Swarm. With Docker Swarm, you
can create and manage Docker clusters. Swarm can be used to disperse containers
across multiple hosts. It also has the ability to know how to scale containers as well
Swarm
Swarm Manager
Swarm Workers
Swarm
Docker Swarm is the container that runs on each Swarm host. Swarm uses a unique
token for each cluster to be able to join the cluster. The Swarm container itself is
the one that communicates on behalf of that Docker host to the other Docker hosts
that are running Docker Swarm as well as the Docker Swarm manager.
16
Swarm manager
The Swarm manager is the host that is the central management point for all the
Swarm hosts. The Swarm manager is where you issue all your commands to control
nodes. You can switch between the nodes, join nodes, remove nodes, and manipulate
the hosts
Swarm Workers(Hosts)
Swarm hosts are those that run the Docker containers. The Swarm host is managed
from the Swarm manager
Creating a Swarm
Joining nodes
Creating a Swarm
Run the following command to create a new swarm
The advertise-addr flag configures the manager node to publish its address as
192.168.99.100. The other nodes in the swarm must be able to access the manager
at the IP
address.
The output includes the commands to join new nodes to the swarm.
17
Joining Nodes
Nodes will join as managers or workers depending on the value for the token flag.
If any node wants to join this swarm it can run following command
The node has joined as a worker or a manager Run docker info command to view the
current status of swarm Run docker node ls command to view Information about
nodes in the swarm. screenshot
You can also add -v flag to mount local files to the image To know about the status
of service use docker service ps servicename
18
Chapter 7
Docker Security
In this chapter, we will be taking a look at Docker security ,the topic on the forefront
of everyones minds these days
19
INITIALIZING A SWARM WITH AUTOLOCK
ENABLED
docker swarm init autolock
after executing above command swarm is intialized here autolock is a flag to enabling
autolocking of swarm manger nodes when Docker restarts. secreenshot
store the key in safe place when Docker restarts, you need to unlock the swarm and
you will see an error like the following and services will not start.
UNLOCK A SWARM
To unlock a locked swarm,use below command
20
docker swarm unlock
after this enter unlock key then your swarm gets unlocked.
21
Appendix A
Appendix A
A.2 Commands
docker attach Attach to a running container
docker build Build an Image from a docker file
docker create Create a new container
docker exec Run a command in a running container
docker Image Manage images
22
docker Images List Images
docker info Display system-wide information
docker login - Log in to a Docker registry
docker logout Log out from a Docker registry
docker node Manage Swarm nodes
docker ps List containers
docker pull pull an image or a repository from a registry
docker push push an image or a repository from a registry
docker restart restart one or more containers
23
References
[2] Chen, Y.-F. R., Fowler, G. S., Koutsofios, E., and Wallach, R. S.
Ciao: A graphical navigator for software and document repositories. In Interna-
tional Conference on Software Maintenance (1995), pp. 6675.
24