« Previous 1 2 3 Next »
Application virtualization with Docker
Order in the System
Installing Docker
The following examples show how to install and run a Docker environment on Fedora 20. Docker version 1.2.0 is used; however, all of the examples also work without modification on other Red Hat-based distributions. You will find further guidance for other Linux versions on the Docker website [1].
First, install the package docker-io from the distribution's standard software repository and then enable the Docker service:
# yum -y install docker-io # systemctl start docker # systemctl enable docker
At this point, use:
# getenforce
to make sure the system is in SELinux enforcing mode
Enforcing
For a first test, start your first container with the command:
# docker run -i -t fedora /bin/bash
This activates a container based on the fedora
image and starts the Bash shell in the container. The two options cause the container to be assigned a pseudo-terminal; you will have an interactive connection to the container. Because the fedora
image is not yet present on the system, the Docker command-line tool establishes a connection to Docker Hub to download it from there.
Docker Hub is a central repository on which several different Docker images are available. Using docker search , you can search for specific images. If you use a proxy to connect to the Internet, first register it in the Systemd unit file for the Docker service (Listing 1) and then load the modified configuration:
# systemctl daemon-reload
After downloading the images, the Bash shell starts within the container and waits for your input. Access the ps
command within the container and you will just see two processes: the Bash process with the PID 1
and the ps
process. All other host system processes are not visible within the container, because it uses its own PID namespace.
Listing 1
Docker systemd
### You can define an HTTP proxy for the Docker service in the file /usr/lib/systemd/system/ docker.service. [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.com After=network.target docker.socket Requires=docker.socket [Service] Type=notify EnvironmentFile=-/etc/sysconfig/docker ExecStart=/usr/bin/docker -d -H fd:// $OPTIONS LimitNOFILE=1048576 LimitNPROC=1048576 Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.0/8" [Install] Also=docker.socket
The same applies to the filesystem. Run ls
, and you will see the container image's filesystem. The docker ps
command displays all active containers on the host system (Listing 2).
Listing 2
Docker Containers Present
# docker ps CONTAINER ID ** ** ** ** ** IMAGE ** ** ** ** ** ** ** COMMAND ** ** ** ** ** CREATED ** ** ** ** ** STATUS ** ** ** ** ** PORTS ** ** ** ** ** NAMES 314852f5a82e ** ** ** ** ** **fedora:latest ** ** "/bin/bash ** ** ** **8 seconds ago ** ** **Up 6 seconds ** ** ** ** ** ** ** ** ** ** ** **ecstatic_turing
Along with a unique ID for the container, at this point, you will see the image used, the application running in the container, and the container's current status. It is only active as long as the application is running. If you log out of the shell within the container, the container also stops. A renewed call to docker ps
confirms this.
This command supports a number of useful options. For example, docker ps **-a
displays all previously started containers, regardless of their status. The -l
option restricts the output to the last started container. You can wake up a stopped container at any time using docker start
. The -a
option immediately produces an interactive connection, and you are then, in this example, connected with the container's shell. If you want to delete a container as soon as it has been stopped, use the --rm
option when starting the container (docker start --rm
).
Memory Internals
The Device Mapper storage back end generates two files in /var/lib/docker/devicemapper/devicemapper
by default: a 100GB data
file and a 2GB metadata
file. Both files are sparse files which therefore occupy much less space on the filesystem. The data file contains all your system's image data. Docker generates the block devices that are integrated when starting a container from these files using a loopback mount.
You will find the metadata for all containers in /var/lib/docker/containers
. The config.json
file contains information for a container in JSON format. If you start a container, Docker will use the previously integrated data file. If you enter
du -h /var/lib/docker/devicemapper/devicemapper/data
you will see how much disk space the file actually occupies on the filesystem. The more images you use, the greater the disk space required.
If the standard size of 100GB is no longer sufficient, you can define a new size for the data file in a separate systemd unit file for the Docker service. Copy the file /usr/lib/systemd/system/docker.service
to /etc/systemd/system/docker.service
and extend the "ExecStart=/usr/bin/docker"
line to include the options
--storage-opt dm.loopdatasize=500GB --storage-opt dm.loopmetadatasize=10GB
At this point, note that the use of loopback devices instead of only block devices definitely involves a performance hit. The data and metadata pools should therefore be on physical block devices in productive environments. The readme file [2] for the Device Mapper back end describes how you can perform such a configuration.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)