Docker Review

Docker Review Note

Docker Review

Why docker?

webserver → DB → messaging → orchestration

  1. the architecture of these components are varying over time!
  2. setting environment is painful!
  3. development team members have different OS environment
  • Container utilize the same OS Kernel (handling with hardware), which differs from VM



some Commands I don’t know:

  • docker pull <image> only pull image from DockerHub to local
  • docker exec <container name> <command>
  • docker run -d run in detach
  • docker run -it centos bash run a base image and gets into bash
  • docker attach <container name> run some detached app in foreground


  • docker run redis:4.0 specify a tag
  • docker run -it runs interactively with terminal
  • docker run -v /opt/datadir:/var/lib/mysql mysql mount volume
  • docker logs <container name> logs out the container status
  • docker run ubuntu cat /etc/*release* run a command of a ubuntu image and exit container
  • docker attach <container name> pull a container to foreground
  • docker build <Dockerfile name> -t <xxx/xxxx> build an image
  • docker push <xxx/xxx> push a docker image to dockerhub
  • cat > Dockerfile input to a file Dockerfile
  • docker run -e <ENV NAME>=<ENV VALUE> <image name> set a environement variable
  • docker inspect <container name>

CMD V.S Entrypoint

CMD simply refers to run a command

ENTRYPOINT allows us to append further params to CMD!

FROM Ubuntu
ENTRYPOINT ["sleep"]
CMD ["5"]

ENTRYPOINT means that the user can interrupt the flow of Dockerfile and input some params into it.

We can also overwrite ENTRYPOINT by --entrypoint in docker run


If we do not want Docker to pull images from dockerhub, we can replace image to build in docker-compose.yml so that it knows to build the image from local


Docker engine

Docker engine is composed of :

  1. Docker CLI
  3. Docker Deamon

Docker uses namespace to differentiate main system and child system



cgroups can be used to ensure the limit of CPU usages

docker run --cpus=0.5 ubuntu

docker run --memory=100m ubuntu

Docker storage

We can view docker files at /var/lib/docker

Docker uses layered architecture



In the container layer, all files are writeable, however. Files on image layers are not writable. But we can copy them into the container layer and change them, but we need to rebuild the image then.

Volume Mounting

mount a piece of memory to a named volume, different containers can share this volume

Bind mounting

mount a folder location to a folder location in the container.



  • bridge is the default network
  • none is an isolated network
  • host is a direct mapping with the host network
  • docker network create create new user-defined network
  • Docker has DNS setting so that a container name is directly mapped with the container IP!



A solution to host multiple containers at the same time.

docker service create --replicas=100 nodejs
  • Docker Swarm
  • Kubernetes
  • Mesos

本博客所有文章除特别声明外,均采用 CC BY-SA 4.0 协议 ,转载请注明出处!