Containerization using docker

Why Containerization?

Containerization revolutionizes the development and deployment of applications, providing a streamlined and secure process for developers. Unlike traditional methods that often result in bugs and errors when code is transferred across different computing environments, containerization addresses this challenge by encapsulating the application code along with its configuration files, libraries, and dependencies into a single, self-contained unit known as a “container.” This container is abstracted from the host operating system, ensuring portability across diverse platforms or cloud environments without encountering compatibility issues. When assessing the usability of an application, the ease of seamless transition between machines with varying environments becomes a crucial factor. Docker, among other tools, exemplifies the power of containerization, offering a solution that extends beyond the initial perceptions associated with this innovative technology.

Containerizing software:

Docker, though widely recognized, is not the sole avenue for container creation; various alternatives with their unique merits and drawbacks exist. In 2016, Kubernetes, a preeminent tool for managing extensive container deployments, introduced the Container Runtime Interface (CRI). This interface empowers developers to fashion their container runtimes, tailoring features to suit their project requirements. CRI-O, runc, and Firecracker by AWS exemplify CRI-compliant container runtimes. A notable concern with the Docker Engine lies in the default execution of most containers as the root superuser, posing security challenges as applications within containers can potentially breach their confines and access host data. In response, Red Hat developed Podman, a container platform prioritizing robust security. Containers spawned by Podman can operate rootless, entirely bypassing root user mapping. Moreover, Podman supports the concurrent execution of multiple applications within containers, employing established “init” systems like Systemd. Despite Docker incorporating some of Podman’s security features, many still choose Podman for running highly secure workloads.  

Why Docker?

Docker proves invaluable in application development and deployment with a myriad of benefits. Its prowess lies in efficiently caching a cluster of containers, optimizing resource utilization through flexible sharing, and achieving scalability by accommodating numerous containers on a single host, thus leveraging cost-effective hardware. Rapid deployment, ease in creating new instances, and seamless migrations characterize Docker, fostering a dynamic and responsive development environment. The containerization approach simplifies the movement and maintenance of applications, ensuring consistency across diverse environments. Moreover, Docker enhances security by restricting access to the code within containers, resulting in fewer software dependencies and a reduced attack surface. In essence, Docker offers a comprehensive solution, combining efficient caching, flexible resource management, scalability, cost-effectiveness, agility in deployment, ease of migration, simplified maintenance, and heightened security measures for a streamlined and resilient application development and deployment process.

Why Layers?

Docker operates on a layered structure, where each library or specification is added as a distinct layer and cached. This architecture proves advantageous during updates, as modifying a specific layer suffices instead of rebuilding the entire image. This approach significantly saves time, reduces complexity, and conserves resources required for the rebuilding process. By leveraging this layered system, Docker optimizes the development workflow, enabling more efficient and resource-conscious updates to containers without the need for extensive rebuilding from scratch.

What to do and what not to do while writing a Dockerfile?

Steps:

1. Choose a Base Image

2. Set the working directory

3. Copy application code

4. Install dependencies

5. Expose ports(if necessary)

6. Define the environment variable that might be needed during runtime

7. Specify the command that will be executed when a container is started

Rules:

· Each instruction in the Dockerfile creates a layer in the image. Consider the order of instructions to optimize caching and minimize image size.

· Avoid installing unnecessary packages or creating large intermediate layers to keep the image size small.

· Use multi-stage builds if applicable to reduce the final image size.

· Clean up unnecessary files and dependencies within the Dockerfile to minimize the image footprint.

Everything about docker-compose:

Docker Compose stands out as a versatile tool, adept at orchestrating the intricacies of multi-container Docker applications via YAML configuration. Within the configuration file, each service aligns with a container, encompassing crucial attributes such as image, environment variables, ports, and volumes. The automatic establishment of a default network facilitates seamless communication between containers, employing service names as hostnames. Additionally, it offers straightforward scaling capabilities, allowing users to specify the desired number of replicas for their services.

Commands that came to my rescue:

1. To check docker memory:

sudo du -sh /var/lib/docker

2.Delete everything from docker(images, containers, volumes,etc):

docker system prune -af

3.Mount a directory from local(windows or MacOS) to wsl:

sudo mount -t drvfs ‘<local_directory_path>’ ‘<mount_point_in_wsl>’

4.Stop a container:

docker stop <container_name_or_id>

5. Delete a container:

docker rm <container_name_or_id>

6. Delete image:

docker rmi <image_name_or_id>

7. Start a container that is stopped:

docker start <container_name_or_id>

8.View all containers and images:

docker ps -a (or) docker ls -a