Docker: Up and Running Cover

It finally happens that I need some Docker knowledge in my workflow. I was able to get hold of Docker: Up and Running as well as Docker In Action from local libraries, and this one seems to be a shorter read.

This book covers some basics of Docker, as well as further tips on using Docker in production, including scaling, security, and debugging containers. The book, as its title reflects, covers just enough for one to get started using Docker. The key details that enables the Docker technology entirely were presented in a section as advanced topics, but is reasonable enough for a beginning such myself to understand.

Docker in a picture

I find the following picture from this DZone article best captures the docker workflow that a beginner should learn. Everything else can be looked up on the official Docker docs website, or using docker help cmd to learn on the spot. To move from a Docker beginner to intermediate, how to draft Dockerfile would be the next thing to learn.

Docker Stages

Docker enabling technologies

What also interests me is how Docker is made possible at all on different operating systems. This may fall beyond the scope of this book, but the authors gave an attempt to explain how it works under Linux.

  • Control Groups (cgroups): provide for resource limits
  • Namespaces: allow for processes to use identically named resources and isolate them from each other’s view of the system. Containers have 6 types of namespaces.
    • Mount namespaces: /home for one Docker container is different for that of another
    • UTS namespaces: “Unix Timesharing System”, give the container its own hostname and domain name
    • IPC namespaces: isolates SystemV IPC and POSIX message queue systems
    • PID namespaces: isolate process IDs for containers
    • Network namespaces: allow each container to have its own network devices, ports, etc.
    • User namespaces: allow each container to have their own users and groups, and different from the host’s
  • SELinux/AppArmor: provides strong security isolation

Quick notes

Two quick notes for people who would like to use this book as a Docker introduction.

First, the hands-on sections in the earlier chapters are a little outdated, as the copy I got is the first edition of this book. I had to Google in many a place to do things right with the current Docker offering. Now the book has the second edition available. Make sure to grab the new version when you start. (I have not read it, but hopefully the related sections are updated.)

Second, I personally chose to skip some contents in this book, as I find they might be irrelevant to me at the moment as a starter. For instance, the sections on installing Docker on different OS (official Docker docs website would always have the most up to date info), the sections on setting up AWS tool chains to use ECS (a bit too verbose content spent on this), and the sections on 12-factor app (too general and so a bit detached to Docker platform design in particular).