Get started with Docker on your local machine and progress towards deploying useful applications in production with this simplified, practical guide
Key Features
Get a working understanding of Docker containers by incorporating them in your development process
Complete interesting exercises to learn how to secure and control access of your containers
Work with advanced features of Docker to make your development process smoother and reliable
Book Description
No doubt Docker Containers are the future of highly-scalable software systems and have cost and runtime efficient supporting infrastructure. But learning it might look complex as it comes with many technicalities. This is where The Docker Workshop will help you.
Through this workshop, you'll quickly learn how to work with containers and Docker with the help of practical activities.
The workshop starts with Docker containers, enabling you to understand how it works. You'll run third party Docker images and also create your own images using Dockerfiles and multi-stage Dockerfiles. Next, you'll create environments for Docker images, and expedite your deployment and testing process with Continuous Integration. Moving ahead, you'll tap into interesting topics and learn how to implement production-ready environments using Docker Swarm. You'll also apply best practices to secure Docker images and to ensure that production environments are running at maximum capacity. Towards the end, you'll gather skills to successfully move Docker from development to testing, and then into production. While doing so, you'll learn how to troubleshoot issues, clear up resource bottlenecks and optimize the performance of services.
By the end of this workshop, you'll be able to utilize Docker containers in real-world use cases.
What you will learn
Get a solid understanding of how Docker containers work
Network Docker images and environments to allow communication between services
Build and publish docker images from a CI/CD pipeline
Use Docker Swarm to implement production-ready environments
Find out how to replace Swarm with Kubernetes clusters
Extend your Docker images with Plugins
Who this book is for
This is the right learning asset if you are a developer or a beginner who wants to get a practical understanding of Docker containers. If you have experienced in running command shells or knowledge of IntelliJ, atom, or VSCode editors, then you will grasp the topics covered here quickly.
Author(s): Vincent Sesto et al.
Publisher: Packt Publishing
Year: 2020
Language: English
Pages: 792
Cover
FM
Copyright
Table of Contents
Preface
Chapter 1: Running My First Docker Container
Introduction
Advantages of Using Docker
Docker Engine
Running Docker Containers
Exercise 1.01: Running the hello-world Container
Managing Docker Containers
Exercise 1.02: Managing Container Life Cycles
Attaching to Containers Using the attach Command
Exercise 1.03: Attaching to an Ubuntu Container
Activity 1.01: Pulling and Running the PostgreSQL Container Image from Docker Hub
Activity 1.02: Accessing the Panoramic Trekking App Database
Summary
Chapter 2: Getting Started with Dockerfiles
Introduction
What Is a Dockerfile?
Common Directives in Dockerfiles
The FROM Directive
The LABEL Directive
The RUN Directive
The CMD Directive
The ENTRYPOINT Directive
Exercise 2.01: Creating Our First Dockerfile
Building Docker Images
Exercise 2.02: Creating Our First Docker Image
Other Dockerfile Directives
The ENV Directive
The ARG Directive
Exercise 2.03: Using ENV and ARG Directives in a Dockerfile
The WORKDIR Directive
The COPY Directive
The ADD Directive
Exercise 2.04: Using the WORKDIR, COPY, and ADD Directives in the Dockerfile
The USER Directive
Exercise 2.05: Using USER Directive in the Dockerfile
The VOLUME Directive
Exercise 2.06: Using VOLUME Directive in the Dockerfile
The EXPOSE Directive
The HEALTHCHECK Directive
Exercise 2.07: Using EXPOSE and HEALTHCHECK Directives in the Dockerfile
The ONBUILD Directive
Exercise 2.08: Using ONBUILD Directive in the Dockerfile
Activity 2.01: Running a PHP Application on a Docker Container
Summary
Chapter 3: Managing Your Docker Images
Introduction
Docker Layers and Caching
Exercise 3.01: Working with Docker Image Layers
Exercise 3.02: Increasing Build Speed and Reducing Layers
Creating Base Docker Images
Exercise 3.03: Creating Your Base Docker Images
The Scratch Image
Exercise 3.04: Using the Scratch Image
Docker Image Naming and Tagging
Exercise 3.05: Tagging Docker Images
Using the latest Tag in Docker
Exercise 3.06: Issues When Using latest
Docker Image Tagging Policies
Exercise 3.07: Automating Your Image Tagging
Storing and Publishing Your Docker Images
Exercise 3.08: Transporting Docker Images Manually
Storing and Deleting Docker Images in Docker Hub
Exercise 3.09: Storing Docker Images in Docker Hub and Deleting the Repository
The Docker Registry
Exercise 3.10: Creating a Local Docker Registry
Activity 3.01: Build Scripts Using Git Hash Versioning
Activity 3.02: Configuring Your Local Docker Registry Storage
Summary
Chapter 4: Multi-Stage Dockerfiles
Introduction
Normal Docker Builds
Exercise 4.01: Building a Docker Image with the Normal Build Process
What Is the Builder Pattern?
Exercise 4.02: Building a Docker Image with the Builder Pattern
Introduction to Multi-Stage Dockerfiles
Exercise 4.03: Building a Docker Image with a Multi-Stage Docker Build
Dockerfile Best Practices
Using an Appropriate Parent Image
Using a Non-Root User for Better Security
Using dockerignore
Minimizing Layers
Don't Install Unnecessary Tools
Activity 4.01: Deploying a Golang HTTP Server with a Multi-Stage Docker Build
Summary
Chapter 5: Composing Environments with Docker Compose
Introduction
Docker Compose CLI
Installing Docker Compose CLI in Linux
Docker Compose CLI Commands
Docker Compose File
Exercise 5.01: Getting Started with Docker Compose
Configuration of Services
Exercise 5.02: Configuring Services with Docker Compose
Service Dependency
Exercise 5.03: Service Dependency with Docker Compose
Activity 5.01: Installing WordPress Using Docker Compose
Activity 5.02: Installing the Panoramic Trekking App Using Docker Compose
Summary
Chapter 6: Introduction to Docker Networking
Introduction
Exercise 6.01: Hands-On with Docker Networking
Native Docker DNS
Exercise 6.02: Working with Docker DNS
Native Docker Network Drivers
Exercise 6.03: Exploring Docker Networks
Docker Overlay Networking
Exercise 6.04: Defining Overlay Networks
Non-Native Docker Networks
Exercise 6.05: Installing and Configuring the Weave Net Docker Network Driver
Activity 6.01: Leveraging Docker Network Drivers
Activity 6.02: Overlay Networking in Action
Summary
Chapter 7: Docker Storage
Introduction
The Container Life Cycle
Exercise 7.01: Transitioning through the Common States for a Docker Container
Exercise 7.02: Checking the Container Size on Disk
Stateful versus Stateless Containers/Services
Exercise 7.03: Creating and Scaling a Stateless Service, NGINX
Exercise 7.04: Deploying a Stateful Service, MySQL
Docker Volumes and Stateful Persistence
Exercise 7.05: Managing a Volume outside the Container's Scope and Mounting It to the Container
Exercise 7.06: Managing a Volume within the Container's Scope
Exercise 7.07: Running a PostgreSQL Container with a Volume
Exercise 7.08: Running a PostgreSQL Container without a Volume
Miscellaneous Useful Docker Commands
Persistent and Ephemeral Volumes
Exercise 7.09: Sharing Volumes between Containers
Volumes versus Filesystem and Images
Exercise 7.10: Saving a File on a Volume and Committing It to a New Image
Exercise 7.11: Saving a File in the New Image Filesystem
Activity 7.01: Storing Container Event (State) Data on a PostgreSQL Database
Activity 7.02: Sharing NGINX Log Files with the Host
Summary
Chapter 8: CI/CD Pipeline
Introduction
What Is CI/CD?
Exercise 8.01: Installing Jenkins as a Container
Integrating GitHub and Jenkins
Exercise 8.02: Uploading the Code to GitHub
Exercise 8.03: Integrating GitHub and Jenkins
Integrating Jenkins and Docker Hub
Exercise 8.04: Integrating Jenkins and Docker Hub
Activity 8.01: Utilizing Jenkins and SonarQube
Activity 8.02: Utilizing Jenkins and SonarQube in the Panoramic Trekking Application
Summary
Chapter 9: Docker Swarm
Introduction
How Docker Swarm Works?
Working with Docker Swarm
Exercise 9.01: Running Services with Docker Swarm
Troubleshooting Swarm Nodes
Deploying Swarm Deployments from Docker Compose
Swarm Service Rolling Updates
Exercise 9.02: Deploying Your Swarm from Docker Compose
Managing Secrets and Configurations with Docker Swarm
Exercise 9.03: Implementing Configurations and Secrets in Your Swarm
Managing Swarm with Swarmpit
Exercise 9.04: Installing Swarmpit and Managing Your Stacks
Activity 9.01: Deploying the Panoramic Trekking App to a Single-Node Docker Swarm
Activity 9.02: Performing an Update to the App While the Swarm Is Running
Summary
Chapter 10: Kubernetes
Introduction
Kubernetes Design
Exercise 10.01: Starting a Local Kubernetes Cluster
The Kubernetes API and Access
Exercise 10.02: Accessing Kubernetes Clusters with kubectl
Kubernetes Resources
Pods
Deployments
Statefulsets
Services
Ingress
Horizontal Pod Autoscaling
RBAC Authorization
Exercise 10.03: Kubernetes Resources in Action
Kubernetes Package Manager: Helm
Exercise 10.04: Installing the MySQL Helm Chart
Activity 10.01: Installing the Panoramic Trekking App on Kubernetes
Summary
Chapter 11: Docker Security
Introduction
Privileged and Root User Access in Containers
Exercise 11.01: Running Containers as the Root User
Runtime Privileges and Linux Capabilities
Signing and Verifying Docker Images
Exercise 11.02: Signing Docker Images and Utilizing DCT on Your System
Docker Image Security Scans
Scanning Images Locally Using Anchore Security Scan
Exercise 11.03: Getting Started with Anchore Image Scanning
Utilizing SaaS Security Scans with Snyk
Exercise 11.04: Setting up a Snyk Security Scan
Using Container Security Profiles
Implementing AppArmor Security Profiles on Your Images
Exercise 11.05: Getting Started with AppArmor Security Profiles
seccomp for Linux Containers
Exercise 11.06: Getting Started with seccomp
Activity 11.01: Setting up a seccomp Profile for the Panoramic Trekking App
Activity 11.02: Scanning Your Panoramic Trekking App Images for Vulnerabilities
Summary
Chapter 12: Best Practices
Introduction
Working with Container Resources
Managing Container CPU Resources
Exercise 12.01: Understanding CPU Resources on Your Docker Image
Managing Container Memory Resources
Exercise 12.02: Analyzing Memory Resources on Your Docker Image
Managing the Container Disk's Read and Write Resources
Exercise 12.03: Understanding Disk Read and Write
Container Resources and Docker Compose
Best Practices in Docker
Running One Service per Container
Base Images
Installing Applications and Languages
Running Commands and Performing Tasks
Containers Need to Be Immutable and Stateless
Designing Applications to Be Highly Available and Scalable
Images and Containers Need to Be Tagged Appropriately
Configurations and Secrets
Making Your Images Minimal and Small
Enforcing Docker Best Practices in Your Code
Using Docker Linter for Your Images
Exercise 12.04: Linting Your Dockerfiles
Exercise 12.05: Validating Your docker-compose.yml File
Activity 12.01: Viewing the Resources Used by the Panoramic Trekking App
Activity 12.02: Using hadolint to Improve the Best Practices on Dockerfiles
Summary
Chapter 13: Monitoring Docker Metrics
Introduction
Monitoring Environment Metrics with Prometheus
Exercise 13.01: Installing and Running Prometheus
Monitoring Docker Containers with Prometheus
Exercise 13.02: Collecting Docker Metrics with Prometheus
Understanding the Prometheus Query Language
Counter
Gauges
Histograms
Summaries
Performing PromQL Queries
Exercise 13.03: Working with the PromQL Query Language
Using Prometheus Exporters
Exercise 13.04: Using Metrics Exporters with Your Applications
Extending Prometheus with Grafana
Exercise 13.05: Installing and Running Grafana on Your System
Activity 13.01: Creating a Grafana Dashboard to Monitor System Memory
Activity 13.02: Configuring the Panoramic Trekking App to Expose Metrics to Prometheus
Summary
Chapter 14: Collecting Container Logs
Introduction
Introducing Splunk
Basic Architecture of Splunk Installation
Installing and Running Splunk on Docker
Exercise 14.01: Running the Splunk Container and Starting to Collect Data
Getting Container Logs into Splunk
Exercise 14.02: Creating an HTTP Event Collector and Starting to Collect Docker Logs
Working with the Splunk Query Language
Exercise 14.03: Getting Familiar with the Splunk Query Language
Splunk App and Saved Searches
Exercise 14.04: Getting Familiar with Splunk Apps and Saved Searches
Activity 14.01: Creating a docker-compose.yml File for Your Splunk Installation
Activity 14.02: Creating a Splunk App to Monitor the Panoramic Trekking App
Summary
Chapter 15: Extending Docker with Plugins
Introduction
Plugin Management
Plugin API
Authorization Plugins
Exercise 15.01: Read-Only Docker Daemon with Authorization Plugins
Network Plugins
Exercise 15.02: Docker Network Plugins in Action
Volume Plugins
Exercise 15.03: Volume Plugins in Action
Activity 15.01: Installing WordPress with Network and Volume Plugins
Summary
Appendix
Index