Docker is the most widely used container platform today. But what is Docker, and what do you need to know about it? How can Docker help you manage your IT infrastructure? Can it help you lower costs and improve uptime?
This post will cover what Docker is, what it’s suitable for, and what it’s not so good for. Then we’ll show you how to quickly get started using it.
What Is Docker?
Docker is a container platform. To explain Docker, we first need to discuss containers. Containers bundle application code with operating system (OS) libraries into a runnable package. This means the application can run on any system that supports the container format, even if it runs on an entirely different operating system.
Let’s consider an example. A PostgreSQL container could contain the Linux version of the database server combined with the runtime libraries for Debian Linux. This container runs on any computer—referred to as the “host”—that supports the container, including macOS, Windows, or a different Linux distribution, such as CentOS.
For developers, containers simplify app delivery. Instead of supporting multiple operating systems and versions, you provide a container that works almost anywhere.
For infrastructure operators, containers simplify running applications. You don’t have to manage multiple operating systems or versions, either. Your systems only need to support the container runtime. You can commingle applications that require different operating systems on the same host.
Containers allow you to run various applications on the same host, even if they require different operating systems or conflicting library versions. As a result, you can use your infrastructure more efficiently.
Docker: A Container Platform
Docker is an open-source containerization system. Although you can package your applications into containers without it, Docker makes creating, distributing, and running containerized applications simple. It supports Linux, macOS, and Windows, as well as the major cloud platforms.
Docker has tools for creating, distributing, starting, and stopping containers. The containers can share network resources with the host or run with their virtual network visible only to other containers, or both. Docker also has robust tools for managing how containers communicate and scale together.
Containers Are Not Virtual Machines
While containers are a way for applications to share system resources, they’re not virtual machines (VMs). A VM is a computer within a computer. It runs a discrete copy of an operating system, and an application running in a VM “sees” virtualized disks, network adaptors, and video cards. While it may still be sharing a host with other virtual machines, it’s more isolated than an application in a container.
Containers run a single application. If you need to run more than one app, you need to run more than one container, or you need a virtual machine. The containers share a single host operating system. Docker’s host operating system uses a Linux kernel (even when it’s running on other platforms) to share system resources between containers.
Why Use Docker?
We’ve already covered how containers make it easier to package, distribute, and run applications. But those are not the only advantages containers provide.
By isolating applications and their dependencies inside a container, you also separate them from each other. Docker containers can only access the resources you specify when you run them. They are isolated from their host systems’ file system and network by default.
This isolation gives you an extra level of protection from application and OS library vulnerabilities. If an attacker compromises a container, they’ve only gained access to the resources the container can see.
Docker containers use fewer resources than a VM. So, in theory, you can run more containerized applications on a host system than you can on virtual machines.
Containers also start much faster than virtual machines. A virtual machine must create the virtualized system, boot the operating system, and run your application. Containers only run their contained application. This makes containers useful for applications that use microservices you need to start and stop quickly to adjust to system demand.
Why Not Use Docker?
Containers are isolated, but they’re not as isolated as VMs. Depending on the isolation level you need, containers might not be adequate. Containers offer an extra layer of security, while virtual machines are completely isolated from each other.
The ability to quickly stop and start containers makes them well-suited for applications that need to scale up and down based on demand. Many microservice and serverless architectures use Docker.
Docker is also useful for supporting applications with special needs, like older operating systems or libraries that conflict with other applications. Instead of keeping a new host for one application, you run it in a container.
Getting Started With Docker
You can get started with Docker on your desktop system in just a few minutes. Simply select the correct operating system to download Docker. Docker has a helpful guide with everything you need to know to get started using Docker.
After you’ve downloaded Docker to your system, the getting started guide demonstrates how easy it is to create a new web server with Docker.
Use the command
$ docker run -d -p 80:80 docker/getting-started to download the docker/getting-started image from Docker Hub and start it in a container. NOTE: An image is a package, and the container is the program running on your system.
When you navigate to https://127.0.0.1, you’ll see the main page of the new web server this container created.
Let’s try another docker command before we move on to some troubleshooting.
$ docker run --rm -it ubuntu
bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@9f0f108a9215:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 18:22 pts/0 00:00:00 bash
root 10 1 0 18:22 pts/0 00:00:00 ps -ef
This time we ran an image named ubuntu. It’s an Ubuntu runtime you can use as a starting point for a Linux-based container. The –it command tells Docker to redirect the container’s input and output to the current terminal, so as soon as the container is started, we’re dropped into the shell that controls the container.
The ps command demonstrated how the only process running in the container is the shell we’re in. It spawned the ps command when we typed it.
Common Docker Problems
Service Port Conflicts
The first command in the getting started guide maps TCP service port 80 in the container to the same port on the host system. The first number after -p is the host; the second is the container.
$ docker run -d -p 80:80 docker/getting-started
What if there was already a web server running on the host system?
$ docker run -d -p 80:80 docker/getting-started
docker: Error response from daemon: driver failed programming external connectivity on endpoint compassionate_liskov (e434df0a2fc24aad1516474f9d3461fe7ad66f6e47977f34e11f5cc4a3d068aa): Bind for 0.0.0.0:80 failed: port is already allocated.
The container will fail to start since the port is already in use. Failing to map a port, or mapping it incorrectly, is one of the most common problems with Docker containers.
We can fix this problem by using a different port.
$ docker run -d -p 8080:80 docker/getting-started
This maps the container’s port to 8080 on the host.
Docker containers log to the local Docker daemon. You can see them with the docker logs <container name> command. SolarWinds® Papertrail™ has a complete tutorial on working with Docker logs and a logging guide here.
Local logs are difficult to work with though, and you’re better off routing them to a central location.
Papertrail and Docker
When you aggregate your Docker logs, you combine the efficiency and scalability of containers with the advantages of centralized observability. You can search the logs, tail them from the central console, provide access to your team, and generate charts and analytics from log data.
Papertrail offers several ways to aggregate your container logs, including the logspout container, by plugging right into your container infrastructure. See how simple it is to integrate Papertrail here.
Docker and You
In this post, we covered what Docker is and how it can help you use your infrastructure more efficiently. We also touched on when containers might not be a good fit. Then we took a brief look at how to get started with Docker by looking at a pair of examples. Finally, we discussed how SolarWinds Papertrail can help manage your container infrastructure.
This post was written by Eric Goebelbecker. Eric has worked in the financial markets in New York City for 25 years, developing infrastructure for market data and financial information exchange (FIX) protocol networks. He loves to talk about what makes teams effective (or not so effective).