You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

This tutorial is about working with IMAS in an isolated environment (containers), which you can instantiate anytime, copy and reuse with little effort on different machines. After this tutorial you will gain knowledge of:

  • different virtualization paradigms,
  • using Docker tool to instantiate and manage containers,
  • working with IMAS running in a container.

1. Virtualization and Containerization

Virtualization is a process of simulating some logical resources (CPU, memory, storage). Usually, this term refers to running whole operating systems (often multiple at once) on the same set of physical resources. This provides two major benefits. First of all, the computing/storage power of the physical resources is usually better utilized by multiple workloads coming from different virtual operating systems. Second, virtualization provides the benefit of isolating whole environment from the host and from other guest systems. This elevates security and makes it easier to maintain quality services running in dedicated environments. Furthermore, as virtualization becomes more and more popular, standardized approaches begin to appear, which improves interoperability and ease of use.

A related technique of deploying isolated environments is called containerization. In this approach, the host operating system encapsulates an application and its own environment. Note, that containers do not emulate the full operating system stack with hardware drivers, but rather it reuses what host OS provides. This makes containers much more lightweight, quick to instantiate and introducing less overhead. At the same time, the benefits of virtualization are still there. The same physical resources can host multiple running containers, each being isolated from the rest with their own dedicated environments and settings.

2. Docker

Docker is the most popular project related with containerization. It established technical details of container image format, of the Dockerfile (a recipe on how to create an image) and of the Docker tool to manage images and running containers. It also made it possible to arrange multiple containers in a well-defined network to cooperate to reach a common goal. Currently, Docker has several alternatives, but majority of them support Docker formats and mimic Docker tool behavior as it became a de facto standard.

2.1. Installation

Please follow the steps from official documentation:

2.2. Images

All running containers start from some base image. You can find lots of open source images at Docker Hub including basic OSes (ubuntu, centos), popular database engines (postgres, mysql) and others. 

  • To download an image from Docker Hub, use: docker pull <image-name>
  • To list available images, use: docker images
  • To remove image, use: docker rmi <image-name>

2.3. Containers

  • To run a container, use: docker run <image-name> <command>
  • To list containers, use: docker ps
  • To copy a file from/into a running container, use: docker cp <file-1> <file-2>
  • To execute a command in a running container, use: docker exec <container-id> <command>
  • To remove container, use: docker rm <container-id>

Flags

Each command supports additional flags passed along the main arguments. Please make sure to check docker help <command> for more information.

The most often used flags are:

  • --name for docker run to specify friendly name for the container
  • -i, --interactive and -t, --tty for docker run and docker exec when you want to work in an interactive shell inside of the container

2.4. Exercises

2.4.1. Checking /etc/os-release of different containers

  1. (Almost) Every Linux OS has a file named /etc/os-release with some information about the platform
  2. To see that the containers have indeed their own isolated environments, check the output of docker run <image-name> cat /etc/os-release for a few different image names: ubuntu, debian, postgres, mysql, alpine
  3. In Docker Hub, each image is actually a combination of name and tag separated by colon. Check again the contents of /etc/os-release for: ubuntu:xenial, ubuntu:bionic, centos:7, centos:8

2.4.2. Working interactively in a container

  1. Run a new container with an interactive session: docker run -it ubuntu /bin/bash
  2. You are now logged as root, update APT cache: apt update
  3. Install fortune and cowsay: apt install -y fortune cowsay
  4. Run a few times: /usr/games/cowsay $(/usr/games/fortune)

2.4.3. Running a service in a container

  1. Create a new directory on your computer: mkdir /tmp/docker-exercise
  2. Add some HTML content, for example: echo '<img src="https://picsum.photos/200"/>' > /tmp/docker-exercise/index.html
  3. Run a container with --publish flag to forward network traffic from host's 8080 port to container's 80 port: docker run --volume /tmp/docker-exercise/:/usr/local/apache2/htdocs/ --publish 8080:80 httpd:2.4
  4. Open in a web browser: http://localhost:8080

Absolute path

Note, that flag --volume of docker run requires that given paths are absolute, not relative.


3. IMAS image

  • No labels