9 videos 📅 2024-12-16 09:00:00 Asia/Brunei
Watch Video
2:25:36
2024-12-16 09:21:57
2:03:59
2024-12-16 11:06:33
1:46:52
2024-12-16 13:50:28
1:56:02
2024-12-17 09:35:43
1:52:29
2024-12-17 09:39:32
1:51:17
2024-12-17 13:36:38
1:35:13
2024-12-18 08:59:20
23:23
2024-12-18 11:50:59
1:47:49
2024-12-18 13:41:04

Course recordings on DaDesktop for Training platform

Visit NobleProg websites for related course

Summary

Overview

This is a comprehensive three-day Docker and containerization training course designed to introduce participants to container technology, Docker fundamentals, and hands-on operations. The session covers the motivation for moving from virtual machines to containers, core concepts like Docker images, containers, registries, and Dockerfiles, and includes practical labs on installing Docker, creating and managing containers, building custom images, and exposing services via ports. The training emphasizes the DevOps workflow, microservices architecture, and cross-platform portability enabled by containers.

Topic (Timeline)

1. Environment Setup & Introduction to Containers [00:00:04 - 00:04:06]

  • Trainer guides participants through VM login verification and terminal configuration (font size adjustment via right-click or Edit > Preferences).
  • Confirms all participants have access to shared VMs and downloaded course materials (slides, lab guides) from a provided link.
  • Participants are instructed to unzip the downloaded folder containing container-related content and open the presentation (no password required).
  • Introduces the training scope: Docker, containers, image management, orchestration, security, and monitoring over three days.
  • Explains the shift from VMs to containers: VMs require full guest OS, leading to high resource usage, slow startup, and platform dependency; containers are lightweight, share the host OS kernel, and eliminate these overheads.

2. Containers vs. VMs, Microservices, and Docker Origins [00:04:06 - 00:18:47]

  • Contrasts monolithic applications (tightly coupled services) with microservices (loosely coupled, single-service containers).
  • Uses Amazon.com as an example: monolithic architecture risks full system failure if one service fails; microservices isolate failures.
  • Introduces Docker as a platform for managing containers, drawing analogy to shipping containers: standardized, robust, platform-agnostic units for transporting workloads.
  • Explains Docker’s origin from the shipping industry: “Docker” = the company/yard managing containers; “Docker guy” = the operator.
  • Clarifies Docker Engine as the core platform for managing any workload (app, database, analytics) via a client-server architecture.

3. Docker Architecture, Registry, and DevOps Workflow [00:18:47 - 00:23:17]

  • Describes Docker’s client-server model: Docker CLI (client) sends commands to Docker Daemon (server) via REST API.
  • Introduces Docker objects: images, containers, volumes, networks.
  • Explains Docker Hub as the default public registry for storing and sharing container images.
  • Outlines DevOps workflow: Developer pulls base image (e.g., Apache), creates/changes container, commits changes, pushes new image to Docker Hub; Tester pulls and runs same image for testing.
  • Emphasizes “build once, run anywhere” principle: same container image runs on x86, ARM, cloud platforms (AWS, Azure, GCP) without modification.
  • Highlights resource efficiency: containers use dynamic allocation via Linux cgroups, unlike VMs with pre-allocated resources.

4. Linux Kernel Internals: Namespaces, cgroups, and Security [00:23:17 - 00:27:03]

  • Explains how containers achieve isolation and security using Linux kernel features:
    • Namespaces: Isolate processes, network, filesystem, users — each container runs in its own namespace.
    • cgroups: Control and limit resource usage (CPU, memory, I/O) dynamically per container.
    • SELinux: Provides advanced mandatory access control for security hardening.
  • Clarifies containers are not VMs: they run directly on the host OS kernel, not a hypervisor.
  • Notes container IDs map to process IDs (PIDs) on the host; each container’s namespace contains only its own processes.

5. Container Benefits, Windows Support, and Alternatives [00:27:03 - 00:34:03]

  • Summarizes container advantages: lightweight, fast startup, portable, secure, and ideal for microservices.
  • Notes Docker supports Windows containers, but Linux is primary and better supported.
  • Mentions container use cases: DevOps pipelines, CI/CD, testing, data warehousing, serverless.
  • Introduces container runtimes beyond Docker: containerd (used by Kubernetes), Rocket.
  • Notes Docker was created in 2013 and has evolved significantly; containerd is now the default runtime in modern Kubernetes.

6. Docker Installation, Docker Desktop, and Licensing [00:34:03 - 00:37:42]

  • Guides installation on Linux (apt for Ubuntu, yum for RHEL), macOS, and Windows via Docker Desktop.
  • Explains Docker Desktop requires virtualization enabled in BIOS.
  • Details Docker subscription tiers:
    • Personal (Free): Limited public repos, no GUI, CLI only.
    • Pro: Unlimited public repos, 1 private repo, Docker Desktop GUI.
    • Team: Unlimited private repos, GUI, SSO, team management.
    • Business: Advanced features, vulnerability scanning, CI/CD integration, enterprise support.

7. Docker Components: Client, Daemon, Registry, and Images [00:37:42 - 00:43:17]

  • Explains Docker architecture: client (CLI), daemon (dockerd), and registry (Docker Hub).
  • Demonstrates docker pull nginx — downloads read-only image from Docker Hub to local storage (/var/lib/docker).
  • Describes image layers: each Dockerfile instruction creates a read-only layer; layers are stacked to form the final image.
  • Introduces Dockerfile: text file with instructions (FROM, RUN, COPY, CMD, EXPOSE) to build custom images.
  • Explains docker build command: reads Dockerfile in current directory (.) to create a new image.

8. Docker Hub, Registries, and CI/CD Integration [00:43:17 - 00:58:19]

  • Navigates Docker Hub UI: explores official, verified, and community images; filters by platform, tags, and downloads.
  • Explains image tags: latest (default), versioned (e.g., nginx:1.25).
  • Describes Docker Hub repositories: public/private, with webhooks and CI/CD integration (e.g., GitHub triggers builds on push).
  • Introduces CI/CD: Continuous Integration (automated build/test on code push) and Continuous Delivery (automated deployment).
  • Lists key Docker commands: pull, images, run, ps, exec, inspect, commit, tag, push, login.

9. Hands-On Lab 1: Installing Docker and Basic Commands [00:59:12 - 01:00:55]

  • Instructs participants to SSH into provided VMs (using key file and IP from ~/student/vm_details).
  • Guides installation on Ubuntu: sudo su, apt update, apt install docker.io, systemctl enable docker, docker --version.
  • Demonstrates core commands: docker, docker info, docker images, docker ps, docker ps -a, docker login.

10. Hands-On Lab 2: Creating and Managing Containers [01:12:55 - 01:48:04]

  • Pulls nginx:latest image using docker pull nginx.
  • Runs container in detached mode: docker run -d -p 80:80 nginx.
  • Lists running containers: docker ps.
  • Logs into container: docker exec -it <container_id> bash.
  • Explores container filesystem: finds /var/www/html/index.html.
  • Installs vim editor: apt update && apt install vim.
  • Edits index.html using vim (press i to edit, Esc then :wq to save).
  • Exits container with Ctrl+P+Q (not exit).
  • Stops container: docker stop <container_id>.
  • Starts container: docker start <container_id> — confirms file persistence.
  • Commits container changes to new image: docker commit <container_id> img01.
  • Tags image for push: docker tag img01 <username>/img01:latest.
  • Pushes to Docker Hub: docker push <username>/img01:latest (requires docker login first).
  • Demonstrates pulling and running a teammate’s image.

11. Hands-On Lab 3: Building Custom Images with Dockerfile [01:50:11 - 02:04:35]

  • Creates directory project1 and Dockerfile with content: 
    FROM nginx:latest
COPY index.html /var/www/html/
EXPOSE 80
  • Builds image: docker build -t img02 .
  • Confirms image creation with docker images.
  • Attempts to run container with port mapping: docker run -d -p 80:80 img02
  • Encounters port blocking issue: VM security group blocks HTTP (port 80) traffic.
  • Trainer works with backend team to update security group to allow all traffic (temporary workaround).
  • Confirms access via curl <public_ip> and browser — displays custom index.html content.

12. Advanced Container Manipulation and Troubleshooting [02:04:35 - 02:23:26]

  • Trainer demonstrates modifying a running container’s content: docker exec -it <id> bash, edit index.html in /var/www/html.
  • Troubleshoots container startup failure on one VM: identifies misconfigured port mapping and stopped containers.
  • Uses docker ps -a to list all containers, docker start <id> to restart, docker logs <id> to debug.
  • Reinstalls Docker on problematic VM: apt remove docker.io, apt install docker.io to reset environment.
  • Confirms successful container creation and web access after fix.

13. Final Review, Breaks, and Q&A [02:23:26 - 02:25:35]

  • Confirms all participants can view the custom web page via browser and curl.
  • Reviews key concepts: containers as isolated, portable units; Docker as the platform; Dockerfile for reproducible builds.
  • Answers final questions on container security, orchestration (Kubernetes), and real-world use cases.
  • Concludes session with confirmation of understanding and next steps for labs.

Appendix

Key Principles

  • Containers are not VMs: Share host OS kernel; no hypervisor or guest OS.
  • Immutable Images: Images are read-only; changes are made in containers and committed to new images.
  • Layered Filesystem: Docker uses overlayfs to stack read-only image layers with a writable container layer.
  • “Build Once, Run Anywhere”: Container image runs identically across Linux, cloud, and on-prem environments.
  • Microservices Alignment: One service per container enables scalability, independent deployment, and fault isolation.

Tools Used

  • Docker Engine: Core platform for managing containers.
  • Docker Hub: Public registry for sharing images.
  • Docker Desktop: GUI for local development on macOS/Windows.
  • Linux Kernel Features: Namespaces, cgroups, SELinux for isolation and resource control.
  • CLI Commands: docker pull, run, ps, exec, build, commit, tag, push, inspect.
  • Text Editor: vim for editing files inside containers.

Common Pitfalls

  • Port Blocking: Cloud VM security groups must allow inbound traffic on exposed ports (e.g., 80).
  • Incorrect Dockerfile Syntax: Missing . in docker build -t name . or wrong file path in COPY.
  • Container Not Starting: Caused by port conflicts, missing dependencies, or incorrect CMD/ENTRYPOINT.
  • Using exit to Leave Container: Use Ctrl+P+Q to detach; exit stops the container.
  • Wrong Image Tag: Pushing to latest without versioning can overwrite production images.

Practice Suggestions

  • Replicate Lab 2: Pull, run, edit, commit, tag, and push an image to Docker Hub.
  • Create a custom Dockerfile for a Python Flask app or Node.js server.
  • Use docker inspect <container> to explore network, mount, and config details.
  • Try docker run -it ubuntu:22.04 bash to explore a minimal Linux environment.
  • Set up a local CI/CD pipeline using GitHub Actions to auto-build and push Docker images on code push.