---
# You can also start simply with 'default'
theme: seriph
# random image from a curated Unsplash collection by Anthony
# like them? see https://unsplash.com/collections/94734566/slidev
background: https://cover.sli.dev
# some information about your slides (markdown enabled)
title: Welcome to Slidev
info: |
  ## Slidev Starter Template
  Presentation slides for developers.

  Learn more at [Sli.dev](https://sli.dev)
# apply unocss classes to the current slide
class: text-center
# https://sli.dev/features/drawing
drawings:
  persist: false
# slide transition: https://sli.dev/guide/animations.html#slide-transitions
transition: slide-left
# enable MDC Syntax: https://sli.dev/features/mdc
mdc: true
# open graph
# seoMeta:
#  ogImage: https://cover.sli.dev
---

# Demystifying Docker

A beginners guide to containerization and beyond

<div @click="$slidev.nav.next" class="mt-12 py-1" hover:bg="white op-10">
  Press Space for next page <carbon:arrow-right />
</div>

<div class="abs-br m-6 text-xl">
  <button @click="$slidev.nav.openInEditor()" title="Open in Editor" class="slidev-icon-btn">
    <carbon:edit />
  </button>
  <a href="https://github.com/slidevjs/slidev" target="_blank" class="slidev-icon-btn">
    <carbon:logo-github />
  </a>
</div>

<!--
The last comment block of each slide will be treated as slide notes. It will be visible and editable in Presenter Mode along with the slide. [Read more in the docs](https://sli.dev/guide/syntax.html#notes)
-->

---
transition: fade-out
---

# Who am I?

Mike Conrad: Software engineer with 10+ years experience.  Started out in Networking and IT, transitioned into Development to solve real world problems.  Experience with various frameworks, frontend/backend technologies.  Cloud, Kubernetes, Docker, etc.

Started working with containers around 7 years ago.
## 2 Truths and a lie
<v-click>
- I have 4 cats, 4 chickens, 2 goats, 2 kids, a wife and a dog
<br>
</v-click>
<v-click>
- I work in a restaurant part time on the weekends
<br>
</v-click>
<v-click>
- I was in hardcore/punk bands in my early 20's
<br>
</v-click>

<!--
You can have `style` tag in markdown to override the style for the current page.
Learn more: https://sli.dev/features/slide-scope-style
-->

<style>
h1 {
  background-color: #2B90B6;
  background-image: linear-gradient(45deg, #4EC5D4 10%, #146b8c 20%);
  background-size: 100%;
  -webkit-background-clip: text;
  -moz-background-clip: text;
  -webkit-text-fill-color: transparent;
  -moz-text-fill-color: transparent;
}
</style>

<!--
Here is another comment.
-->

---
transition: slide-up
layout: quote
level: 2
---

# What is a container?

<v-click>
  > A method for packaging and securely running an application within an application virtualization environment. Also known as an application container or a server application container. [NIST](https://csrc.nist.gov/glossary/term/container)
</v-click>
<p style="background:white;height:20px;"></p>
<v-click>
  > A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings. [Docker](https://www.docker.com/resources/what-container/)
</v-click>

---
layout: two-cols
layoutClass: gap-16
---

# Problems?

- 📝 **It works on my machine?!?!** - Code behaves differently in dev, testing, and production due to differences in environment (OS, dependencies, configurations).
- 🎨 **Dependency conflicts** - Different applications require conflicting versions of the same dependency (e.g., Python 2 vs 3, different Node versions).
- 🧑‍💻 **Slow and error-prone deployments** - Traditional deployments involve manual steps or configuration drift between environments.

::right::
# Solutions

- Containers package the application and its dependencies in a consistent, isolated environment, ensuring it behaves the same everywhere.
- Containers isolate applications and their dependencies from each other and the host system, preventing conflicts.
- Containers provide predictable, repeatable, and scriptable deployments through container images.
---
transition: slide-right
layout: two-cols
layoutClass: gap-16
---

# Problems?

- 📝 **Inefficient resource usage in virtual machines (VMs)** - VMs have high overhead due to running full operating systems, leading to inefficiency.
- 🎨 **Difficult scalability and orchestration** - Scaling applications manually is hard and error-prone.
- 🧑‍💻 **Inconsistent development workflows** - devs all have different setups, leading to inconsistent builds and bugs.

::right::
# Solutions

- Containers share the host OS kernel and are more lightweight, enabling faster startup and denser packing of applications.
- Containers integrate well with orchestrators (like Kubernetes), enabling automated scaling, rolling updates, and fault tolerance.
- Containers standardize development environments using tools like Docker Compose or dev containers.


---
transition: fade-out
layout: two-cols-header
title: Differences between VM and Container?
---

# Differences between VM and Containers?

::left::
## Virtual Machine
- Virtualizes hardware
- Runs a full guest OS (e.g., Linux or Windows)
- Heavier: includes the OS, libraries, and application
- Slow to start, uses more resources

**Example**: Running Ubuntu with Apache inside a VM on a Windows host

::right:: 

## Container
- Virtualizes at the OS level
- Shares the host OS kernel
- Isolates *only the application and its dependencies*
- Lightweight: faster startup, lower resource use

**Example:** Running a Node.js app in a container using the host's Linux kernel


---
transition: fade-out
---

# Containers vs VM

---
transition: fade-out
---


# How do they work?


## Containers are just processes

If you don't take anything else away from this talk, I hope you walk away with a better understanding of this fundamental.  As far as the OS is concerned, a container is just another process/set of processes to the operating system.

<br />
<br />
<br />
<br />
<br />
<br />
<br />

---
transition: fade-out
---

# Container runtimes vs. container engines
> While a container runtime is responsible for running containers, a container engine is a broader system that manages even more of the life cycle of containers, including image distribution, container orchestration, and runtime management. 

> One common misconception is that Docker and container runtimes are the same. While Docker Engine includes a container runtime, it also offers a suite of tools for building, shipping, and running containerized applications, making it much more than just a runtime. [source wiz.io](https://www.wiz.io/academy/container-runtimes)


---
transition: fade-out
---

# Docker: Runtime or engine?!?
Docker Engine uses containerd for managing the container lifecycle, which includes creating, starting, and stopping containers. By default, containerd uses runc as its container runtime.

<br/>

## Wait, aren't they all runtimes?  If docker engine uses containerd and containerd uses runc, whats the deal?

<br >
<small><em>**Chatgpt generated content below</em></small>

### 🔧 High-Level Definitions

- Runtime = Low-level component that actually creates and runs containers.

- Engine = Higher-level component that manages the full container lifecycle (build, run, network, volume, etc.) and talks to the runtime.

---
transition: fade-out
---

# Breakdown

Docker CLI & Docker API rely on Docker Engine under the hood
-> Docker Engine is an engine (High level functionality like managing networking, images, registries, etc)
-> Docker Engine relies on `containerd` runtime to manage lifecyle of containers
-> `containerd` uses `runc` as the runtime to run containers

## Super clear?!
The `engine` is the higher level component responsible for orchestration and lifecycle management.

The `runtime` is a component responsible for the low level process execution/isolation.
---
transition: fade-out
---

# Popular Runtimes

## - [containerd](https://containerd.io/): An industry-standard container runtime with an emphasis on simplicity, robustness and portability.  <span style="font-size:12px;font-style:italic;">CNCF Graduated Project.  Default runtime used by Docker Engine.  By default, containerd uses runc as its container runtime.</span>
## -[cri-o](https://cri-o.io/): Lightweight container runtime for Kubernetes.  <span style="font-size:12px;font-style:italic;"> CNCF Graduated Project</span>
## - [runc](https://github.com/opencontainers/runc): CLI tool for spawning and running containers on Linux according to the OCI specification.  <span style="font-size:12px;font-style:italic;">Open Container Initiative</span>

---
transition: fade-out
---

# What is Docker Desktop?
Docker Desktop is an integrated container development environment for Windows and macOS. It's a packaged product that includes several components:

| Component                      | Description                                                                 |
| ------------------------------ | --------------------------------------------------------------------------- |
| **Docker Engine**              | The actual engine that runs and manages containers.                         |
| **containerd** + **runc**      | The container runtime stack used by Docker Engine.                          |
| **VM (e.g. `docker-desktop`)** | On macOS and Windows, Linux containers need to run inside a lightweight VM. |
| **Docker CLI**                 | Command-line tool to interact with Docker Engine.                           |
| **Docker Compose**             | Tool for defining and running multi-container apps.                         |
| **GUI**                        | Visual interface for managing containers, volumes, settings, etc.           |
| **Kubernetes** (optional)      | Comes with optional single-node K8s cluster for testing.                    |
| **Networking components**      | Manages host-to-VM and container networking.                                |

---
transition: fade-out
---

# Alternatives to Docker
- Podman
- Firecracker - AWS
- LXC/LXD - Canonical (Ubuntu)
- Buildah - Redhat
---
transition: fade-out
layout: two-cols-header
---
# Let's get started

::left::
## Windows/Mac
Install Docker Desktop from: https://docs.docker.com/desktop/

::right::
## Linux
Find installation instructions for Docker Engine here: https://docs.docker.com/engine/install/ubuntu/

---
transition: fade-out
---
# Running our first container

## First run the container

We are running an nginx webserver container in daemon (background mode).  We are forwarding connections from localhost:8088 to port 80 *inside* the container.  This is the default port that nginx is running on.
````md magic-move
```shell
$ docker run --rm -p 8088:80 --name nginx-container -d nginx:alpine
```
```shell
$ docker run --rm -p 8088:80 --name nginx-container -d nginx:alpine
cd4302edce965beb95fdb9ecb19ff7432758f1e505d792e368fd401ea9abab65
```
```shell
$ docker container ps
```
```shell
$ docker container ps
CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS          PORTS                                     NAMES
cd4302edce96   nginx:alpine   "/docker-entrypoint.…"   15 seconds ago   Up 14 seconds   0.0.0.0:8088->80/tcp, [::]:8088->80/tcp   nginx-container
```
````

# Now run docker container ps to list running containers


<br />
---
transition: fade-out
---

## View the logs for our container
````md magic-move

```shell
$ docker container logs --follow nginx-container 
```


```shell
$ docker container logs --follow nginx-container 
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2025/04/30 23:02:32 [notice] 1#1: using the "epoll" event method
2025/04/30 23:02:32 [notice] 1#1: nginx/1.27.5
2025/04/30 23:02:32 [notice] 1#1: built by gcc 14.2.0 (Alpine 14.2.0) 
2025/04/30 23:02:32 [notice] 1#1: OS: Linux 6.12.10-76061203-generic
2025/04/30 23:02:32 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1024:524288
2025/04/30 23:02:32 [notice] 1#1: start worker processes
2025/04/30 23:02:32 [notice] 1#1: start worker process 30
2025/04/30 23:02:32 [notice] 1#1: start worker process 31
2025/04/30 23:02:32 [notice] 1#1: start worker process 32
2025/04/30 23:02:32 [notice] 1#1: start worker process 33
2025/04/30 23:02:32 [notice] 1#1: start worker process 34
2025/04/30 23:02:32 [notice] 1#1: start worker process 35
2025/04/30 23:02:32 [notice] 1#1: start worker process 36
2025/04/30 23:02:32 [notice] 1#1: start worker process 37

```
````

---
transition: fade-out
---

## Interacting with our container

Now let's try interacting with the Nginx server.  By default it should serve a default page.

````md magic-move

```shell
# Hitting Ctrl+Z on Linux will put our logs process into the background

$ ^Z
```
```shell
$ ^Z

[1]+  Stopped                 docker container logs --follow nginx-container
```
```shell
# Now send a curl request to localhost:8080.  This should be forwarded to port 80 in our container
$ curl localhost:8088
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
```
````
---
transition:fade-out
---

## Topics
- `docker events`
- `docker exec`
- `docker logs`
- `docker container logs --filter name=[regexmatch]`
- ENTRYPOINT vs CMD in Dockerfile
- Multistage Dockerfile
- Layer caching
- Networking between containers and with host
- Containers are just processes
  - Debugging containers by attaching to namespaces
- Docker compose
- Example of frontend/backend/database/proxy
- EnvironmentPerPr
- Docker swarm
- Setting up logging properly
- Tagging images
- Security
- Optimizing images
- What are containers?
- What is Docker (set of tooling to make things easier)
- Difference between runtimes
-  git clone https://github.com/docker/getting-started-todo-app