8.2 KiB
8.2 KiB
theme, background, title, info, class, drawings, transition, mdc
| theme | background | title | info | class | drawings | transition | mdc | ||
|---|---|---|---|---|---|---|---|---|---|
| seriph | https://cover.sli.dev | Welcome to Slidev | ## Slidev Starter Template Presentation slides for developers. Learn more at [Sli.dev](https://sli.dev) | text-center |
|
slide-left | true |
Demystifying Docker
Mike Conrad - SCS 2025
Press Space for next page
transition: fade-out layout: center
Why Containers?
- "It works on my machine" is a thing of the past
- Containers are lightweight and portable
- Boot in milliseconds
- Ideal for reproducible dev environments
transition: fade-out layout: center
Containers vs Virtual Machines
| Feature | VM | Container |
|---|---|---|
| Boot time | Minutes | Seconds |
| Resource usage | Heavy | Lightweight |
| Isolation | Strong | Process-level |
| Portability | Medium | Very High |
In reality we use containers and vm's together. Containers run inside of VM's for better security and isolation, especially in cloud and multi tenant environments.
transition: fade-out layout: center
What is Docker?
- A tool to build and run containers
- Docker engine runs containers using Linux features:
- Namespaces
- cgroups
- Union file systems
- Uses images layered from base -> app code
transition: fade-out layout: center
Docker Architecture
Docker Engine (Server) <-- REST API --> Docker CLI (Client)
[https://docs.docker.com/get-started/docker-overview/]
transition: fade-out layout: center
Docker Under the Hood
- Namespaces: isolate PID, net, mount, etc.
- cgroups: control CPU, memory, IO
- UnionFS: layered filesystem (OverlayFS)
transition: fade-out layout: center
Bind/Volume Mounts
- 2 most common storage mechanisms
- Different use cases and security implications
transition: fade-out layout: center
Bind Mounts
- Mounting files/directories from the host machine directly into a container (merged overlayfs layer).
- Processes inside container can modify files on host system.
- Bind mounts are strongly tied to the host
- Best for things like dev containers where you need to mount source code into container and have hot reload, etc.
Bind Mount Example
$ docker run --mount type=bind,src=/home/mikeconrad/projects/example/app,dst=/app,ro # ro for ReadOnly
$ docker run --volume /home/mikeconrad/projects/example/app:dst=/app
transition: fade-out layout: center
Volume Mount Example
$ docker run --name postgrestest \
--mount type=volume,src=postgresData,dst=/var/lib/postgresql/data \
-e POSTGRES_PASSWORD=postgres \
--rm postgres:16
$ docker run --name postgrestest \
--volume postgresData:/var/lib/postgresql/data \
-e POSTGRES_PASSWORD=postgres \
--rm postgres:16
$ docker volume inspect postgresData
[
{
"CreatedAt": "2025-06-08T10:39:12-04:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/postgresData/_data",
"Name": "postgresData",
"Options": null,
"Scope": "local"
}
]
- Docker creates a volume named postgresData and mounts that directory inside the container.
transition: fade-out layout: center
Volume mounts
- Created and managed by the Docker Daemon
- Volume data is stored on host filesystem but managed by Docker.
- Used for persistent data.
transition: fade-out layout: center
Anatomy of a Dockerfile
FROM node:22-slim
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3000
CMD ["npm", "start"]
- Starts with a base image
- Copy files and install deps
- Set default command
$ docker build -t node-app .
transition: fade-out layout: center
Multi Stage builds
# Stage 1 - Define Base image
FROM node:22-alpine AS base
# Stage 2 Install dependencies
FROM base AS install-deps
WORKDIR /app
COPY package*.json /app/
RUN yarn
# Stage 3 Development
FROM install-deps AS develop
WORKDIR /app
COPY --from=install-deps /app/node_modules /app/node_modules
COPY . .
ENTRYPOINT ["yarn", "dev", "--host=0.0.0.0"]
EXPOSE 5173
$ docker build -t react .
$ docker run --rm -P react
transition: fade-out layout: center
What is Docker Compose?
- Define multi-container apps in one file
- Great for local dev and staging (and production!)
transition: fade-out layout: center
Q/A
transition: fade-out layout: center
Resources
- Slide Deck (including examples)
- DocketProxy (Docker socket proxy)
- SlimToolkit (Optimize and secure containers)
VSCode plugins
https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-docker https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-containers