11 KiB
11 KiB
theme, background, title, info, class, drawings, transition, mdc
| theme | background | title | info | class | drawings | transition | mdc | ||
|---|---|---|---|---|---|---|---|---|---|
| seriph | https://cover.sli.dev | Demystifying Docker - SCS 2025 | ## The basics of containerization and beyond by Mike Conrad Scenic City Summit 2025 Learn more at [Hackanooga](https://hackanooga.com/scs) | text-center |
|
slide-left | true |
Demystifying Docker
Mike Conrad - SCS 2025
Follow along
Includes slide deck, and repo with examples
Connect with me on LinkedIn: https://linkedin.com/enxoco
Connect with me on LinkedIn: https://linkedin.com/enxoco
transition: fade-out layout: statement background: ./images/pexels-markusspiske-1089438.jpg
The 3 universal constants in programming
1) The speed of light
2) "It's more complicated than you think"
3) "It works on my machine"
Source: Some random guy on the internet
transition: fade-out layout: center
transition: fade-out layout: image-right image: ./images/pexels-markusspiske-1089438.jpg
Who is this for?
About you
- Some experience with Docker/containers
- Familiarity with Linux/BASH/zsh, etc
- Want to better understand how containers work
- Want to learn new techniques for automation
transition: fade-out layout: image-left image: ./images/pexels-joshsorenson-1714208.jpg
Follow Along
Visit the link to check out the sample Git repository.
Example Repo - https://hackanooga.com/scs
Prerequisites
-
Docker Engine (Linux) or Docker Desktop (Windows/MacOS)
-
VSCode
-
Git
-
yarn, npm or pnpm (for viewing slides)
VSCode plugins
transition: fade-out layout: center
How we use containers
- PR builds (Preview Environments).
Allows us to
- Test changes in isolated environments
- Simplify complex dev environment setups
- (frontend/backend services, databases, object storage, etc)
transition: fade-out layout: center
Containers vs Virtual Machines
| Feature | VMs | Containers |
|---|---|---|
| Boot time | Minutes | Seconds |
| Resource usage | Heavy | Lightweight |
| Isolation | Strong | Process-level |
| Portability | Medium | Very High |
| Operating System | Needs full OS install | Uses host OS/kernel features |
| In reality we use containers and vm's together. Containers run inside of VM's for better security and isolation, especially in cloud and multi tenant environments. |
transition: fade-out layout: center
What is Docker?
- A tool to build and run containers
- Written in GO
- Uses Client/Server model with REST API (
docker clianddockerd) - Eco system of tools (Compose, Swarm, etc)
- Public Image Registry (Dockerhub)
- Docker client typically runs on same machine as server but doesn't have to
- Uses Linux kernal features like:
- Namespaces
- cgroups
- Union file systems
- Containers are just processes
transition: fade-out layout: center
Docker Architecture
Docker CLI (Client) <-- REST API --> Docker Engine (Server)
[https://docs.docker.com/get-started/docker-overview/]
transition: fade-out layout: center
Docker Under the Hood
- Namespaces: isolate PID, net, mount, etc.
- cgroups: control CPU, memory, IO
- UnionFS: layered filesystem (OverlayFS)
transition: fade-out layout: two-cols-header
Bind/Volume Mounts
2 most common storage mechanisms
Different use cases and security implications
- Created/managed by user.
- Files from host mounted directly into container.
- Container processes can modify files on host system.
- Strongly tied to the host.
- Best for things like dev containers.
::right::
Volume mounts
- Created/managed by Docker Daemon.
- Data is stored on host filesystem.
- Used for persistent data.
transition: fade-out layout: center image: 'https://unsplash.com/collections/oGE7TYSLt3I/software-development equal: false left: false
Bind Mount Example
$ docker run --mount type=bind,src=/home/mikeconrad/projects/example/app,dst=/app,ro nginx # ro for ReadOnly
$ docker run --volume /home/mikeconrad/projects/example/app:/app nginx
transition: fade-out layout: center
Volume Mount Example
$ docker run --name postgrestest \
--mount type=volume,src=postgresData,dst=/var/lib/postgresql/data \
-e POSTGRES_PASSWORD=postgres \
--rm postgres:16
$ docker run --name postgrestest \
--volume postgresData:/var/lib/postgresql/data \
-e POSTGRES_PASSWORD=postgres \
--rm postgres:16
$ docker volume inspect postgresData
[
{
"CreatedAt": "2025-06-08T10:39:12-04:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/postgresData/_data",
"Name": "postgresData",
"Options": null,
"Scope": "local"
}
]
- Docker creates a volume named postgresData and mounts that directory inside the container.
transition: fade-out layout: center
Anatomy of a Dockerfile
FROM node:22-slim
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3000
CMD ["npm", "start"]
mikeconrad@pop-os:~/projects/demystifying-docker/examples/react
$ docker build -t react-app .
- Starts with a base image
- Copy files and install deps
- Set default command
transition: fade-out layout: center
Multi Stage builds
# Stage 1 - Define Base image
FROM node:22-alpine AS base
# Stage 2 Install dependencies
FROM base AS install-deps
WORKDIR /app
COPY package*.json /app/
RUN yarn
# Stage 3 Development
FROM install-deps AS develop
WORKDIR /app
COPY . .
ENTRYPOINT ["yarn", "dev", "--host=0.0.0.0"]
EXPOSE 5173
$ docker build -t react .
$ docker run --rm -p 5173:5173 react
transition: fade-out layout: center
What is Docker Compose?
- Define multi-container apps in one file
- Great for local dev and staging (and production!)
- Glue together multiple services with networking
transition: fade-out layout: center
Q/A
transition: fade-out layout: center
Resources
- Slide Deck (including examples)
- DocketProxy (Docker socket proxy)
- SlimToolkit (Optimize and secure containers)