Tmp2
tmp2
Docker and State Management
Environment Variables
Containerized applications must avoid maintaining configuration in filesystem files - if they do, it limits the reusability of the container. A common pattern used to handle application configuration is to move configuration state into environment variables that can be passed to the application from the container. Docker supports environment variables natively, they are stored in the metadata that makes up a container configuration, and restarting the container will ensure the same configuration is passed to the application each time.
Storing Files
Storing state into the container's filesystem will not perform well. The space is extremely limited and the state will not be preserved across the container lifecycle.
Application State
The best use case for Docker is an application that can store state in a centralized location that could be accessed regardless of which host the container runs on.
Image
A container image is a read-only template consisting of one or more filesystem layers and metadata describing its needs and capabilities. Together they represent all the files required to run an application - the container image encapsulates all the dependencies of an application and configuration, and it can be deployed on any environment that has support for running containers. The same bundle can be assembled, tested and shipped to production without any change. Container images are a packaging technology.
The image is produced by the build command, as the sole artifact of the build process. When an image needs to be rebuilt, every single layer after the first introduced change will need to be rebuilt. Each image has a tag.
Docker defines its own DSL (Domain Specific Language) for creating Docker images.
Layer
Layered Image
Each set of new changes made during the container build process is laid in top of previous changes. In general, each individual build step used to create the image corresponds to one filesystem layer. Each layer is identified by an unique long hexadecimal number named hash. The hash is usually shortened to 12 digits. If a shared image is updated, all containers that use it must be re-created.
The layers are version controlled.
Image Registry
- Docker Registry https://docs.docker.com/registry/
A Docker registry is a service that is storing Docker images and metadata about those images. Examples:
The local Docker instance is configured with a number of registry it accesses, which can be listed with docker info:
docker info ... Registry: https://registry.access.redhat.com/v1/ Insecure Registries: 172.30.0.0/16 127.0.0.0/8 Registries: registry.access.redhat.com (secure), registry.access.redhat.com (secure), docker.io (secure)
TODO: how is a docker instance configured with specific registries?
Image Repository
A Docker repository is a collection of different Docker images with same name, that have different tags.
Local Image Repository
Docker caches images downloaded from remote repositories locally. The content of the local repository can be queried with docker images. Images can be removed from the local repository with docker rmi.
Tag
Tag is alphanumeric identifier of the images within a repository. It is a form of Docker revision control. Tags are needed because application develop over time, and a single image name can actually refer to many different versions of the same image.
An image is uniquely identified by its hash and possibly by one or several tags.
Union Filesystem
Docker uses a union filesystem to combine all layers within an image into a single coherent filesystem.
Docker Image DSL
Docker defines its own Domain Specific Language (DSL) for creating Docker images.