{"id":3466,"date":"2017-10-01T09:57:19","date_gmt":"2017-10-01T09:57:19","guid":{"rendered":"https:\/\/cloudkul.com\/blog\/?p=3466"},"modified":"2019-06-18T11:19:08","modified_gmt":"2019-06-18T11:19:08","slug":"understanding-docker-images-and-containers","status":"publish","type":"post","link":"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/","title":{"rendered":"Docker Images and Containers: Points to Remember"},"content":{"rendered":"<p><a href=\"https:\/\/cloudkul.com\/blog\/wp-content\/uploads\/2015\/11\/Docker-Container-Linking.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-117\" src=\"https:\/\/cloudkul.com\/blog\/wp-content\/uploads\/2015\/11\/Docker-Container-Linking.png\" alt=\"\" width=\"825\" height=\"260\" \/><\/a>It&#8217;s been days since my last blog and I have been thinking of topics that we can cover in my later writings. I thought of exploring more on other distributed system available around us. Somehow I decided to stick with the docker for a while. In this blog, we will dig a little deeper. As we often rush towards building up our applications and miss copious details that one should have considered.\u00a0We will begin with basic but important terms:<em><strong> Docker Images and Containers.<\/strong><\/em><\/p>\n<p>Let us just say for a while that <em><strong>Images are nothing but compiled form of source code that were mentioned in Dockerfile.<\/strong><\/em> Images can be build from scratch using Dockerfile, even the base images. Images can be optimised to a good length by keeping best practices for writing Dockerfile. There are some other things as well that should be kept in my while working around docker images and containers. I would like to quote some of them:<\/p>\n<p>&nbsp;<\/p>\n<h2><strong>Build It Properly:-<\/strong><\/h2>\n<p>&nbsp;<\/p>\n<ul>\n<li>Images are built on multiple layers. Each layers represents the <strong>RUN<\/strong> command instruction that was run inside the Dockerfile.\u00a0As it is very obvious to say that <em><strong>Docker images should be as small as possible. <\/strong><\/em>One point that is\u00a0 noteworthy is to not run any unnecessary commands while building images.\u00a0<strong><em>In order to keep the number of layers to a minimum, any file manipulation like moving, extracting, removing, etc, should ideally be made under a single RUN instruction.<\/em><\/strong><\/li>\n<li>Layers in Image are <em><strong>read-only layers.<\/strong><\/em> It can shared by other images and containers. As whenever you pull an image using<strong> docker pull<\/strong> command, some of the layers can be copied from the existing images. <strong><em>When a container is launched, an additional writable non-shareable layer is created on the top read-only image layers.<\/em><\/strong> As these layers are writable layers and contents on these layers are volatile so we should not store data inside Docker containers. <em><strong>For storage purposes, we should use Docker Volumes.<\/strong><\/em><\/li>\n<li>Avoid building images from Docker containers using <strong>docker commit<\/strong> command. To understand this, we should know that<em><strong> a container filesystem works on Copy-On-Write (COW) technique. <\/strong><\/em>It\u00a0allows it to share resources with images and other containers.<\/li>\n<li>Writing or modifying on existing file or package is done by storage drivers. Process may vary from driver-to-driver as mentioned below<br \/>\n<blockquote><p><em><strong>When a file in a container is modified that is different from the image it&#8217;s launched, a copy-on-write event takes place. <\/strong><\/em><\/p>\n<p><em><strong>File is searched in the read-only image layers from top to bottom and it gets copied on the container writable layer. <\/strong><\/em><\/p>\n<p><em><strong>Then file gets modified and container now fetch the file from top layers. Every modification in container creates an extra unnecessary layer which consume disk space and when this container is committed, we get a giant image.<\/strong><\/em><\/p><\/blockquote>\n<p>&nbsp;<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<h2><strong>Use It Efficiently:-<\/strong><\/h2>\n<p>&nbsp;<\/p>\n<ul>\n<li>Docker allows to latch a <strong>Tag<\/strong> with your Docker image name which should be used very carefully. Never ever use Latest tag with your Images<em><strong>.<\/strong><\/em> As if you provide no tag, images will take Latest tag by default. It could lead to disasters that are nearly unrecoverable as your images might get mixed.\u00a0Use tags efficiently<em><strong> as a tool for version control that can be easy to remember and manage.<\/strong><\/em><\/li>\n<li>Docker community keep saying to run one process per container.<em><strong>\u00a0<\/strong><\/em>But <em><strong>sometimes our applications could have different requirements that would not allow to package different processes in different container.<\/strong><\/em> Multiple processes can be run inside a running container using <em><strong>Supervisor, proper Entrypoint techniques etc.<\/strong><\/em> Also keep in my mind that docker are build to <em><strong>log multiple process properly<\/strong><\/em> so we will need to create proper logging mechanism for these processes.<\/li>\n<li>It is good practice to <em><strong>pass credentials as arguments while building instead of hard-coding these credentials<\/strong><\/em>. Credentials are needed to changed from time to time. So hard coding them isn&#8217;t the best way to go.<\/li>\n<li>Docker provides root access directly to any user that enters the running container. It is fine working around developing and testing environments. But for production servers, that might not be the good idea as one may think it is. Docker policies on security keeps improving and updating but <em><strong>we still have to try to use non-root user accessing our files or data inside the docker container.<\/strong><\/em><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>There are other points as well that one might consider while dockerizing their applications. Above mentioned points, however, are good enough to kickstart your docker application in a optimised manner.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It&#8217;s been days since my last blog and I have been thinking of topics that <a class=\"text-primary\" title=\"read more\" href=\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/\">[&#8230;]<\/a><\/p>\n","protected":false},"author":7,"featured_media":3505,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[32,2,35,86,1],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Docker Images and Containers: Points to Remember - Cloudkul<\/title>\n<meta name=\"description\" content=\"Let us just say for a while that Docker Images are nothing but compiled form of source code that were mentioned in Dockerfile. Images can be build from scratch use Dockerfile, even the base images. Images can be optimised to a good length by keeping best practices for writing Dockerfile. There are some other things as well that should be kept in my while working around docker images and containers. I would like to quote some of them:\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Docker Images and Containers: Points to Remember - Cloudkul\" \/>\n<meta property=\"og:description\" content=\"Let us just say for a while that Docker Images are nothing but compiled form of source code that were mentioned in Dockerfile. Images can be build from scratch use Dockerfile, even the base images. Images can be optimised to a good length by keeping best practices for writing Dockerfile. There are some other things as well that should be kept in my while working around docker images and containers. I would like to quote some of them:\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/\" \/>\n<meta property=\"og:site_name\" content=\"Cloudkul\" \/>\n<meta property=\"article:published_time\" content=\"2017-10-01T09:57:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-06-18T11:19:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cloudkul.com\/blog\/wp-content\/uploads\/2017\/10\/download-5.png\" \/>\n\t<meta property=\"og:image:width\" content=\"848\" \/>\n\t<meta property=\"og:image:height\" content=\"422\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Alankrit Srivastava\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/\",\"url\":\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/\",\"name\":\"Docker Images and Containers: Points to Remember - Cloudkul\",\"isPartOf\":{\"@id\":\"https:\/\/cloudkul.com\/blog\/#website\"},\"datePublished\":\"2017-10-01T09:57:19+00:00\",\"dateModified\":\"2019-06-18T11:19:08+00:00\",\"author\":{\"@id\":\"https:\/\/cloudkul.com\/blog\/#\/schema\/person\/fc06bfd7f18d9a606dd94062d205af16\"},\"description\":\"Let us just say for a while that Docker Images are nothing but compiled form of source code that were mentioned in Dockerfile. Images can be build from scratch use Dockerfile, even the base images. Images can be optimised to a good length by keeping best practices for writing Dockerfile. There are some other things as well that should be kept in my while working around docker images and containers. I would like to quote some of them:\",\"breadcrumb\":{\"@id\":\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/cloudkul.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Docker Images and Containers: Points to Remember\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cloudkul.com\/blog\/#website\",\"url\":\"https:\/\/cloudkul.com\/blog\/\",\"name\":\"Cloudkul\",\"description\":\"Host your eCommerce Store on AWS with Optimized Performance\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cloudkul.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/cloudkul.com\/blog\/#\/schema\/person\/fc06bfd7f18d9a606dd94062d205af16\",\"name\":\"Alankrit Srivastava\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cloudkul.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/955c3dda2678272c436c5153832e401f?s=96&d=https%3A%2F%2Fs.gravatar.com%2Favatar%2F6148c37469011bc2f8e491ca8f5de495%3Fs%3D80&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/955c3dda2678272c436c5153832e401f?s=96&d=https%3A%2F%2Fs.gravatar.com%2Favatar%2F6148c37469011bc2f8e491ca8f5de495%3Fs%3D80&r=g\",\"caption\":\"Alankrit Srivastava\"},\"description\":\"DevOps Manager at Webkul Software Privated Limited\",\"sameAs\":[\"http:\/\/cloudkul.com\"],\"url\":\"https:\/\/cloudkul.com\/blog\/author\/alankrit-srivastava256\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Docker Images and Containers: Points to Remember - Cloudkul","description":"Let us just say for a while that Docker Images are nothing but compiled form of source code that were mentioned in Dockerfile. Images can be build from scratch use Dockerfile, even the base images. Images can be optimised to a good length by keeping best practices for writing Dockerfile. There are some other things as well that should be kept in my while working around docker images and containers. I would like to quote some of them:","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/","og_locale":"en_US","og_type":"article","og_title":"Docker Images and Containers: Points to Remember - Cloudkul","og_description":"Let us just say for a while that Docker Images are nothing but compiled form of source code that were mentioned in Dockerfile. Images can be build from scratch use Dockerfile, even the base images. Images can be optimised to a good length by keeping best practices for writing Dockerfile. There are some other things as well that should be kept in my while working around docker images and containers. I would like to quote some of them:","og_url":"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/","og_site_name":"Cloudkul","article_published_time":"2017-10-01T09:57:19+00:00","article_modified_time":"2019-06-18T11:19:08+00:00","og_image":[{"width":848,"height":422,"url":"https:\/\/cloudkul.com\/blog\/wp-content\/uploads\/2017\/10\/download-5.png","type":"image\/png"}],"author":"Alankrit Srivastava","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/","url":"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/","name":"Docker Images and Containers: Points to Remember - Cloudkul","isPartOf":{"@id":"https:\/\/cloudkul.com\/blog\/#website"},"datePublished":"2017-10-01T09:57:19+00:00","dateModified":"2019-06-18T11:19:08+00:00","author":{"@id":"https:\/\/cloudkul.com\/blog\/#\/schema\/person\/fc06bfd7f18d9a606dd94062d205af16"},"description":"Let us just say for a while that Docker Images are nothing but compiled form of source code that were mentioned in Dockerfile. Images can be build from scratch use Dockerfile, even the base images. Images can be optimised to a good length by keeping best practices for writing Dockerfile. There are some other things as well that should be kept in my while working around docker images and containers. I would like to quote some of them:","breadcrumb":{"@id":"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/cloudkul.com\/blog\/understanding-docker-images-and-containers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cloudkul.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Docker Images and Containers: Points to Remember"}]},{"@type":"WebSite","@id":"https:\/\/cloudkul.com\/blog\/#website","url":"https:\/\/cloudkul.com\/blog\/","name":"Cloudkul","description":"Host your eCommerce Store on AWS with Optimized Performance","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cloudkul.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/cloudkul.com\/blog\/#\/schema\/person\/fc06bfd7f18d9a606dd94062d205af16","name":"Alankrit Srivastava","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cloudkul.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/955c3dda2678272c436c5153832e401f?s=96&d=https%3A%2F%2Fs.gravatar.com%2Favatar%2F6148c37469011bc2f8e491ca8f5de495%3Fs%3D80&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/955c3dda2678272c436c5153832e401f?s=96&d=https%3A%2F%2Fs.gravatar.com%2Favatar%2F6148c37469011bc2f8e491ca8f5de495%3Fs%3D80&r=g","caption":"Alankrit Srivastava"},"description":"DevOps Manager at Webkul Software Privated Limited","sameAs":["http:\/\/cloudkul.com"],"url":"https:\/\/cloudkul.com\/blog\/author\/alankrit-srivastava256\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/posts\/3466"}],"collection":[{"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/comments?post=3466"}],"version-history":[{"count":38,"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/posts\/3466\/revisions"}],"predecessor-version":[{"id":4126,"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/posts\/3466\/revisions\/4126"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/media\/3505"}],"wp:attachment":[{"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/media?parent=3466"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/categories?post=3466"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudkul.com\/blog\/wp-json\/wp\/v2\/tags?post=3466"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}