I was wondering if there is any difference between
docker start <container name>
and
docker container start <container name>
I personally always use docker container start though, because that is the method that was suggested to run a stopped container. What would be the difference if I use docker start instead?
There is no difference between docker container start and docker start.
Over time, the docker cli has become more organized so that, for example, there are separate docker container inspect and docker image inspect commands. Earlier, there was a single command that would do both depending on the arguments, which could be confusing. There are a number of commands that are there for historic reasons (like docker ps, docker inspect, etc) that duplicate functionality that is now also available via subcommands of docker container, docker image, and so on.
Related
I am very new to docker , just started venturing into this. I read online about this. I came to know of the following commands of docker which is: docker run and docker service. As I understood , with docker run we are spinning a new container. However I am not clear what docker service do? Does it spin container in a Swarm?
Can anyone help understand in simple to understand?
The docker run command creates and starts a container on the local docker host.
A docker "service" is one or more containers with the same configuration running under docker's swarm mode. It's similar to docker run in that you spin up a container. The difference is that you now have orchestration. That orchestration restarts your container if it stops, finds the appropriate node to run the container on based on your constraints, scale your service up or down, allows you to use the mesh networking and a VIP to discover your service, and perform rolling updates to minimize the risk of an outage during a change to your running application.
Docker Run vs Docker service
docker run:
we can create number of containers with different images.
docker service:
we can create number of containers with same image in a single command line.
SYNTAX:
docker service create --name service-name --network network-name --replicas number-of-containers image-name
EXAMPLE:
docker service create --name service1 --network swarm-net --replicas 5 redis
Why does docker compose create containers that are only accecible from docker-compose ps and that persist after killing running container ?
It doesn't.
docker ps only shows running containers, docker-compose ps shows all containers related to the current compose file, running and stopped. docker-compose kill just force stops the container and it can be restarted with docker-compose start, it will therefore be visible when running docker-compose ps but not docker ps.
To list all containers with docker use docker ps -a. To removed stopped containers related to a compose file run docker-compose rm, if you want to stop and remove all containers, have a look at docker-compose down.
docker-compose is the software wrapper around docker and there is not full support still. You can try to read a little bit about kubernets and mesos for the comparing different clusters built on top of docker or similar container systems.
article on blog about swarm and compose
How can start a specific container created linked with my image? exec command? or another command?
And: Supposed to have more container to refer single image, what is the command to start a specific container with network?
The command docker run can start only image with network (--net=host for example), but I don't want run images, I want to run a specific container linked with my images. How can I do that?
docker exec is purely for debugging purposing.
docker run is what you want to start a container based on an image.
When you run a container, you do so based on an image and parameters like network.
Example:
docker run -itd --network=multi-host-network busybox
That being said, an existing running container can be attached to a network with the command docker network connect
docker network connect [OPTIONS] NETWORK CONTAINER
Do a docker ps to get the ID or tag of your container.
Example:
docker network connect multi-host-network container1
Regarding the difference between image and containers:
(Source: "The Modern Developer Workstation on MacOS with Docker", by Clay Smith)
I have some docker containers running on my docker environment (on a CentOS VM) which need docker inside. So I mount /var/run/docker.sock inside the containers.
Now I'm creating /etc/default/docker in which I put
DOCKER_OPTS="-H tcp://xx.xx.xx.xx:2376"
But now my question is: which IP is xx.xx.xx.xx? Is it the IP of the host or the IP of a container? + Is this the savest way to let a docker container use the socket? (=use docker in docker)
Running docker within docker is not so trivial an you might have a good reason for doing that.
The last time I was doing that, I was using dind (docker in docker) and had to mount the socket (/var/run/docker.sock) and used it in a combination with the --privileged flag. However things might have changed now (see https://github.com/docker/docker/pull/15596) and it should be able to run it without the socket mount:
docker run --privileged -d docker:dind
So be sure to check out this comprehensive guide at https://hub.docker.com/_/docker/
Working with Docker in Docker can be tricky. I would recommend using the official Docker image with the dind tag. You shouldn't need to specify the DOCKER_HOST in options as it will be correctly configured. For example running:
docker run -ti --name docker -v /var/run/docker.sock:/var/run/docker.sock --privileged docker:dind sh
Will drop you to a shell inside the container. Then if your run docker ps you should see a list of containers running on the host machine. Note the --privileged flag is required in this case as we are accessing the Docker daemon outside the container.
Hope this helps!
Dylan
Edit
Drop the --privileged flag from the above command due to security issues highlighted by Alexander in the comments. You also can drop the dind tag as its not required.
I have a setup which runs my Docker container like this.
run-docker.sh
docker build -t wordpress-gcloud
container=$(docker run -d wordpress-gcloud)
ipOfContainer=$(docker inspect "$container" | jq -r '.[0].NetworkSettings.IPAddress')
But now I have setup a Docker Swarm (1 manager + 2 workers).
How should I convert the above bash script to run the container on the swarm?
Typically, you can access your Swarm cluster via Swarm APIs, which is similar with Docker API. To access Swarm APIs, you can use -H parameter with docker commands. For example, if you have a swarm manager running on your local machine, and the port number is 3376, then you can get your swarm cluster info with:
docker -H 127.0.0.1:3376 info
You can also inspect the swarm cluster containers by:
docker -H 127.0.0.1:3376 inspect <container ID>
More details about communciate with Swarm cluster can be found here: https://docs.docker.com/swarm/install-manual/#/step-6-communicate-with-the-swarm
But in your case, I think that docker build command could be a problem. In my understanding, Swarm will find a random node from your cluster to execute this docker build process, so if the Dockerfile is not existing on the node where docker build has been executed, you will get error. My idea is to consider to build your image in a certain place, and push the image to a image registry, then pull and run the image in any place you want.