Docker Getting Started Guide: Quickly Containerize Your Application
Docker Getting Started Guide: Quickly Containerize Your Application
Docker has become an indispensable part of modern software development and deployment. Despite the overwhelming discussions around Kubernetes, Docker remains the tool of choice for many companies to build, test, and deploy applications. This article will quickly get you started with Docker, understand its core concepts, and provide a practical example to help you get started containerizing your application.
Docker Core Concepts
Before you start practicing, it is essential to understand some of Docker's core concepts:
-
Image: An image is a read-only template that contains everything needed to run an application: code, runtime environment, system tools, libraries, and dependencies. Similar to virtual machine images, but more lightweight.
-
Container: A container is a running instance created from an image. It is a runtime instance of an image, containing the application and all its dependencies. Containers are isolated from each other and have their own file system, processes, and network space.
-
Docker Hub: Docker Hub is a public image repository where you can download pre-built images or upload your own images. Similar to GitHub, but specifically for Docker images.
-
Dockerfile: A Dockerfile is a text file that contains all the instructions for building a Docker image. By writing a Dockerfile, you can automate the image creation process.
-
Docker Compose: Docker Compose is a tool for defining and running multi-container Docker applications. It allows you to configure application services using YAML files and then start or stop all services with a single command.
Docker Installation
First, you need to install Docker. Docker provides installation packages for various operating systems. Visit Docker Official Website and follow the instructions accordingly.
After installation, you can verify that Docker is installed correctly by running the docker --version command.
Containerize a Simple Python Application
We will create a simple Python application and containerize it using Docker.
1. Create a Python Application
Create a file named app.py containing the following code:
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello, Docker!"
if __name__ == "__main__":
app.run(debug=True, host='0.0.0.0')
This simple Flask application will return "Hello, Docker!" on the root path /.
2. Create requirements.txt File
The application depends on the Flask library, and we need to create a requirements.txt file to declare these dependencies.
Flask
3. Create Dockerfile
Create a file named Dockerfile and add the following content:
# Use the official Python image as the base image
FROM python:3.9-slim-buster
# Set the working directory
WORKDIR /app
# Copy the requirements.txt file to the working directory
COPY requirements.txt .
# Install dependencies
RUN pip install --no-cache-dir -r requirements.txt
# Copy the application code to the working directory
COPY app.py .
# Expose port 5000
EXPOSE 5000
# Define the startup command
CMD ["python", "app.py"]
Dockerfile Explanation:
FROM python:3.9-slim-buster: Specifies the base image as a slim version of Python 3.9.WORKDIR /app: Sets the working directory inside the container to/app.COPY requirements.txt .: Copies therequirements.txtfile from the current directory to the/appdirectory in the container.RUN pip install --no-cache-dir -r requirements.txt: Runs thepipcommand inside the container to install the dependencies specified in therequirements.txtfile. The--no-cache-dirparameter can reduce the size of the image.COPY app.py .: Copies theapp.pyfile from the current directory to the/appdirectory in the container.EXPOSE 5000: Declares that the container will listen on port 5000.CMD ["python", "app.py"]: Defines the command to execute when the container starts.
4. Build the Docker Image
In the directory containing the Dockerfile, run the following command to build the Docker image:
docker build -t my-python-app .
docker build: The command to build the image.-t my-python-app: Specifies a name for the image (my-python-app)..: Specifies the directory where the Dockerfile is located (current directory).
The build process may take some time, depending on network speed and the size of the dependencies.
5. Run the Docker Container
Use the following command to run the Docker container:
docker run -d -p 5000:5000 my-python-app
docker run: The command to run the container.-d: Runs the container in detached mode (runs in the background).-p 5000:5000: Maps port 5000 on the host machine to port 5000 in the container.my-python-app: Specifies the name of the image to use.
6. Verify the Application
Access http://localhost:5000 in your browser, and you should see "Hello, Docker!".
7. Stop and Remove the Container
Use the following command to stop the container:
docker stop
`` can be viewed using the docker ps command.
Use the following command to remove the container:
docker rm
Getting Started with Docker Compose
If your application consists of multiple services, you can use Docker Compose to manage them.
1. Create a docker-compose.yml File
Create a file named docker-compose.yml and add the following content:
version: "3.9"
services:
web:
image: my-python-app
ports:
- "5000:5000"
docker-compose.yml Explanation:* version: "3.9": Specifies the version of the Docker Compose file.
services: Defines the services of the application.web: Defines a service named "web".image: my-python-app: Specifies the image used by the service.ports: Defines port mappings.
2. Starting the Application
In the directory containing the docker-compose.yml file, run the following command to start the application:
docker-compose up -d
docker-compose up: Command to start the application.-d: Runs the container in detached mode.
3. Stopping the Application
Use the following command to stop the application:
docker-compose down
Docker Security Best Practices
As can be seen from the discussion, the security of Docker images is an important issue. Here are some Docker security best practices:
- Use Official Images: Use officially provided images whenever possible, as these images are usually security scanned and maintained.
- Scan Image Vulnerabilities: Use tools like Trivy to scan images for known vulnerabilities and update images promptly.
- Use the Principle of Least Privilege: Avoid running containers as the root user.
- Limit Container Resources: Use cgroups to limit the CPU and memory usage of containers.
- Update Images Regularly: Keep images updated to fix security vulnerabilities.
- Use Security Scanning Tools: Tools like Snyk and Clair can be integrated into your CI/CD process to automatically scan for image vulnerabilities.





