<--- Notes --->
- Docker is an engine that runs containers
<--- Docker Volumes --->
- Docker volumes are used to persist data generated by and used by Docker containers like databases, logs, etc.
types of volumes:
- Named volumes (recommended) -
mydata:/var/lib/mysql
- Anonymous volumes -
/var/lib/mysql
- Host volumes -
/opt/data:/var/lib/mysql
<--- Resources --->
- https://www.geeksforgeeks.org/what-is-docker-daemon/
- https://www.youtube.com/watch?v=p2PH_YPCsis&ab_channel=TechWorldwithNana
Namespace:
define what resources can container access on the host machine.
cgroup:
define how much of those resourses can container consume.
Container from scratch:
-
mount a directory: create a new root filesystem
-
unshare a namespace: Unsharing a namespace isolates the container's process space, providing it with a unique view of the system distinct from the host machine (unshare) is a sys
-
chroot to a directory: Change the root directory of the process to the new root filesystem.
-
create a cgroup: Make a new cgroup to limit what the container can use.
-
set limits in the cgroup: Decide how much the container can use.
-
start application in the cgroup: Start the application in the cgroup.
OCI (Open Container Initiative):
- The OCI wants to make the container technology the same everywhere, like container pictures and runtimes and what is and how it should be done.
CRI (Container Runtime Interface):
- The CRI runtime is a plugin that allows Kubernetes to use different container runtimes like containerd, and CRI-O.
Docker engine:
- The Docker engine is a client-server application with these major components:
- A server which is a type of long-running program called a daemon process (the dockerd command).
- A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do.
- A command line interface (CLI) client (the docker command).
Where is everything stored?
- Images: /var/lib/docker
- Containers: /var/lib/docker
- Volumes: /var/lib/docker/volumes
- Networks: /var/lib/docker/network
- Docker socket: /var/run/docker.sock
- Docker configuration: /etc/docker/daemon.json
cotnainerd:
- containerd is an industry-standard core container runtime that provides a stable, reliable, and consistent interface to run containers on a single machine it's use a OCI (Open Container Initiative) runtime like runc.
manifest.json:
- The manifest.json file is a JSON file that describes the layers of an image and the configuration of the image like the entrypoint, command, environment variables, and labels.
overlay2:
- Overlay2 is a storage driver that is used by Docker to store images and containers. It is a copy-on-write storage driver that is optimized for speed and space.
- it's works by creating a read-only layer for the image and a read-write layer for the container. When a container is started, a new read-write layer is created on top of the image layer. This layer is called the container layer.
- and instead of copying the image layer to the container layer, overlay2 uses a technique called copy-on-write. This means that when a file is modified in the container layer, it is copied to the container layer and modified there. This allows multiple containers to share the same image layer without duplicating the data.