Docker Flashcards

remembering docker concepts

1
Q

The Benefits of Docker Containers

A
  1. Self-contained. Each container has everything it needs to function with no reliance on any pre-installed dependencies on the host machine.
  2. Isolated. Since containers are run in isolation, they have minimal influence on the host and other containers, increasing the security of your applications.
  3. Independent. Each container is independently managed. Deleting one container won’t affect any others.
  4. Portable. Containers can run anywhere! The container that runs on your development machine will work the same way in a data center or anywhere in the cloud!
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Containers vs. VMs

A
  • a VM is an entire operating system with its own kernel, hardware drivers, programs, and applications. Spinning up a VM only to isolate a single application is a lot of overhead.
  • A container is simply** an isolated process with all of the files it needs to run**. If you run multiple containers, they all share the same kernel, allowing you to run more applications on less infrastructure.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Usings VMs and Containers together

A

Quite often, you will see containers and VMs used together. As an example, in a cloud environment, the provisioned machines are typically VMs. However, instead of provisioning one machine to run one application, a VM with a container runtime can run multiple containerized applications, increasing resource utilization and reducing costs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a container?

https://youtu.be/W1kWqFkiu7k

A
  • an isolated process/sandbox environment thats running an application on your machine
  • like an app on your phone
  • running app A isnt’ influencing or effecting app B
  • containers are similar, but instead of phone apps it’s databases, message queues, web servers etc.

When working with more complex projects, you’ll run different parts in different containers. For example, you might run a different container for the frontend, backend, and database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a container image?

A

A container image is a standardized package that includes all of the files, binaries, libraries, and configurations to run a container.

For a PostgreSQL image, that image will package the database binaries, config files, and other dependencies. For a Python web app, it’ll include the Python runtime, your app code, and all of its dependencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the two important principles of images?

A
  1. Images are immutable. Once an image is created, it can’t be modified. You can only make a new image or add changes on top of it.
  2. Container images are composed of layers. Each layer represented a set of file system changes that add, remove, or modify files.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a container image registry?

A

Now that you know what a container image is and how it works, you might wonder - where do you store these images?

Well, you can store your container images on your computer system, but what if you want to share them with your friends or use them on another machine? That’s where the image registry comes in.

An image registry is a centralized location for storing and sharing your container images. It can be either public or private. Docker Hub is a public registry that anyone can use and is the default registry.

While Docker Hub is a popular option, there are many other available container registries available today, including Amazon Elastic Container Registry(ECR), Azure Container Registry (ACR), and Google Container Registry (GCR). You can even run your private registry on your local system or inside your organization. For example, Harbor, JFrog Artifactory, GitLab Container registry et

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Registry vs. repository

A

While you’re working with registries, you might hear the terms registry and repository as if they’re interchangeable. Even though they’re related, they’re not quite the same thing.

A registry is a centralized location that stores and manages container images, whereas a repository is a collection of related container images within a registry. Think of it as a folder where you organize your images based on projects. Each repository contains one or more container images.

**NOTE: **You can create one private repository and unlimited public repositories using the free version of Docker Hub.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How do you create a repository on Docker hub?

*using docker quickstart example

https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/

A
  1. Sign into Docker Hub
  2. Select the Create repository button in the top-right.
  3. Select your namespace (most likely your username) and enter docker-quickstart as the repository name.
  4. Set the visibility (public or private)
  5. Select the Create button to create the repository.

This repository is empty right now. You’ll now fix this by pushing an image to it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Once you have a registry created, what is the first step you need to take before you create an image?

*using docker quickstart example

https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/

A

In order to create an image, you first need a project.

To get you started quickly, you’ll use a sample Node.js project found at github.com/dockersamples/helloworld-demo-node. This repository contains a pre-built Dockerfile necessary for building a Docker image.

  • Clone the repository
    ~~~
    git clone https://github.com/dockersamples/helloworld-demo-node
    ~~~
  • Navigate to newly created directory
    ~~~
    cd hello-world-demo-node
    ~~~
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Once you have a project created + cloned the repository (w/ pre-built Dockerfile needed to create the Docker image), how do you build the Docker image?

*using docker quickstart example

https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/

A

After you cd to the project directory, run the following command to build a Docker image, swapping out YOUR_DOCKER_USERNAME with your username

docker build -t YOUR_DOCKER_USERNAME/<your-projectname> .

Make sure you include the dot (.) at the end of the docker build command. This tells Docker where to find the Dockerfile.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What command do you run to list newly built docker images?

https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/

A
docker images

Output:
~~~
REPOSITORY TAG IMAGE ID CREATED SIZE
YOUR_DOCKER_USERNAME/docker-quickstart latest 476de364f70e 2 minutes ago 170MB
~~~

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do you start a container to test a newly built image?

https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/

A
docker run -d -p 8080:8080 YOUR_DOCKER_USERNAME/<your-project> 

You can verify if the container is working by visiting http://localhost:8080 with your browser.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do you use the docker tag command?

https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/

A

Docker tags allow you to label and version your images.

docker tag YOUR_DOCKER_USERNAME/docker-test-project YOUR_DOCKER_USERNAME/docker-test-project:1.0 
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Once you tag your docker image, how do you push the newly built image to your Docker hub repository?

https://docs.docker.com/guides/docker-concepts/the-basics/what-is-a-registry/

A

docker push

example:
~~~
docker push -u YOUR_DOCKER_USERNAME/docker-test-projectt:1.0
~~~

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Dockerfile vs. Compose file

A

A Dockerfile provides instructions to build a container image while a Compose file defines your running containers. Quite often, a Compose file references a Dockerfile to build an image to use for a particular service.

17
Q

What is one best practices for containers?

A

Each container should do one thing and do it well.

While there are exceptions to this rule, avoid the tendency to have one container do multiple things.

18
Q

What can you do with Docker Compose?

A

With Docker Compose, you can define all of your containers and their configurations in a single YAML file.

If you include this file in your code repository, anyone that clones your repository can get up and running with a single command.

It’s important to understand that Compose is a declarative tool - you simply define it and go. You don’t always need to recreate everything from scratch.** If you make a change**, run docker compose up again and Compose will reconcile the changes in your file and apply them intelligently.

19
Q

What is the command to start an application that has a compose.yaml file?

A

Use the docker compose up command to start the application:

docker compose up -d --build
20
Q

What does the compose.yaml file do?

A

It defines all the services that make up your application, along with their configurations.

Each service specifies its image, ports, volumes, networks, and any other settings necessary for its functionality.

21
Q

How do you remove an application using Docker Compose?

A

In the CLI, use the docker compose down command to remove everything.

22
Q

What do you need to know about volumes w/ Docker Compose?

A

Volumes persist.

By default, volumes aren’t automatically removed when you tear down a Compose stack. The idea is that you might want the data back if you start the stack again.

If you do want to remove the volumes, add the --volumes flag when running the docker compose down command:

docker compose down --volumes
23
Q

What do you need to remember when using the GUI for Compose stacks?

A

Note that if you remove the containers for a Compose app in the GUI, it’s removing only the containers. You’ll have to manually remove the network and volumes if you want to do so.

24
Q

what is the default path for a Compose file? (compose.yaml)

A

compose.yaml is placed in the working directory.

25
Q

What is the Name top-level element, as defined by the Compose Specificiation?

https://docs.docker.com/compose/compose-file/04-version-and-name/

A

The top-level name property is defined by the Specification as the project name to be used if you don’t set one explicitly.

Compose offers a way for you to override this name, and sets a default project name to be used if the top-level name element is not set.

Whenever a project name is defined by top-level name or by some custom mechanism, it is exposed for interpolation and environment variable resolution as COMPOSE_PROJECT_NAME

~~~
name: myapp

services:
foo:
image: busybox
command: echo “I’m running ${COMPOSE_PROJECT_NAME}”
```

25
Q

What is a service in the context of Compose/containers?

https://docs.docker.com/compose/compose-file/05-services/

A

A service is an abstract definition of a computing resource within an application which can be scaled or replaced independently from other components.

Services are backed by a set of containers, run by the platform according to replication requirements and placement constraints.

As services are backed by containers, they are defined by a Docker image and set of runtime arguments. All containers within a service are identically created with these arguments.

25
Q

What is the services top-level element?

https://docs.docker.com/compose/compose-file/05-services/

A

A Compose file must declare a services top-level element as a map whose keys are string representations of service names, and whose values are service definitions.

A service definition contains the configuration that is applied to each service container.

26
Q

What is the build section of a service top-level element?

https://docs.docker.com/compose/compose-file/05-services/

A

Each service may also include a build section, which defines how to create the Docker image for the service.

Compose supports building docker images using this service definition. If not used, the build section is ignored and the Compose file is still considered valid.

Build support is an optional aspect of the Compose Specification, and is described in detail in the Compose Build Specification documentation.

` build` specifies the build configuration for creating a container image from source, as defined in the Compose Build Specification

27
Q

What is the deploy section of a service top-level element for?

https://docs.docker.com/compose/compose-file/05-services/

A

Each service defines runtime constraints and requirements to run its containers.

The deploy section groups these constraints and allows the platform to adjust the deployment strategy to best match containers’ needs with available resources.

Deploy support is an optional aspect of the Compose Specification, and is described in detail in the Compose Deploy Specification documentation. If not implemented the deploy section is ignored and the Compose file is still considered valid.

28
Q

what does the annotations element do in a compose file?

https://docs.docker.com/compose/compose-file/05-services/

A

annotations defines annotations for the container. annotations can use either an array or a map.

29
Q

what does attach do in a compose file?

https://docs.docker.com/compose/compose-file/05-services/

A

When attach is defined and set to false Compose does not collect service logs, until you explicitly request it to.

The default service configuration is attach: true.

30
Q

What does the -it flag do in the context of docker run?

https://www.docker.com/blog/llm-docker-for-local-and-hugging-face-hosting/

A

The -it flag tells Docker to run the container in interactive mode and to attach a terminal to it. This will allow you to interact with the container and its processes.
Ex.:
~~~
docker run -it -p 7860:7860 –platform=linux/amd64 \
-e HUGGING_FACE_HUB_TOKEN=”YOUR_VALUE_HERE”
\
registry.hf.space/harsh-manvar-llama-2-7b-chat-test:latest python app.py
~~~

31
Q

What does the -p flag do in the context of docker run?

https://www.docker.com/blog/llm-docker-for-local-and-hugging-face-hosting/

A

The -p flag tells Docker to expose port 7860 from the container to the host machine. This means that you will be able to access the container’s web server from the host machine on port 7860.

Ex.:
~~~
docker run -it -p 7860:7860 –platform=linux/amd64 \
-e HUGGING_FACE_HUB_TOKEN=”YOUR_VALUE_HERE”
\
registry.hf.space/harsh-manvar-llama-2-7b-chat-test:latest python app.py
~~~

32
Q

What does the
--platform flag do in the context of docker run?

https://www.docker.com/blog/llm-docker-for-local-and-hugging-face-hosting/

A

The --platform=linux/amd64 flag tells Docker to run the container on a Linux machine with an AMD64 architecture.

Ex.:
~~~
docker run -it -p 7860:7860 –platform=linux/amd64 \
-e HUGGING_FACE_HUB_TOKEN=”YOUR_VALUE_HERE”
\
registry.hf.space/harsh-manvar-llama-2-7b-chat-test:latest python app.py
~~~

33
Q

What does the
-e flag do in the context of docker run?

https://www.docker.com/blog/llm-docker-for-local-and-hugging-face-hosting/

A

The -e HUGGING_FACE_HUB_TOKEN="YOUR_VALUE_HERE" flag tells Docker to set the environment variable HUGGING_FACE_HUB_TOKEN to the value you provided. This is required for accessing Hugging Face models from the container.

Ex.:
~~~
docker run -it -p 7860:7860 –platform=linux/amd64 \
-e HUGGING_FACE_HUB_TOKEN=”YOUR_VALUE_HERE”
\
registry.hf.space/harsh-manvar-llama-2-7b-chat-test:latest python app.py
~~~

The app.py script is the Python script that you want to run in the container. This will start the container and open a terminal to it. You can then interact with the container and its processes in the terminal. To exit the container, press Ctrl+C.

34
Q

Explain the components of this command:
~~~

docker buildx build –platform=linux/amd64 -t local-llm:v1 .
~~~

https://www.docker.com/blog/llm-docker-for-local-and-hugging-face-hosting/

A

Building the image:

The following command builds a Docker image for the llama-2-13b-chat model on the linux/amd64 platform. The image will be tagged with the name local-llm:v1.

	
docker buildx  build --platform=linux/amd64  -t local-llm:v1 .
35
Q

Explain the components of this command:
~~~
docker run -it -p 7860:7860 –platform=linux/amd64 -e HUGGING_FACE_HUB_TOKEN=”YOUR_VALUE_HERE” local-llm:v1 python app.py
~~~

https://www.docker.com/blog/llm-docker-for-local-and-hugging-face-hosting/

A

Running the Container:

The following command will start a new container running the local-llm:v1 Docker image and expose port 7860 on the host machine. The -e HUGGING_FACE_HUB_TOKEN="YOUR_VALUE_HERE" environment variable sets the Hugging Face Hub token, which is required to download the llama-2-13b-chat model from the Hugging Face Hub.

docker run -it -p 7860:7860 --platform=linux/amd64 -e HUGGING_FACE_HUB_TOKEN="YOUR_VALUE_HERE" local-llm:v1 python app.py

Next, open the browser and go to http://localhost:7860 to see local LLM Docker container output (Figure 3).