Working with Containers

Big Picture

When containers run, the Build layers are Read Only but there’s a Writable layer that gets written to. This is done via the Union File System using Copy on Write.

Note: container does not contain a kernel. It uses the host’s kernel.

Lifecycle like a VM.

Modernize traditional apps: lift and shift small part of existing app first

Ephemeral (don’t hang around for years) and immutable (we don’t login and fix).

Diving Deeper

docker container run -it alpine sh

To exit shell, Ctrl p q

Note: if you’d like Docker to automatically clean up the container and remove the file system when the container exits, you can add the --rm flag.

Stop container:

docker container stop <first few digits of id>

Re first few digits: we should need enough to be unique.

Note: Docker gives the container 10 seconds to clean up before stopping it.

To see container, we can use:

docker container ls or docker ps

(and use the -a flag to see stopped containers).


docker container start <first few digits of id>

Default processes for new containers

CMD: run-time arguments override CMD instructions

ENTRYPOINT: run-time arguments are appended to ENTRYPOINT