• A Docker image is a binary that includes all of the
requirements for running a single Docker container, as
well as metadata describing its needs and capabilities.
• A Dockerfile is a text document that contains all the
commands a user could call on the command line to
assemble an image. Using docker build users can create
an automated build that executes several command-line
instructions in succession.
• Dockerfile is used for automation of work by specifying
all step that we want on docker image.
• Images are read only containers used to create
• Built by you or other Docker Users.
• Stored in docker hub or your local repository
• Docker Engine is the program that enables containers
to build shipped & run.
• Docker Engine uses Linux Kernel namespace & control
• Namespace gives us the isolated workspace.
Installing Docker & Running Hello World
Install docker with command
# curl -sSL https://get.docker.com/ | sh
Run the hello world container to test your installation
# sudo docker run hello-world
*Installation instruction areavailable at
Registry & Repository
• Where we store our image is known as registry
• You can use your own registry or docker's public registry. Known
as Docker Hub
• Docker hub is the public registry that contains large amount
of images available for your use.
• Official Repositories are available at
Intro to Images
1. Go to https://hub.docker.com/ and sign up for an account.
2. Find your confirmation email and active your account.
3. Explore images from docker hub.
4. Understanding official Images, Tags
5. Search images on docker hub.
Three tools for orchestrating distributed applications with docker
• Docker Machine
Tool that provides Docker Hosts and install the Docker Engine on them.
• Docker Swarm
Tool that clusters many Engines and schedules containers.
• Docker Compose
Tool to create and manage multi-container application.
Benefits of using Docker
- Separation of Concerns
Life becomes easier for System admin
- Fast deployment cycle
- Application portability
Build in one environment, Ship anywhere.
Easy sign up new containers if needed.
- Run more apps on host machine
• Containers can talk to each other without having to expose ports
• Essential for micro service application architecture.
-Container with Tomcat running
-Container with MySQL running
-Application on tomcat needs to connect to MySQL
Quick Security Consideration
• Docker demon needs to run as root.
• Ensure that, only trusted can control Docker Demon.
• If binding the demon to a TCP socket, secure it with TLS
• Use linux hardening solutions
Docker In Production
- Private Registry
- Docker Swarm
- Docker Cloud
- AWS ECS
- Apache Mesos
- Google Cloud