Docker Images are the starting point for anyone who is new in the Docker world. They are used for launching the Docker Containers. It is a unit of packaging that contains everything required for an application to run.
Docker is an open-source platform based on Linux containers for developing, shipping, and running applications inside containers. we can deploy many containers simultaneously on a given host. Containers are very fast and lightweight. They don’t need the extra load of a hypervisor in comparison to the virtual machines because they run directly within the host machine’s kernel.
To know more about Docker, you can check out our blog on Kubernetes vs Docker.
Docker Image Overview
Docker Images are made up of multiple layers that are stacked on top of each other and represented as a single object. These are the read-only template that is used to create a Docker container. Because containers are intended to be fast and lightweight, images tend to be small. The official Alpine Linux image is about 5MB in size and official Ubuntu image is of 40MB.
These images are very similar to the VM image, but there is some difference between them:
- VM image is used to create VM machine and Docker images are used to create Docker containers.
- VM image is big in size while Docker images are lightweight.
Read more about Kubernetes Network Policy here.
Docker Image Layers
Docker Image consists of read-only layers built on top of each other. Docker uses Union File System (UFS) to build an image. The image is shared across containers. This Dockerfile contains multiple sets of commands, each of them is used to create a layer. Each layer is only a set of differences from the layer before it. The layers are stacked on top of each other.
All images start with a base layer, and as changes are made and new content is added, a new layer is added on top.
Each time Docker launches a container from an image, it adds a thin writable layer, known as the container layer, which stores all changes to the container throughout its runtime.
Know more: about Container Orchestration and Management Options
Docker Image vs Container
Docker image and Container are closely related to each other the major difference between them is these images are a collection of File plus metadata which is required to run an application, and a container is a running instance of the image or container is a copy of the image.
Note: Each container has its own writable container layer, and all changes are stored in this container layer, multiple containers can share access to the same underlying image and yet have their own data state.
Docker Image Registry
Image Registry is centralized storage used to store container images, which makes these images easily shareable. We can pull and push our images into this repository. There are three main types of registries: Docker Hub, Third-party Registry services and Self-hosted registry.
Docker Hub
Docker Hub has the concept of official and unofficial registries. Official repositories include images curated by Docker Inc. and the popular images applications. Unofficial registries contain the private images that users push. These are not well-documented and should be used carefully.
Third-party Registry services
Third-party Registry services provides a central point to store and manage the user’s private Docker container images and related artifacts. We can even maintain control over who can access, view, or download Docker Images.
Examples: Red Hat Quay, Amazon ECR, Azure Container Registry, Google Container Registry
Self-hosted registry
Self-hosted registry: Organizations prefer to use their own on-premises infrastructure for storing the images. They do this because of security reasons. It allows for a greater level of privacy, to see storage size, to push/pull images without an internet connection, and it’s free.
Also Check: Our blog post on Docker Container Tutorial. Click here
Pulling Docker Image
When we first install Docker host, it has no images in its local repository. The process of getting Images onto a Docker Host is called pulling. Images are stored in the Repositories, and we pull images from the repository.
We can check how many images are there in the local repository using the following command:
$ docker image ls
To download or pull the image from the Docker Hub repository, we can use the following command:
$ docker pull <image name>
How to name Docker Images?
Image registries contain many repositories and repositories contains many images. As we have so many images, it becomes important to give a unique name. There is a general convention Username/image_name:tag_name, to name our images.
If we do not specify an image tag after the repository name, Docker will assume that we are referring to the image tagged as latest. If the repository doesn’t have an image tagged as latest, then the command will fail.
$ docker image pull alpine:3.6
OR
$ docker pull alpine:3.6
How to create a Docker Image?
We have 2 ways to create a Docker Image:
- Interactive Method
- Dockerfile Method
Interactive method
In this method, we run a container from an existing docker image and configure the container environment according to us. Then we save the resulting state as a new image using the docker commit command. When we do a commit, we essentially create a new image with an additional layer that modifies the base image layer.
Example
Step 1) Pull the Base Image
We first need an Image to run our docker container. We will use the latest Ubuntu docker image. To download or pull the image from DockerHub registry, docker pull can be used:
$ docker pull Ubuntu
Step2) Deploy the Container
We will run a Docker container using the Ubuntu image that we pulled in the previous step. We will use the run command. The -it options instruct the container to launch in interactive mode and enable a terminal typing interface.
$ docker run -it --name <name of container> ubuntu
Step 3) Modify the Container
Now we can do any changes we want. Here, we will be installing Nmap software in our container. As it is an Ubuntu image container, we will use apt-get command to install any software.
$ apt-get install nmap
Once you finish modifying the new container, exit out of it.
$ exitWe will need the CONTAINER ID to save the changes we have made to the existing image. Run the docker ps -a to list all the containers and copy the Container ID.
$ docker ps -a
Step 4) Commit changes to Image
Finally, we will create a new Image by committing the changes using the commit command.
$ docker commit <container Id> <new image name>
Our newly created image should now be available on the list of local images. We can verify by checking the image list again:
$ docker images
Dockerfile
A Dockerfile is a document file that contains collections of commands that will be executed in the docker environment for building a new docker image. This file is written in YAML Language. These images consist of read-only layers each of which represents a Dockerfile instruction. It is a more systematic, flexible and efficient way to build a Docker image.
To know more about DockerFile, click here
The following table shows the commonly used Dockerfile statements:
Example of a DockerFile
# Using the official Ubuntu as base
FROM ubuntu
RUN apt-get update
RUN apt-get install -y nginx
COPY index.nginx-debian.html /var/www/html
EXPOSE 80
COPY [“./start.sh”, ”/root/start.sh”]
ENTRYPOINT /root/start.sh
In this demo DockerFile,
- The first line “#using the official Ubuntu as a base” is a comment. You can add comments to the Docker File with the help of the # command
- The next line has to start with the FROM keyword. It tells docker, which base image is to be used. In our example, we are creating an image from the ubuntu image.
- The RUN command is used to run instructions against the image. In our case, we first update our Ubuntu system and then install the Nginx server on our ubuntu image.
- The COPY command is used to copy a file inside the /var/www/html folder.
- The next command is EXPOSE, which is used to expose the port number.
- The ENTRYPOINT command will run the /root/start.sh when the container starts.
To build an image from the dockerfile, we use the build command:
$ docker image build
OR
$ docker build
Our image is successfully built and stored in the local repository. We can check it using the below commands:
$ docker images
OR
$ docker images ls
Reference/Related Post
- Docker Architecture | Docker Engine Components | Container Lifecycle
- Kubernetes Architecture & Components Overview For Beginners
- Certified Kubernetes Administrator (CKA) Certification Exam: Everything You Must Know
- Certified Kubernetes Administrator (CKA) Certification: Step By Step Activity Guides/Hands-On Lab Exercise