Basics - Core Concepts

Basics and Core Concepts

Container Evolution
Container Runtime Engine
Docker Basics
Creating application images and tagging
Continuous Integration with Images


Container Evolution

Containerized App -
What’s inside? - App + Library + Bin
Image - App bundled with Dependencies
Container - Image deployed as Container
Deployment differs based on env - Dev, Staging, Prod
Envs, Configurations(Port, DB), Secrets, Resource limits, etc.

Namespaces & CGroups

Basics and Core Concepts


● Namespaces provide a layer of isolation for containers.

● Each aspect of a container runs in a separate namespace and its
access is limited to that namespace.
● When you run a container, Docker creates a set of namespaces for that
● Namespace makes processes running inside that namespace believe
they have their own instance of that resource.
● A namespace can limit visibility to certain process trees, network
interfaces, user IDs, or filesystem mounts.
Basics and Core Concepts

● A control group (cgroup) is a Linux kernel feature that limits an

application to a specific set of resource usage (CPU, memory, disk I/O,
network, and so on)
● Control groups allow Docker Engine to share hardware resources to
containers and optionally enforce limits and constraints.
● For example, you can limit the memory available to a specific container.

Cgroups involve resource metering and limiting:

Memory, CPU, Storage I/O, Network

Docker Lab
#Images and containers
docker pull nginx
=> Pulls latest version, see all versions -
docker run --name nginx -dt -p 80:80 nginx
docker ps
docker stop nginx
docker ps
docker ps -a
docker start nginx
docker ps
docker exec -it nginx /bin/sh
docker rm nginx
Basics and Core Concepts
docker ps -a
docker images
docker rmi nginx
docker images

# Cleanup
## Containers
docker rm $(docker ps -qa)
## Images
docker image prune -a

vi app.js

# Copy the below content and paste it in app.js file

const http = require('http');

const hostname = '';

const port = 80;

const server = http.createServer((req, res) => {

res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('Hello Docker Chief\n');

server.listen(port, hostname, () => {

console.log('Server running at http://%s:%s/', hostname, port);

process.on('SIGINT', function() {
console.log('Caught interrupt signal and will exit');
# save the file with :wq

vi Dockerfile

# Use an official Node runtime as the parent image

FROM node:6
Basics and Core Concepts
# Set the working directory in the container to /app

# Copy the current directory contents into the container at /app

ADD . /app

# Make the container's port 80 available to the outside world


# Run app.js using node when the container launches

CMD ["node", "app.js"]
# save the file with :wq

Docker Commands
docker build -t node-app:0.1 .
docker images
docker run -p 4000:80 --name my-app -dt node-app:0.1
curl http://localhost:4000
docker logs my-app
docker stop my-app && docker rm my-app
docker run -p 4000:80 --name my-app02 -d node-app:0.1
docker ps
docker logs [container_id]

follow the log's output as the container is running, use the -f option,
docker logs -f [container_id]

examine a container's metadata in Docker by using Docker inspect:

docker inspect [container_id]

docker exec -it my-app02 '/bin/bash'

How do we manage containers in different nodes?

Basics and Core Concepts
Basics and Core Concepts

Core Concepts
Kubernetes Architecture
Master Node initialisation
Worker Nodes initialization - Worker1 & 2
Basic commands of Kubernetes

Kubernetes Architecture
API Server
Controller Manager
Cloud Controller Manager(CCM)
Kubelet <-> Dockerd
Pods - Containers - App running
Operator - Access API-Server for k8s calls - Create, Update, Read, Delete resources
K8s client - UI, API, CLI - kubectl
User - App users - Access App deployed in k8s
Basics and Core Concepts

Node View - Many sizes of pods deployed

Set Hostname
Master Node:
sudo hostnamectl set-hostname
exec bash
Worker1 Node:
sudo hostnamectl set-hostname
exec bash
Worker2 Node:
sudo hostnamectl set-hostname
exec bash

Docker Configuration - Master, Worker1, Worker2

cat <<EOF | sudo tee /etc/docker/daemon.json
"exec-opts": ["native.cgroupdriver=systemd"],
Basics and Core Concepts
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
"storage-driver": "overlay2"
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo swapoff -a

Do the above steps in Master, Worker1 and Worker2 nodes

Master Node initialisation

sudo kubeadm init

● Copy kubeadm join command

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
cat ~/.kube/config

Install Container Network Interface (CNI)

kubectl apply -f

kubectl get nodes
NAME STATUS ROLES AGE VERSION Ready control-plane,master 64m v1.23.4

Worker Nodes initialization - Worker1 & 2


sudo kubeadm join <IP>:6443 --token 6v6z4m.qpbdqgshqgbzbz7y \

Basics and Core Concepts
Note: In case you need to find your unique token, run the command sudo kubeadm token
create --print-join-command

labsuser@master:~$ kubectl get nodes

master Ready control-plane,master 75m v1.23.4 Ready <none> 72s v1.23.4 Ready <none> 52s v1.23.4

Basic commands of Kubernetes

kubectl get nodes
kubectl describe node worker-1

kubectl get pods

kubectl describe pod <pod-name>

kubectl get all

kubectl get all -n kube-system

kubectl get ns
kubectl describe ns kube-system

kubectl get events

kubectl delete pod <pod-name>

kubectl api-resources
kubectl explain pod
kubectl explain pod.spec –recursive

kubectl run nginxpod --image=nginx --port 80

kubectl get pods

kubectl cluster-info
kubectl cluster-info dump > cluster-dump
kubectl get node worker01
kubectl describe node worker01 | less
# Look at Status(should be FALSE), Address, Capacity, and Events

kubectl get namespaces

Kubectl get pods -A
kubectl get pods -n kube-system
# Look into /etc/kubernetes/ - Config, manifests & pki

