Docker Image Operations

Listing all available images on the local system:

docker image list

Pulling an image from the registry without specifying a tag defaults to the 'latest' tag:

docker pull mysql

Searching for available images in the registry:

docker search mysql

Official images are verified and maintained by Docker's team, ensuring higher security and reliability. Always prioritize official images when available.

Docker images consist of multiple layers. To inspect the layer history of an image:

docker image history in28min/hello-world-java:0.0.1.RELEASE

Removing an image requires first stopping and removing any associated containers:

docker stop container_id
docker container rm container_id
docker image rm image_name

To remove all containers using a specific image:

docker ps -a --filter "ancestor=image_name" -q | xargs docker rm

Docker Container Lifecycle Management

Running a container with port mapping:

docker container run -p 8080:8080 -d image_name

Listing active containers:

docker container ls

Listing all containers including stopped ones:

docker container ls -a

Pausing and unpausing containers:

docker container pause container_id
docker container unpause container_id

The difference between stop and kill commands:

• stop: Sends SIGTERM signal, allowing graceful shutdown
• kill: Sends SIGKILL signal, forcing immediate termination

docker container stop container_id
docker container kill container_id

Inspecting container details:

docker container inspect container_id

Removing all stopped containers:

docker container prune

System Monitoring and Resource Management

Checking Docker disk usage:

docker system df

Monitoring real-time Docker events:

docker system events

Viewing container resource usage statistics:

docker stats container_id

Running containers with resource constraints:

docker container run -m 512m --cpu-quota=50000 -p 8080:8080 image_name

Cleaning up unused Docker resources:

docker system prune -a

Building Custom Docker Images

A Dockerfile defines the image construction process. Here's an optimized Python example:

FROM python:3.9-alpine

WORKDIR /app

COPY requirements.txt .
RUN pip install -r requirements.txt

COPY . .

EXPOSE 5000

CMD ["python", "./launch.py"]

Building the image with tagging:

docker build -t username/app-name:version .

The build context (.) includes all files in the current directory. Optimize by copying dependency files first to leverage layer caching.

Docker Hub Integration

Pushing images to Docker Hub:

docker push username/app-name:version

Note: Replace 'username' with your Docker Hub ID. Private repositories are recommended for enterprise use.

Multi-stage Builds for Java Applications

FROM maven:3.8-openjdk-11 AS build
WORKDIR /app
COPY pom.xml .
RUN mvn dependency:go-offline
COPY src ./src
RUN mvn package -DskipTests

FROM openjdk:11-jre-slim
WORKDIR /app
COPY --from=build /app/target/*.jar app.jar
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "app.jar"]

Multi-stage builds reduce final image size by excluding build tools and intermediate files.

CMD vs ENTRYPOINT

CMD: Can be overridden by command-line arguments

CMD ["node", "server.js"]

ENTRYPOINT: Fixed command that cannot be easily overridden

ENTRYPOINT ["python", "app.py"]

Use ENTRYPOINT when the container should always execute the same primary command. Use CMD when you want flexibility to override the default command.