Tags Archives: containers

AWS Containers

AWS offers: the following container systems:








Docker images are stored in:


Docker Repositories


. docker hub https://hub.docker.com
is a public repository for basic images


Amazon ECR – Elastic Container Registry

– you can also keep your private images here
you can also use the public repository




the basic docker file contains:




this builds the docker image, you then push/pull to/from the repository you are using.


you run the image and it creates a live docker container – important to know the difference!


ECS: AWS Elastic Container Service – AWSs own container platform


EKS: Elastic kubernetes Service – AWSs managed kubernetes container service


AWS Fargate: a serverless container platform service, works with ECS and EKS


ECR: a repository for storing container images – Elastic Container Repository



important for exam! with ECS


ECS – EC2 Launch Type


when you launch a container you are launching an ECS task on an ECS cluster


you must provision and maintain the infra on the EC2 instances


but each EC2 instance must run the ECS Agent to register and operate as an ECS Cluster


AWS then takes care of precisely on which instance your containers are launched! you don’t specify it.




Fargate Launch Type for ECS


we do not provision any infra ie no ec2 instances needed

it is serverless


you just create your container task definitions


AWS runs the ECS Tasks for you based on your CPU/RAM requirement


to scale in Fargate you simply increase the number of tasks, not instances


way easier to manage than ec2 launch type




ECS iam roles for ECS


this is where you are using ec2 instances


you have your ec2 instance profile for this, it is used by the ecs agent,


makes the api calls to ecs service


sends container logs to cloudwatch logs


pull docker image from ecr


the ecs task roles:


this applies to ecs and fargate launch types


you create a role for each task


you use different roles for different ecs services that you run


these you define in your task definition for your ecs service



ECS Load Balancer Integrations



Do NOT use Elastic Load Balancer for ECS  – you should not use the old ELB as this has only minimal container features, and it has NO Fargate support


ALB – supported, ok for most use cases


NLB – recommended only if you need high throughput/performance or to pair with an AWS Private Link



ECS Data Volumes (EFS) – these allow for data persistence


you mount an EFS mounted onto the ECS tasks


this works for both EC2 and Fargate launch types


this means tasks running in any AZ can share the same data


Fargate + EFS = serverless


use case: when you need persistent multi-az shared storage for your containers


important – exam!


remember: S3 CANNOT be mounted as a file system!
only EFS can do this.




ECS Service Auto Scaling


there are a number of possibilities for this.


uses AWS Application Auto Scaling to automatically increase or decrease the desired number of ECS tasks


it measures following metrics:


ECS Service Average CPU Utilization
ECS Service Average Memory Utilization
ALB Request Count per Target – from ALB


you can also use
Target Tracking – a scale based on target value for a specified CloudWatch metric


Step Scaling – based on a specified CloudWatch Alarm


Scheduled Scaling which is based on a specified date and time – this is predictable


remember that scaling at the ecs service auto scaling task level is NOT the same as scaling at the ec2 instance auto scaling level




Fargate Auto Scaling – this is much easier to set up as it is serverless



So, for Auto Scaling for the EC2 Instance launch type:


this works by adding underlying EC2 instance according to demand


We can use
Auto Scaling Group scaling


this scales asg acc to cpu util
then it adds ec2 instances over time


or use the new more advanced system called


ECS Cluster Capacity Provider


– this is a much better option by far


this is used to auto-provision and scale the infra for your ecs tasks


it is paired with an ASG


adds EC2 instances when needed


ECS Cluster Capacity Provider Auto-Scaling is the much better option. 



so eg


ECS Scaling – Service CPU usage example


cloudwatch metric monitors cpu usage


and triggers a cloudwatch alarm in turn, this then scales via the auto scaling group for the cluster adding ec2 instances as required.



ECS Rolling Updates


when updating from v1 to v2, we can speficy who many tasks can be started and stopped, and which order


we can set a min % of tasks healthy


and a maximum %


default 100% min and 200% max


the max tells you how many more you can create…


the system is allowed to terminate up to the min %.


eg min 50% max 100%


we start with 4 tasks


this means we can terminate half the tasks ie 2 in this case at one time…


we can then perform the update on those instances in turn


ECS Tasks can also be invoked by linking to Event Bridge or to SQS message queuing



Amazon ECR Elastic Container Registry


stores and manages your docker images on AWS


there is a private and public repo – the public is ECCR public gallery at gallery.ecr.aws


fully integrated with ECS


access controlled by iam policy


it supports image vulnerability scanning, versioning, image tags and image lifestyle.


need to be aware of this repo for the exam!



Amazon EKS


Elastic Kubernetes Service


enables use of Kubernetes on AWS as alternative to ECS


open source, whereas ECS is AWS proprietary


similar to ECS but different API


EKS supports EC2 and Fargate



use case: if already using kubernetes



or wants to migrate to it, can be actually used on any cloud or with no cloud, not just aws


EKS uses “EKS Pods” in place of “ECS Tasks” – otherwise the same thing – remember this for the exam.



AWS App Runner


priced per cpu and gbyte.


This is a fully managed container application service which is serverless and managed AWS service for easy deployment of web apps and APIs


start with source code or container image

automatically builds and deploys the app for you


autoscaling, HA, Lb, encryption and connects to your vpc


also connects to DBs and message queues







Continue Reading

Installing Docker on Ubuntu

First of all, a quick overview of Docker.



The definition of Docker from Wikipedia:



Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels. Because all of the containers share the services of a single operating system kernel, they use fewer resources than virtual machines.



Docker is a container virtualization system used to separate processes and applications from other processes running on the same physical machine.


A container is simply another process on a machine that has been isolated from all other processes on the host machine. This isolation methodology utilizes kernel namespaces and cgroups, features that have been present in Linux for a long time.



What is a container image?


When running a container, it uses an isolated filesystem. This custom filesystem is provided by a container image. Since the image contains the container’s filesystem, it must contain everything needed to run an application – all dependencies, configuration, scripts, binaries, etc.


The image also contains other configuration for the container, such as environment variables, a default command to run, and other metadata.



Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which builds, runs, and distributes your Docker containers.


The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon running on anóther server.


The Docker client and daemon can communicate using a REST API, via UNIX sockets, or via a network interface.


Docker Compose is a special type of Docker client that lets you work with applications consisting of a set of containers.



The Docker daemon


The Docker daemon (dockerd) listens for Docker API requests and manages the Docker objects such as images, containers, networks, and volumes.


The dockerd daemon can also communicate with other daemons to manage Docker services.


root@asus:~# ps -ef | grep dockerd
root 877 1 0 13:01 ? 00:00:00 /usr/bin/dockerd -H fd:// –containerd=/run/containerd/containerd.sock
root 3196 2308 0 13:05 pts/0 00:00:00 grep –color=auto dockerd




The Docker client


The Docker client (docker) is the main way Docker users interact with Docker.


Docker commands such as docker run are sent by the docker client to dockerd, which executes them. The docker command uses the Docker API. The Docker client can communicate with more than one daemon.



Docker Hub Registry


The Docker Hub registry is a public registry which stores Docker images that anyone can use.


Docker is configured to search for and pull images from Docker Hub by default.


However, you can also run your own private Docker registry.


When you use the docker pull or docker run commands, the required images are pulled from the registry you have specified in your configuration.


And when you use the docker push command, your image is pushed to your configured registry.



Docker objects


When you use Docker, you are creating and using images, containers, networks, volumes, plugins, and other objects.




An image is a read-only template with instructions for creating a Docker container.


An image can also be based on another image, with additional customization. For example, you may build an image based on the ubuntu image, but which installs the Apache web server and also your own web application, as well as the configuration details needed to make your application run correctly.


You might create your own images or you might only use those created by others and published in a registry.


To build your own image, you create a Dockerfile which defines the steps needed to create the image and run it.


Each instruction in a Dockerfile creates a layer in the image.


When you change the Dockerfile and rebuild the image, only those layers which have changed are rebuilt.


This methodology enables Docker images to be lightweight, small, and fast, compared to other virtualization technologies.




A container is a runnable instance of an image.


You can create, start, stop, move, or delete a container using the Docker API or CLI.


You can connect a container to one or more networks, attach it to storage, or even create a new image based on its current state.


By default, a container is isolated from other containers and from its host machine.


You can specify the level of isolation from a container’s network, storage, or other underlying subsystems, from other containers or from the host machine.


A container is defined by its image as well as any configuration options you specify when you create or start it.


Note that when a container is removed, any changes to its state that are not stored in persistent storage will disappear.



Example docker run command


The following command runs a Linux Ubuntu container, then attaches interactively to your local command-line session, and then runs a /bin/bash shell.


$ docker run -i -t ubuntu /bin/bash


When you run this command, this is what happens:


If the ubuntu image is not already locally present, Docker pulls it from your configured registry, as though you had run docker pull ubuntu manually.


Docker then creates a new container, as though you had run a manual docker container create command.


Docker allocates a read-write filesystem to the container, as its final layer.


This allows a running container to create or modify files and directories in its local filesystem.


Docker then creates a network interface to connect the container to the default network, since you did not specify any networking options. This includes assigning an IP address to the container.


By default, containers can connect to external networks using the host machine’s network connection.


Next, Docker starts the container and executes /bin/bash.


Because the container is running interactively and attached to your terminal (due to the -i and -t flags), you can provide input using your keyboard while the output is logged to your terminal.


When you type exit to terminate the /bin/bash command, the container stops but is not removed. You can start it again or remove it.



You can obtain Docker from the standard Ubuntu 20.04 repositories, but the version may not always be the latest or the one you want.



The procedure for installing Docker


The steps are:


update the system packages index
enable the Docker repository
import the repository GPG key
then install the package.


sudo apt update
sudo apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common



root@asus:/# apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
Reading package lists… Done
Building dependency tree
Reading state information… Done
ca-certificates is already the newest version (20210119~20.10.1).
ca-certificates set to manually installed.
curl is already the newest version (7.68.0-1ubuntu4.3).
software-properties-common is already the newest version (
apt-transport-https is already the newest version (2.1.10ubuntu0.3).
The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 5 not upgraded.
Need to get 5.232 B of archives.
After this operation, 46,1 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://de.archive.ubuntu.com/ubuntu groovy-updates/universe amd64 gnupg-agent all 2.2.20-1ubuntu1.1 [5.232 B]
Fetched 5.232 B in 0s (32,6 kB/s)
Selecting previously unselected package gnupg-agent.
(Reading database … 214639 files and directories currently installed.)
Preparing to unpack …/gnupg-agent_2.2.20-1ubuntu1.1_all.deb …
Unpacking gnupg-agent (2.2.20-1ubuntu1.1) …
Setting up gnupg-agent (2.2.20-1ubuntu1.1) …



Import the repository’s GPG key using the curl command:


curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add –

root@asus:~# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add –
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).



Add the Docker APT repository to the system:


add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable”

root@asus:~# add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable”
Repository: ‘deb [arch=amd64] https://download.docker.com/linux/ubuntu groovy stable’
Archive for codename: groovy components: stable
More info: https://download.docker.com/linux/ubuntu
Adding repository.
Press [ENTER] to continue or Ctrl-c to cancel.
Adding deb entry to /etc/apt/sources.list.d/archive_uri-https_download_docker_com_linux_ubuntu-groovy.list
Adding disabled deb-src entry to /etc/apt/sources.list.d/archive_uri-https_download_docker_com_linux_ubuntu-groovy.list
Hit:1 http://de.archive.ubuntu.com/ubuntu groovy InRelease
Get:2 http://de.archive.ubuntu.com/ubuntu groovy-updates InRelease [115 kB]
Ign:3 htt
… … …

security.ubuntu.com/ubuntu groovy-security/main amd64 DEP-11 Metadata [18,9 kB]
Get:24 http://security.ubuntu.com/ubuntu groovy-security/universe amd64 DEP-11 Metadata [4.628 B]
Reading package lists… Done
E: The repository ‘http://ppa.launchpad.net/alexlarsson/flatpak/ubuntu groovy Release’ does not have a Release file.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.



Now the Docker repository is enabled, you can install any Docker version available in the repositories.


To install the latest version of Docker, run the commands below. If you want to install a specific Docker version, skip this step and go to the next one.


sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io



root@asus:~# apt install docker-ce docker-ce-cli containerd.io
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
docker-ce-rootless-extras docker-scan-plugin git git-man liberror-perl pigz slirp4netns
Suggested packages:
aufs-tools cgroupfs-mount | cgroup-lite git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-cvs
git-mediawiki git-svn
The following NEW packages will be installed:
containerd.io docker-ce docker-ce-cli docker-ce-rootless-extras docker-scan-plugin git git-man liberror-perl pigz slirp4netns
0 upgraded, 10 newly installed, 0 to remove and 6 not upgraded.
Need to get 113 MB of archives.
After this operation, 508 MB of additional disk space will be used.
Do you want to continue? [Y/n] y

… … ..

Selecting previously unselected package git.
Preparing to unpack …/8-git_1%3a2.27.0-1ubuntu1.1_amd64.deb …
Unpacking git (1:2.27.0-1ubuntu1.1) …
Selecting previously unselected package slirp4netns.
Preparing to unpack …/9-slirp4netns_1.0.1-1_amd64.deb …
Unpacking slirp4netns (1.0.1-1) …
Setting up slirp4netns (1.0.1-1) …
Setting up docker-scan-plugin (0.8.0~ubuntu-groovy) …
Setting up liberror-perl (0.17029-1) …
Setting up containerd.io (1.4.6-1) …
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /lib/systemd/system/containerd.service.
Setting up docker-ce-cli (5:20.10.7~3-0~ubuntu-groovy) …
Setting up pigz (2.4-1) …
Setting up git-man (1:2.27.0-1ubuntu1.1) …
Setting up docker-ce-rootless-extras (5:20.10.7~3-0~ubuntu-groovy) …
Setting up docker-ce (5:20.10.7~3-0~ubuntu-groovy) …
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Setting up git (1:2.27.0-1ubuntu1.1) …
Processing triggers for man-db (2.9.3-2) …
Processing triggers for systemd (246.6-1ubuntu1.4) …



Once the installation is completed, the Docker service will start automatically.




systemctl status docker


root@asus:~# systemctl status docker
● docker.service – Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2021-06-30 22:58:36 CEST; 9min ago
TriggeredBy: ● docker.socket
Docs: https://docs.docker.com
Main PID: 1718018 (dockerd)
Tasks: 16
Memory: 44.9M
CGroup: /system.slice/docker.service
└─1718018 /usr/bin/dockerd -H fd:// –containerd=/run/containerd/containerd.sock


Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.752582946+02:00″ level=warning msg=”Your kernel does not support CPU realtime sc>
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.752632979+02:00″ level=warning msg=”Your kernel does not support cgroup blkio we>
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.752640243+02:00″ level=warning msg=”Your kernel does not support cgroup blkio we>
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.752809760+02:00″ level=info msg=”Loading containers: start.”
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.856955079+02:00″ level=info msg=”Default bridge (docker0) is assigned with an IP>
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.918027046+02:00″ level=info msg=”Loading containers: done.”
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.940673725+02:00″ level=info msg=”Docker daemon” commit=b0f5bc3 graphdriver(s)=ov>
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.940830529+02:00″ level=info msg=”Daemon has completed initialization”
Jun 30 22:58:36 asus systemd[1]: Started Docker Application Container Engine.
Jun 30 22:58:36 asus dockerd[1718018]: time=”2021-06-30T22:58:36.973960760+02:00″ level=info msg=”API listen on /run/docker.sock”


To prevent the Docker package from being updated, mark it as held back:


sudo apt-mark hold docker-ce



To execute Docker Commands as a Non-Root User:


By default, only root and user with sudo privileges can execute Docker commands.


To execute Docker commands as non-root user, add the user to the docker group that was created during the installation of the Docker CE package:


sudo usermod -aG docker $USER


root@asus:~# usermod -aG docker kevin
root@asus:~# usermod -aG docker root



Log out and log back in to refresh the group membership.



To verify Docker is successfully installed and that you can execute docker commands, run a test container:


docker container run hello-world

This command downloads the test image, if it is not found locally, then runs it in a container, which prints a “Hello from Docker” message, and then exits:


root@asus:/home/kevin# docker container run hello-world
Unable to find image ‘hello-world:latest’ locally
latest: Pulling from library/hello-world
b8dfde127a29: Pulling fs layer
b8dfde127a29: Pull complete
Digest: sha256:9f6ad537c5132bcce57f7a0a20e317228d382c3cd61edae14650eec68b2b345c
Status: Downloaded newer image for hello-world:latest


Hello from Docker!


This message shows that your installation appears to be working correctly.


To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the “hello-world” image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.


To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash


Share images, automate workflows, and more with a free Docker ID:


For more examples and ideas, visit:





Note the container will stop after printing the message because it does not contain a long-running process.


By default, Docker always pulls images from the Docker Hub. This is a cloud-based registry which stores Docker images in public or private repositories.


root@asus:/home/kevin# docker run -it ubuntu bash
Unable to find image ‘ubuntu:latest’ locally
latest: Pulling from library/ubuntu
c549ccf8d472: Pull complete
Digest: sha256:aba80b77e27148d99c034a987e7da3a287ed455390352663418c0f2ed40417fe
Status: Downloaded newer image for ubuntu:latest
root@f152766a2e6d:/# whoami
root@f152766a2e6d:/# ls
bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@f152766a2e6d:/# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 395G 152G 224G 41% /
tmpfs 64M 0 64M 0% /dev
tmpfs 8.8G 0 8.8G 0% /sys/fs/cgroup
shm 64M 0 64M 0% /dev/shm
/dev/nvme0n1p4 395G 152G 224G 41% /etc/hosts
tmpfs 8.8G 0 8.8G 0% /proc/asound
tmpfs 8.8G 0 8.8G 0% /proc/acpi
tmpfs 8.8G 0 8.8G 0% /proc/scsi
tmpfs 8.8G 0 8.8G 0% /sys/firmware


you are now inside a docker container!



Uninstalling Docker


Before uninstalling Docker you should first remove all containers, images, volumes, and docker networks.


Run the following commands to stop all running containers and remove all docker objects:


docker container stop $(docker container ls -aq)


docker system prune -a –volumes


You can now uninstall Docker as any other package installed with apt:


sudo apt purge docker-ce
sudo apt autoremove




Using Docker Images to Deploy Containers


Docker images are templates containing instructions and specifications for creating a container.


To use Docker, you need to obtain an image or else create your own by building a dockerfile.


Listing Images


To list all the docker images on your system, use:


docker images


root@asus:~# docker images
ubuntu latest 9873176a8ff5 12 days ago 72.7MB
hello-world latest d1165f221234 3 months ago 13.3kB



Finding an Image


Images are stored on Docker registries, such as Docker Hub (Docker’s official registry).


You can browse the images on the registry or use the following command to search the Docker registry.


Replace [keyword] with the keyword you are searching for, such as nginx or apache.


docker search [keyword]


root@asus:~# docker search apache
httpd The Apache HTTP Server Project 3566 [OK]
tomcat Apache Tomcat is an open source implementati… 3060 [OK]
maven Apache Maven is a software project managemen… 1221 [OK]
apache/airflow Apache Airflow 260
apache/nifi Unofficial convenience binaries and Docker i… 218 [OK]
apache/zeppelin Apache Zeppelin 147 [OK]
eboraas/apache-php PHP on Apache (with SSL/TLS support), built … 144 [OK]
eboraas/apache Apache (with SSL/TLS support), built on Debi… 92 [OK]
apacheignite/ignite Apache Ignite – Distributed Database 78 [OK]
nimmis/apache-php5 This is docker images of Ubuntu 14.04 LTS wi… 69 [OK]
apache/skywalking-oap-server Apache SkyWalking OAP Server 68
bitnami/apache Bitnami Apache Docker Image 67 [OK]
apache/superset Apache Superset 50
apachepulsar/pulsar Apache Pulsar – Distributed pub/sub messagin… 42
linuxserver/apache An Apache container, brought to you by Linux… 28
antage/apache2-php5 Docker image for running Apache 2.x with PHP… 24 [OK]
apache/nutch Apache Nutch 23 [OK]
webdevops/apache Apache container 15 [OK]
apache/tika Apache Tika Server – the content analysis to… 8
newdeveloper/apache-php apache-php7.2 8
newdeveloper/apache-php-composer apache-php-composer 7
lephare/apache Apache container 6 [OK]
apache/fineract Apache Fineract 3
secoresearch/apache-varnish Apache+PHP+Varnish5.0 2 [OK]
apache/arrow-dev Apache Arrow convenience images for developm… 1



root@asus:~# docker search ubuntu
ubuntu Ubuntu is a Debian-based Linux operating sys… 12453 [OK]
dorowu/ubuntu-desktop-lxde-vnc Docker image to provide HTML5 VNC interface … 544 [OK]
websphere-liberty WebSphere Liberty multi-architecture images … 274 [OK]
rastasheep/ubuntu-sshd Dockerized SSH service, built on top of offi… 254 [OK]
consol/ubuntu-xfce-vnc Ubuntu container with “headless” VNC session… 241 [OK]
ubuntu-upstart Upstart is an event-based replacement for th… 111 [OK]
ansible/ubuntu14.04-ansible Ubuntu 14.04 LTS with ansible 98 [OK]
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 50 [OK]
ubuntu-debootstrap debootstrap –variant=minbase –components=m… 44 [OK]
i386/ubuntu Ubuntu is a Debian-based Linux operating sys… 25
nuagebec/ubuntu Simple always updated Ubuntu docker images w… 24 [OK]
1and1internet/ubuntu-16-apache-php-5.6 ubuntu-16-apache-php-5.6 14 [OK]
1and1internet/ubuntu-16-apache-php-7.0 ubuntu-16-apache-php-7.0 13 [OK]
eclipse/ubuntu_jdk8 Ubuntu, JDK8, Maven 3, git, curl, nmap, mc, … 13 [OK]
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mariadb-10 ubuntu-16-nginx-php-phpmyadmin-mariadb-10 11 [OK]
1and1internet/ubuntu-16-nginx-php-5.6-wordpress-4 ubuntu-16-nginx-php-5.6-wordpress-4 9 [OK]
1and1internet/ubuntu-16-apache-php-7.1 ubuntu-16-apache-php-7.1 7 [OK]
darksheer/ubuntu Base Ubuntu Image — Updated hourly 5 [OK]
1and1internet/ubuntu-16-nginx-php-7.0 ubuntu-16-nginx-php-7.0 4 [OK]
owncloud/ubuntu ownCloud Ubuntu base image 3
1and1internet/ubuntu-16-nginx-php-7.1-wordpress-4 ubuntu-16-nginx-php-7.1-wordpress-4 3 [OK]
smartentry/ubuntu ubuntu with smartentry 1 [OK]
1and1internet/ubuntu-16-php-7.1 ubuntu-16-php-7.1 1 [OK]
1and1internet/ubuntu-16-sshd ubuntu-16-sshd 1 [OK]
1and1internet/ubuntu-16-rspec ubuntu-16-rspec 0 [OK]




Starting a Container


To start a Docker container use:


docker start [ID]

replacing [ID] with the container ID corresponding with the container you want to start.


Stopping a Container


To stop a Docker container, replace [ID] with the container ID corresponding with the container you wish to stop:


docker stop [ID]




Removing a Container


To remove a Docker container, replace [ID] with the container ID corresponding with the container you wish to remove:


docker rm [ID]



Obtaining an Image


Once you find an image, you can download it to your server using the “docker pull” command. Replace [image] with the name of the image you’d like to use:


docker pull [image]


For instance, to pull the official nginx image:


docker pull nginx


Running an Image


To create a container based on an image, use the “docker run” command. Replace [image] with the name of the image you’d like to use.


docker run [image]


If the image hasn’t yet been downloaded and is available in the Docker registry, then the image will automatically be pulled to your server.


Managing Docker Containers


Listing Containers


To list all active (and inactive) Docker containers running on your system, run the following command:


docker ps -a


You should see something like the following:


root@asus:~# docker ps -a
b5d96e61c851 ubuntu “bash” 5 minutes ago Up 5 minutes interesting_rhodes
f152766a2e6d ubuntu “bash” 25 minutes ago Exited (0) 16 minutes ago vigorous_hypatia
64b484e8e343 hello-world “/hello” 28 minutes ago Exited (0) 28 minutes ago infallible_gagarin



kevin@asus:~$ sudo su
root@asus:/home/kevin# docker version
Client: Docker Engine – Community
Version: 20.10.7
API version: 1.41
Go version: go1.13.15
Git commit: f0df350
Built: Wed Jun 2 11:56:41 2021
OS/Arch: linux/amd64
Context: default
Experimental: true


Server: Docker Engine – Community
Version: 20.10.7
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: b0f5bc3
Built: Wed Jun 2 11:54:53 2021
OS/Arch: linux/amd64
Experimental: false
Version: 1.4.6
GitCommit: d71fcd7d8303cbf684402823e425e9dd2e99285d
Version: 1.0.0-rc95
GitCommit: b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
Version: 0.19.0
GitCommit: de40ad0




The official Docker Hub registry is at:




and download the node image:


docker pull node



root@asus:/home/kevin# docker pull node
Using default tag: latest
latest: Pulling from library/node
0bc3020d05f1: Pull complete
a110e5871660: Pull complete
83d3c0fa203a: Pull complete
a8fd09c11b02: Pull complete
14feb89c4a52: Pull complete
612a5de913f3: Pull complete
b86d81a99d41: Pull complete
5dd61d4ad9e8: Pull complete
7aae82345965: Pull complete
Digest: sha256:ca6daf1543242acb0ca59ff425509eab7defb9452f6ae07c156893db06c7a9a4
Status: Downloaded newer image for node:latest



root@asus:~# docker image ls
node latest 7105279fa2ab 8 days ago 908MB
ubuntu latest 9873176a8ff5 13 days ago 72.7MB
docker/getting-started latest 083d7564d904 2 weeks ago 28MB
hello-world latest d1165f221234 3 months ago 13.3kB



docker run node



root@asus:/home/kevin# docker info
Context: default
Debug Mode: false
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
scan: Docker Scan (Docker Inc., v0.8.0)


Containers: 9
Running: 1
Paused: 0
Stopped: 8
Images: 4
Server Version: 20.10.7
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: d71fcd7d8303cbf684402823e425e9dd2e99285d
runc version: b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
init version: de40ad0
Security Options:
Profile: default
Kernel Version: 5.8.0-59-generic
Operating System: Ubuntu 20.10
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 17.59GiB
Name: asus
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
Live Restore Enabled: false





To install a Jenkins container:



root@asus:~# docker pull jenkins/jenkins
Using default tag: latest
latest: Pulling from jenkins/jenkins
0bc3020d05f1: Already exists
ee3587ec32c3: Pull complete
0bd0b3e8a1ee: Pull complete
7b5615a9059c: Pull complete
62980ab719b4: Pull complete
ee9399291836: Pull complete
1a40e67771e3: Pull complete
ee53ed120856: Pull complete
34f2dd2cbb3e: Pull complete
70625628bb19: Pull complete
52967d83ef48: Pull complete
488b4fe169de: Pull complete
bd260a926aeb: Pull complete
32d7feae958e: Pull complete
a8fd2466ac4c: Pull complete
c7bfa4fe9cd5: Pull complete
Digest: sha256:443a28765cdd2133c0e816ef8d9f25c4c1e32b79b5aa1b9d2002a2f815a122bd
Status: Downloaded newer image for jenkins/jenkins:latest
root@asus:~# docker run -p 8080:8080 -p 50000:50000 jenkins
Unable to find image ‘jenkins:latest’ locally
docker: Error response from daemon: manifest for jenkins:latest not found: manifest unknown: manifest unknown.
See ‘docker run –help’.
root@asus:~# docker run -p 8080:8080 -p 50000:50000 jenkins/jenkins
Running from: /usr/share/jenkins/jenkins.war
webroot: EnvVars.masterEnvVars.get(“JENKINS_HOME”)
2021-07-01 17:06:24.542+0000 [id=1] INFO org.eclipse.jetty.util.log.Log#initialized: Logging initialized @308ms to org.eclipse.jetty.util.log.JavaUtilLog
2021-07-01 17:06:24.668+0000 [id=1] INFO winstone.Logger#logInternal: Beginning extraction from war file
2021-07-01 17:06:25.742+0000 [id=1] WARNING o.e.j.s.handler.ContextHandler#setContextPath: Empty contextPath
2021-07-01 17:06:25.802+0000 [id=1] INFO org.eclipse.jetty.server.Server#doStart: jetty-9.4.41.v20210516; built: 2021-05-16T23:56:28.993Z; git: 98607f93c7833e7dc59489b13f3cb0a114fb9f4c; jvm 1.8.0_292-b10
2021-07-01 17:06:26.053+0000 [id=1] INFO o.e.j.w.StandardDescriptorProcessor#visitServlet: NO JSP Support for /, did not find org.eclipse.jetty.jsp.JettyJspServlet
2021-07-01 17:06:26.118+0000 [id=1] INFO o.e.j.s.s.DefaultSessionIdManager#doStart: DefaultSessionIdManager workerName=node0
2021-07-01 17:06:26.118+0000 [id=1] INFO o.e.j.s.s.DefaultSessionIdManager#doStart: No SessionScavenger set, using defaults
2021-07-01 17:06:26.120+0000 [id=1] INFO o.e.j.server.session.HouseKeeper#startScavenging: node0 Scavenging every 600000ms
2021-07-01 17:06:26.496+0000 [id=1] INFO hudson.WebAppMain#contextInitialized: Jenkins home directory: /var/jenkins_home found at: EnvVars.masterEnvVars.get(“JENKINS_HOME”)
2021-07-01 17:06:26.605+0000 [id=1] INFO o.e.j.s.handler.ContextHandler#doStart: Started w.@677dbd89{Jenkins v2.300,/,file:///var/jenkins_home/war/,AVAILABLE}{/var/jenkins_home/war}
2021-07-01 17:06:26.621+0000 [id=1] INFO o.e.j.server.AbstractConnector#doStart: Started ServerConnector@624ea235{HTTP/1.1, (http/1.1)}{}
2021-07-01 17:06:26.622+0000 [id=1] INFO org.eclipse.jetty.server.Server#doStart: Started @2388ms
2021-07-01 17:06:26.623+0000 [id=23] INFO winstone.Logger#logInternal: Winstone Servlet Engine running: controlPort=disabled
2021-07-01 17:06:27.860+0000 [id=30] INFO jenkins.InitReactorRunner$1#onAttained: Started initialization
2021-07-01 17:06:27.884+0000 [id=29] INFO jenkins.InitReactorRunner$1#onAttained: Listed all plugins
2021-07-01 17:06:29.130+0000 [id=32] INFO jenkins.InitReactorRunner$1#onAttained: Prepared all plugins
2021-07-01 17:06:29.135+0000 [id=32] INFO jenkins.InitReactorRunner$1#onAttained: Started all plugins
2021-07-01 17:06:29.143+0000 [id=32] INFO jenkins.InitReactorRunner$1#onAttained: Augmented all extensions
2021-07-01 17:06:29.911+0000 [id=34] INFO jenkins.InitReactorRunner$1#onAttained: System config loaded
2021-07-01 17:06:29.912+0000 [id=30] INFO jenkins.InitReactorRunner$1#onAttained: System config adapted
2021-07-01 17:06:29.912+0000 [id=41] INFO jenkins.InitReactorRunner$1#onAttained: Loaded all jobs
2021-07-01 17:06:29.913+0000 [id=37] INFO jenkins.InitReactorRunner$1#onAttained: Configuration for all jobs updated
2021-07-01 17:06:30.027+0000 [id=56] INFO hudson.model.AsyncPeriodicWork#lambda$doRun$0: Started Download metadata
2021-07-01 17:06:30.036+0000 [id=56] INFO hudson.util.Retrier#start: Attempt #1 to do the action check updates server
2021-07-01 17:06:30.384+0000 [id=43] INFO jenkins.install.SetupWizard#init:


Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:


This may also be found at: /var/jenkins_home/secrets/initialAdminPassword


2021-07-01 17:06:45.324+0000 [id=28] INFO jenkins.InitReactorRunner$1#onAttained: Completed initialization
2021-07-01 17:06:45.337+0000 [id=22] INFO hudson.WebAppMain$3#run: Jenkins is fully up and running
2021-07-01 17:06:45.634+0000 [id=56] INFO h.m.DownloadService$Downloadable#load: Obtained the updated data file for hudson.tasks.Maven.MavenInstaller
2021-07-01 17:06:45.634+0000 [id=56] INFO hudson.util.Retrier#start: Performed the action check updates server successfully at the attempt #1
2021-07-01 17:06:45.637+0000 [id=56] INFO hudson.model.AsyncPeriodicWork#lambda$doRun$0: Finished Download metadata. 15,609 ms



The official site for Docker hub is https://www.docker.com/community-edition#/add_ons

browse and find the Jenkins image.


then on your host machine enter:

docker pull jenkins/jenkins

(this is the copypasted command from the hub jenkins page)

To run Jenkins, you need to run the following command −

sudo docker run -p 8080:8080 -p 50000:50000 jenkins/jenkins


Note the following points about the above sudo command −

We are using the sudo command to ensure it runs with root access.

Here, jenkins/jenkins is the name of the image we want to download from Docker hub and install on our Ubuntu machine.

-p is used to map the port number of the internal Docker image to our main Ubuntu server so that we can access the container accordingly.


You will then have Jenkins successfully running as a container on the Ubuntu machine.



Continue Reading