The docker system commands manage the docker system. It has the following syntax:
$ docker system <command> [options]The df command shows the disk space used by the docker daemon. It includes information about images, containers, volumes, and caches. Docker networks are not shown since they do not consume storage space.
$ docker system df
A multistage build refers to building docker images in multiple steps. It is based on a dockerfile that includes multiple FROM instructions.
An example of multistage build consists of creating an image with all the development tools to build an application. The second stage consists of copying the compiled application binaries with the necessary runtime tools to a new image.
Multistage builds have many advantages:
Docker allows storing configurations outside docker images and running containers. This feature, named configs, eliminates the need to use volumes, bind-mount, or environment variables to pass configurations to containers.
The configs have the following characteristics:
A secret is an information that should be kept hidden from unauthorized users and applications. Examples of secrets include usernames, passwords, private keys, certificates, and resource names and locations.
The aim of secrets is to store sensitive information, that is needed by services, in a secure location. In other words, You should avoid storing these information in docker images and docker compose files in clear text.
Docker engine provides a set of commands to manage secrets and make them available to your applications. These commands should be executed on docker swarm managers.
The docker secrets have the following properties:
Nodes are physical or virtual machines on which an instance of docker engine is installed. Nodes are the building block of a docker swarm.
Nodes are of two types: managers and workers. Managers receive configuration of an application then schedule and monitor the tasks to be executed on the worker nodes. The managers maintain the desired state of a swarm by comparing the current state with the defined state. To orchestrate the tasks in a swarm, managers choose a leader among themselves.
Worker nodes execute tasks/containers assigned by managers. By default, manager nodes are also worker nodes unless they are configured to run as manager-only nodes.The role of workers is alo to keep managers notified and updated about the status of the tasks they are running.
All the commands related to the swarm management should be run on manager nodes.
Services are configurations of tasks that are intended to be run on swarm nodes. Usually, services belong to a stack which is defined in a docker compose file. However, services can be created and managed using the command line interface.
The ls commands lists all running services in a swarm.
$ docker service ls
A docker stack represents an application with multiple services such as database, API, and front-end services. The services are defined in a docker compose file format.
Managing stacks consists of deploying of a stack, listing the services and tasks in a stack, and removing a stack. All these commands need to be executed on a docker manager.
The format of the command to manage a stack is as follows:
$ docker stack [options] command
A swarm is initialized by using the command swarm init. The node on which the command is executed will play the role of a manager.
$ docker swarm init [options]After creating the swarm, the above command displays a note indicating the commands to run to join a worker or a manager to the newly created swarm.
A swarm is a collection of docker hosts that collaborate together to execute containers. The docker engine is installed on each host of the swarm.
The hosts in the swarm are called nodes. The nodes may run on physical computers or virtual machines. These nodes can play the role of manager, worker or both roles.
The managers are nodes that manage, coordinate and delegate services to nodes. On the other hand, workers are nodes that execute containers. By default, all managers are also workers.
A service is a desired state of a container. The state is defined as number of replicas, network and storage resources available to the service, ports the service exposes to the outside world, and other information. Docker services are managed using the docker service command.
The docker-compose command permits the management of multi-container applications. The command has the format:
$ docker-compose [options] [command] [arguments]To list all the sub-commands including a short description of each command, use -h option for help.
$ docker-compose -h