-
Notifications
You must be signed in to change notification settings - Fork 6
Introduction to Docker
Well, it works on my machine.
This is Docker, oversimplified. Docker aims to address the reproducibility problem. Code you write would run perfectly well on your own computer. However, it might not work on a friend's computer¹. Docker guarantees portability of your software. Think of it like sending out mini-computers containing your code².
Analogy for wet-lab technicians: your lab recently made a novel discovery, however outside collaborators are unable to reproduce your results. What if you could put samples in a freezer and just ship the whole thing to them?
A Docker image is that mini-computer: it has an entire filesystem with an operating system. Your code lives in one of its folders.
Images are built and shared by developers like you. Docker Hub is a registry of publicly available containers shared by other people.
Docker runs your code in a container. A container is an instance of an image.
Containers are sandboxed. Without your permission, containers cannot access your host files or bind to any host port. You can also limit a container's memory/CPU usage.
Docker objects (images, containers, volumes, networks...) are identified by a hash (e.g. a8bd59ae2fac1895be7c8e996f8b97417c52fe4b969bd55fa3f85cafe51d8bbc). A tag is a human-readable nickname for an image (e.g. fnndsc/pl-simpledsapp:latest).
- image: runnable filesystem containing software
- container: running image
- tag: human-readable name for image
- volume: shared folder between host and container
- Docker Hub: an online repository to share docker images
- Install docker: https://docs.docker.com/get-docker/
docker run --rm hello-worldAbout --rm: see ³.
docker run will pull images automatically if it wasn't found locally. docker pull can be used to make sure you have the most recent version from Docker Hub.
docker pull fnndsc/ubuntu-python3:latestVery useful for troubleshooting.
docker run --rm -it --entrypoint /bin/bash fnndsc/ubuntu-python3mkdir folder # optional, host folder to mount
docker run --rm -v $PWD/folder:/out --entrypoint /bin/bash fnndsc/ubuntu-python3 -c 'echo hello > /out/message'
cat folder/message # checkout output
sudo rm -rfv folderAbout sudo: see ⁴.
docker images # list images
docker ps --all # list containershttps://github.com/FNNDSC/pl-z2labelmap#create-a-samplerandom-z-score-file-and-analyze
mkdir in out
docker run --rm -v $(pwd)/in:/incoming -v $(pwd)/out:/outgoing \
fnndsc/pl-z2labelmap z2labelmap.py \
--random --seed 1 \
--posRange 3.0 --negRange -3.0 \
/incoming /outgoing
docker run --rm -v $(pwd)/in:/incoming -v $(pwd)/out:/outgoing \
fnndsc/pl-z2labelmap z2labelmap.py \
--negColor B --posColor R \
--imageSet ../data/set1 \
/incoming /outgoingTake a look at the picture ./out/sag/frame139.png.
Dockerfile contains instructions for the docker build command on how to build the image from source code.
# 1. download source code
git clone https://github.com/FNNDSC/pl-simplefsapp.git
# 2. change directory
cd pl-simplefsapp
# 3. inspect Dockerfile
more Dockerfile
# 4. build image
docker build -t my_image .
# 5. run container
docker run --rm my_imageCreate a DockerHub account: https://hub.docker.com/signup
docker tag my_image <username>/pl-simplefsapp:tutorial
docker login
docker push <username>/pl-simplefsapp:tutorialAn image is only removed from disk after all tags referencing the image are deleted.
docker rmi my_image
docker rmi <username>/pl-simplefsapp:tutorial- Official hands-on tutorial: https://www.docker.com/101-tutorial
- best practices: https://docs.docker.com/develop/dev-best-practices/
- Portability is a problem because there are many undocumented settings on everyone's personal computer.
- Oversimplified. Docker works by using Linux namespaces. https://medium.com/@saschagrunert/demystifying-containers-part-i-kernel-space-2c53d6979504
- Without
--rm, docker keeps stopped containers. Unless you want to inspect them later, it is not usually useful to keep stopped containers. - Docker runs as root, so you need
sudo. Sometimes you can get around this withdocker run -u $(id -u).