Facebook Pixel
Searching...
English
EnglishEnglish
EspañolSpanish
简体中文Chinese
FrançaisFrench
DeutschGerman
日本語Japanese
PortuguêsPortuguese
ItalianoItalian
한국어Korean
РусскийRussian
NederlandsDutch
العربيةArabic
PolskiPolish
हिन्दीHindi
Tiếng ViệtVietnamese
SvenskaSwedish
ΕλληνικάGreek
TürkçeTurkish
ไทยThai
ČeštinaCzech
RomânăRomanian
MagyarHungarian
УкраїнськаUkrainian
Bahasa IndonesiaIndonesian
DanskDanish
SuomiFinnish
БългарскиBulgarian
עבריתHebrew
NorskNorwegian
HrvatskiCroatian
CatalàCatalan
SlovenčinaSlovak
LietuviųLithuanian
SlovenščinaSlovenian
СрпскиSerbian
EestiEstonian
LatviešuLatvian
فارسیPersian
മലയാളംMalayalam
தமிழ்Tamil
اردوUrdu
Docker

Docker

Up & Running: Shipping Reliable Containers in Production
by Karl Matthias 2015 230 pages
3.77
100+ ratings
Listen

Key Takeaways

1. Docker revolutionizes application deployment and scaling

Docker sits right in the middle of some of the most enabling technologies of the last decade.

Simplified deployment. Docker allows developers to package applications with all their dependencies into standardized units called containers. This approach dramatically simplifies the deployment process, ensuring consistency across different environments.

Improved scalability. By abstracting away the underlying infrastructure, Docker enables applications to be easily scaled horizontally. Containers can be quickly spun up or down based on demand, allowing for more efficient resource utilization.

DevOps enablement. Docker bridges the gap between development and operations teams by providing a common language and toolset. This facilitates better collaboration and smoother workflows throughout the application lifecycle.

2. Containers offer lightweight, portable, and efficient virtualization

Containers are a fundamentally different approach where all containers share a single kernel and isolation is implemented entirely within that single kernel.

Resource efficiency. Containers share the host system's kernel, making them significantly lighter than traditional virtual machines. This allows for higher density of applications on a single host and faster startup times.

Portability. Docker containers encapsulate the application and its dependencies, ensuring consistent behavior across different environments. This "build once, run anywhere" approach simplifies development and deployment workflows.

Isolation. While not providing the same level of isolation as virtual machines, containers offer sufficient separation for most use cases. They utilize Linux kernel features like namespaces and cgroups to create isolated environments for applications.

3. Docker architecture: client, server, and registry

Docker consists of at least two parts: the client and the server/daemon (see Figure 2-3). Optionally there is a third component called the registry, which stores Docker images and metadata about those images.

Client-server model. Docker uses a client-server architecture where the Docker client communicates with the Docker daemon, which handles building, running, and distributing containers.

Docker registry. The registry is a centralized repository for storing and distributing Docker images. Docker Hub is the public registry maintained by Docker, but organizations can also set up private registries.

Components interaction:

  • Docker client: Sends commands to the Docker daemon
  • Docker daemon: Manages Docker objects (images, containers, networks, volumes)
  • Docker registry: Stores Docker images

4. Building and managing Docker images and containers

Containers are normally designed to be disposable, you may still find that standard testing is not always sufficient to avoid all problems and that you will want some tools for debugging running containers.

Image creation. Docker images are built using Dockerfiles, which contain a series of instructions for creating the image. Each instruction creates a new layer, allowing for efficient storage and transfer of images.

Container lifecycle:

  • Create: docker create
  • Start: docker start
  • Run: docker run (combines create and start)
  • Stop: docker stop
  • Remove: docker rm

Debugging tools:

  • docker logs: View container logs
  • docker exec: Run commands inside a running container
  • docker inspect: Get detailed information about Docker objects

5. Networking and storage in Docker environments

Docker allocates the private subnet from an unused RFC 1918 private subnet block. It detects which network blocks are unused on startup and allocates one to the virtual network.

Networking models:

  • Bridge: Default network driver, creating a private network for containers
  • Host: Removes network isolation, using the host's network directly
  • Overlay: Enables communication between containers across multiple Docker hosts
  • Macvlan: Assigns a MAC address to a container, making it appear as a physical device on the network

Storage options:

  • Volumes: Preferred mechanism for persistent data, managed by Docker
  • Bind mounts: Map a host file or directory to a container
  • tmpfs mounts: Store data temporarily in the host's memory

6. Debugging and monitoring Docker containers

There are times when you really just want to stop our container as described above. But there are a number of times when we just don't want our container to do anything for a while.

Debugging techniques:

  • docker logs: View container output
  • docker exec: Run commands inside a running container
  • docker inspect: Get detailed information about containers
  • docker stats: Monitor container resource usage in real-time

Monitoring tools:

  • cAdvisor: Provides resource usage and performance data
  • Prometheus: Collect and store metrics from containers
  • Grafana: Visualize container metrics and create dashboards

7. Scaling Docker with orchestration tools

Probably the first publicly available tool in this arena is Fleet from CoreOS, which works with systemd on the hosts to act as a distributed init system.

Orchestration platforms:

  • Docker Swarm: Native clustering for Docker
  • Kubernetes: Open-source container orchestration platform
  • Apache Mesos: Distributed systems kernel that can run Docker containers

Key features:

  • Service discovery
  • Load balancing
  • Scaling
  • Rolling updates
  • Self-healing

8. Security considerations for Docker deployments

Because it's a daemon that runs with privilege, and because it has direct control of your applications, it's probably not a good idea to expose Docker directly on the Internet.

Security best practices:

  • Run containers as non-root users
  • Use minimal base images to reduce attack surface
  • Implement network segmentation
  • Regularly update and patch Docker and container images
  • Use Docker Content Trust for image signing and verification

Security tools:

  • AppArmor/SELinux: Mandatory access control systems
  • Docker Bench Security: Automated security assessment tool
  • Clair: Open-source vulnerability scanner for containers

9. Designing a production-ready Docker platform

If, instead of simply deploying Docker into your environment, you take the time to build a well-designed container platform on top of Docker, you can enjoy the many benefits of a Docker-based workflow while protecting yourself from some of the sharper exposed edges that typically exist in such a high-velocity project.

Key considerations:

  • High availability and fault tolerance
  • Scalability and performance
  • Monitoring and logging
  • Backup and disaster recovery
  • Continuous integration and deployment (CI/CD)

Best practices:

  • Use orchestration tools for managing large-scale deployments
  • Implement proper logging and monitoring solutions
  • Develop a robust CI/CD pipeline for container builds and deployments
  • Regularly test and update your Docker infrastructure

10. The Twelve-Factor App methodology for containerized applications

Although not required, applications built with these 12 steps in mind are ideal candidates for the Docker workflow.

Key principles:

  1. Codebase: One codebase tracked in revision control, many deploys
  2. Dependencies: Explicitly declare and isolate dependencies
  3. Config: Store config in the environment
  4. Backing services: Treat backing services as attached resources
  5. Build, release, run: Strictly separate build and run stages
  6. Processes: Execute the app as one or more stateless processes
  7. Port binding: Export services via port binding
  8. Concurrency: Scale out via the process model
  9. Disposability: Maximize robustness with fast startup and graceful shutdown
  10. Dev/prod parity: Keep development, staging, and production as similar as possible
  11. Logs: Treat logs as event streams
  12. Admin processes: Run admin/management tasks as one-off processes

Benefits for Docker applications:

  • Improved scalability and maintainability
  • Easier deployment and operations
  • Better alignment with cloud-native architectures

Last updated:

Review Summary

3.77 out of 5
Average of 100+ ratings from Goodreads and Amazon.

Docker: Up and Running receives mixed reviews, with an average rating of 3.77/5. Readers appreciate its clear explanations of Docker basics and advanced topics, particularly security and debugging. Many find it a good introduction for beginners, though some criticize its outdated content and lack of coverage on the broader Docker ecosystem. The book is praised for its concise writing and practical examples but criticized for not addressing topics like Docker Compose. Some readers consider it too basic, while others find it a valuable resource for understanding Docker's core concepts.

Your rating:

About the Author

Karl Matthias is an experienced author and technology expert known for his work on Docker and related technologies. While specific biographical information is not provided in the given content, his book "Docker: Up and Running" suggests he has extensive knowledge in containerization, DevOps, and cloud computing. Matthias' writing style is described as clear and concise, with a focus on practical examples and real-world applications. His ability to explain complex technical concepts in an accessible manner is appreciated by readers, particularly those new to Docker. Matthias' expertise in Docker security and advanced topics indicates a deep understanding of the technology and its ecosystem.

Download PDF

To save this Docker summary for later, download the free PDF. You can print it out, or read offline at your convenience.
Download PDF
File size: 0.25 MB     Pages: 11

Download EPUB

To read this Docker summary on your e-reader device or app, download the free EPUB. The .epub digital book format is ideal for reading ebooks on phones, tablets, and e-readers.
Download EPUB
File size: 2.97 MB     Pages: 8
0:00
-0:00
1x
Dan
Andrew
Michelle
Lauren
Select Speed
1.0×
+
200 words per minute
Create a free account to unlock:
Bookmarks – save your favorite books
History – revisit books later
Ratings – rate books & see your ratings
Unlock unlimited listening
Your first week's on us!
Today: Get Instant Access
Listen to full summaries of 73,530 books. That's 12,000+ hours of audio!
Day 4: Trial Reminder
We'll send you a notification that your trial is ending soon.
Day 7: Your subscription begins
You'll be charged on Nov 28,
cancel anytime before.
Compare Features Free Pro
Read full text summaries
Summaries are free to read for everyone
Listen to summaries
12,000+ hours of audio
Unlimited Bookmarks
Free users are limited to 10
Unlimited History
Free users are limited to 10
What our users say
30,000+ readers
“...I can 10x the number of books I can read...”
“...exceptionally accurate, engaging, and beautifully presented...”
“...better than any amazon review when I'm making a book-buying decision...”
Save 62%
Yearly
$119.88 $44.99/yr
$3.75/mo
Monthly
$9.99/mo
Try Free & Unlock
7 days free, then $44.99/year. Cancel anytime.
Settings
Appearance