I can’t seem to wrap my head around (Docker) containers and especially their maintenance.
As I understand it, containers contain a stripped-down OS that shares some resources with the host?
Or is it more like a closed-off part of the file system?
Anyway, when I have several containers running on a host system,
Do I need to keep them all updated separately? If so, how?
Or is it enough to update the host system, and not worry about the containers?
I’d say it’s more like a closed-off part of the filesystem but with networking and probably lots of other stuff closed off as well.
Updates on the host are separate from updates of the containers. Ideally the host has only the minimal stuff needed to run the containers.
Containers are usually updated when the contained apps are updated. That’s actually my main concern with containers. When the main app doesn’t need an update but some dependency needs one you have to actively update the dependency unless the app maintainers keep up with what their dependencies are doing. And usually you don’t even know what the dependencies are. Because the whole point of containers is that you only care about the main app.
To elaborate on this, when you want an update, you “update the container.” This usually means downloading an entirely new container image and replacing yours with the new one, which has new internal versions and data but works the exact same. You rely on the supplier of the container (if you didn’t make it yourself) to do all of that for you, and you just receive the update when you request it.
So ideally, dependencies will be taken care of for you when the container updates, if you are using a pre-built container.
I still don’t understand! I feel so dumb when it comes to docker.
I’m writing an application in Django (a python web framework), and there are docker images for that. But somehow my code needs to get in there I guess? Or does my code go alongside the container in a predefined folder? When I’m developing and need to update the docker container over and over between changes for testing, am I crating a whole new container or updating the one I made originally?
I don’t even get the purpose of the million images on docker hub. What’s the difference between a MySQL image and requiring MySQL in a docker compose and making my own image?
So sorry to bother you with this but I’m thinking you might be able to help me understand. I understood packages, jails, and VMs but this is a whole other thing, lol.
You would probably make your own image that would depend on another Django image. Building that image would put your code into the container you made. To ease development you would mount your development directory into the container.
Then when you release your app you would update your container image with the latest code and also update the django container it depends on.
MySQL would live in another container separate from yours. It would need its own mounted directory where all the database files live on the host.
If you needed some other app with a web API or so you would put that in its own container as well.
To put everything together you would use docker-compose. That puts them into one network and defines how they may talk with each other, what directories or files from the host to mount and other configuration.