I jumped into Docker feet first a few months ago and have not had a real good time with it. Networking doesn’t make sense, I can’t ever seem to access config files without dropping to su -, all the tutorials and videos I find are pretty top level and assume the user already has a firm grasp on it. It’s great for drop in stuff like open speed test and Vaultwarden but I recently tried setting up dashy and I can’t even find the config files to edit. The Dashy documentation says the easiest way to edit the configs is to use code-server, so I spun up a code-server VM and can’t even get it to open the files because the web based VSC doesn’t allow for SSH editing. There’s nothing explained in the documentation beyond that.
Yes I’m frustrated but I’m not bitching as if these solutions are trash, I’m simply asking where can I go to learn this shit from the ground up? It doesn’t make any sense to me from the perspective that I’ve approached it. Networking seems to be silly and weird, entering an interactive TTY to the container seems to be useless as there’s no package manager and doesn’t seem to have vim, nano, or any native way to edit configs. It’s been extremely frustrating so I ask you, where can I learn what I’m doing wrong and how to properly work with Docker?
Sounds like you, like a lot of others, have come to docker from the perspective of “it’s like a mini virtual machine”. Maybe you’ve used VMs before, like virtualbox or VMware or EC2. Maybe you have experience with setting up a cluster of VMs, each with their own OS, own SSH client, own suite of applications, and an overlay network between them all. Maybe someone told you “you should use docker instead, it’s like mini lightweight VMs”. And you’d be right to assume this is the wrong perspective to approach docker, because it leads to the problems you have faced.
Instead, try to think of docker containers as standalone applications. They don’t contain a kernel, they don’t have SSH, no Nano or VIM, just simply the Application, in a container, with enough supporting filesystem and OS libraries to make the application work.
That perspective is what helped me to get better at docker, I know it’s not exactly answering your question, but it might help.
“like mini lightweight VMs”
That’s exactly how I’ve approached it cause that’s exactly how it was explained. But it’s not at all like that. Thanks for your explanation.
Others have pointed out that docker containers aren’t idiomatically like VMs and you interact with them differently. Some workflow tips:
- Don’t edit configs in containers. Mount your config files as a volume. Edit them from your host using your normal editor and restart your container when they change.
- Don’t exec into your running container and then try to install debugging tools as you need them. Use a Dockerfile to build an image that has the debugging tools you need and launch your container using that.
- In general, mess with your container less while its running. Use dockerfiles, compose, and entry point scripts to set things up in your container so it’s the way you want it on startup. While its running, just use docker logs to see what it’s doing or run the occasional debugging command via exec if you must… but do more during container-build and startup and less after it’s running. Rebuild and restart the container a lot during debugging to make your changes take effect.
The other issue in play here is that the fundamentals necessary to understand how docker containers run aren’t actually docker fundamentals. They’re:
- Networking fundamentals. The container networking stack is really configurable and really complicated.
- Volumes and config mounts are based on overlay filesystems.
- Lots of docker issues are related to complex security systems like Linux capabilities.
- All of these systems are configurable, and different docker setups use them different ways.
These things aren’t trivial to learn, a thorough understanding of these things is the difference between a junior sysadmin and a senior one, and you WILL get exposed to them when things break. But step one in learning more is definitely to recognize that the hards parts of docker are rarely docker itself. Rather, the hard parts are their own thing. Figure out what Linux system you’re struggling with and start learning about that and how docker uses it rather than narrowly focusing your research on docker itself. Anything focusing on the docker piece must necessarily gloss over the real foundations which are often very complex… so this will start you expose you to deeper material that you can assemble in your own mind into an understanding of your own specific docker setup.
Echoing the sentiment that you should adjust your perspective in approaching containerization, otherwise you’re in for a tough time.
Jerome Petazzoni, one of the more recognizable names in the container community, has a site where he puts all of his workshops, slides, etc. This is his one for getting started with Docker.