1. You can pull the official Ubuntu image from Docker Hub — it’s public, so no login needed.
[root@devopsvm01 ~]# docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
4b3ffd8ccb52: Pull complete
Digest: sha256:66460d557b25769b102175144d538d88219c077c678a49af4afca6fbfc1b5252
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest
[root@devopsvm01 ~]#
What happens:
-
Docker contacts Docker Hub
-
Downloads the latest Ubuntu base image
-
Stores it locally (you can see it with
docker images)
2. Check the image
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 97bed23a3497 4 weeks ago 78.1MB
hello-world latest 1b44b5a3e06a 2 months ago 10.1kB
[root@devopsvm01 ~]#
3. Remove the image
[root@devopsvm01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 97bed23a3497 4 weeks ago 78.1MB
hello-world latest 1b44b5a3e06a 2 months ago 10.1kB
[root@devopsvm01 ~]#
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker rmi 97bed23a3497
Untagged: ubuntu:latest
Untagged: ubuntu@sha256:66460d557b25769b102175144d538d88219c077c678a49af4afca6fbfc1b5252
Deleted: sha256:97bed23a34971024aa8d254abbe67b7168772340d1f494034773bc464e8dd5b6
Deleted: sha256:073ec47a8c22dcaa4d6e5758799ccefe2f9bde943685830b1bf6fd2395f5eabc
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest 1b44b5a3e06a 2 months ago 10.1kB
[root@devopsvm01 ~]#
4. Run ubuntu container
Docker first checks if the Ubuntu image exists locally, If image is found locally, Docker creates a container from that local image. If image is not found Docker automatically pulls the image from Docker Hub (or the specified registry).
[root@devopsvm01 ~]# docker run ubuntu
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
4b3ffd8ccb52: Pull complete
Digest: sha256:66460d557b25769b102175144d538d88219c077c678a49af4afca6fbfc1b5252
Status: Downloaded newer image for ubuntu:latest
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cfcf272bda4b ubuntu "/bin/bash" 19 seconds ago Exited (0) 17 seconds ago stoic_mcnulty
ff3a9058ef1a hello-world "/hello" 21 minutes ago Exited (0) 21 minutes ago frosty_wilson
7666d9a0a66a hello-world "/hello" 54 minutes ago Exited (0) 54 minutes ago naughty_jepsen
[root@devopsvm01 ~]#
The container created from the
ubuntu image exited almost immediately after it was run.When you run
docker run ubuntu without specifying a command, Docker uses the default command defined within the ubuntu image, which is typically /bin/bash. Without -it, Docker starts the container, executes /bin/bash, and immediately exits, because /bin/bash ends right away when there’s no terminal attached.-i --> Run the shlle in interactive mode
-t --> Allocate a pseudo-TTY
5. Start the ubuntu container in interactive mode.
[root@devopsvm01 ~]# docker run -it ubuntu
root@965e7a3a24e1:/#
From a different terminal check the container status,
[root@devopsvm01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dbea984d618c ubuntu "/bin/bash" 5 seconds ago Up 5 seconds serene_jackson
965e7a3a24e1 ubuntu "/bin/bash" 12 minutes ago Exited (0) 9 minutes ago
7666d9a0a66a hello-world "/hello" About an hour ago Exited (0) About an hour ago naughty_jepsen
[root@devopsvm01 ~]#
root@965e7a3a24e1:/# uptime
22:41:00 up 19:59, 0 user, load average: 0.00, 0.00, 0.00
root@965e7a3a24e1:/# free -m
total used free shared buff/cache available
Mem: 1511 626 143 2 905 885
Swap: 2095 205 1890
root@965e7a3a24e1:/# cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 142
model name : Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
stepping : 9
cpu MHz : 2399.998
cache size : 3072 KB
physical id : 0
siblings : 1
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 22
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq monitor ssse3 cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single pti fsgsbase bmi1 avx2 bmi2 invpcid rdseed clflushopt md_clear flush_l1d
bugs : bhi cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit srbds mmio_stale_data retbleed gds
bogomips : 4799.99
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:
root@965e7a3a24e1:/# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 37G 7.1G 30G 20% /
tmpfs 64M 0 64M 0% /dev
shm 64M 0 64M 0% /dev/shm
/dev/mapper/ol-root 37G 7.1G 30G 20% /etc/hosts
tmpfs 756M 0 756M 0% /proc/asound
tmpfs 756M 0 756M 0% /proc/acpi
tmpfs 756M 0 756M 0% /proc/scsi
tmpfs 756M 0 756M 0% /sys/firmware
root@965e7a3a24e1:/#
Memory Allocation in Docker Containers
The memory is not fully allocated from the host OS; it is shared and managed by the Host OS Kernel, but by default Docker containers can use all the memory available on the host unless you explicitly limit it.
On Linux, unless you set --memory when running the container, it shares the host memory and sees what the kernel exposes.
Example: Limit memory
docker run -it --memory=512m ubuntu
This container now cannot use more than 512 MB, even if the host has more available.
By default, your container is not “taking” all host memory, it just sees what’s available and will allocate as needed.
Docker uses a Linux Kernel feature called cgroups (Control Groups) to manage and restrict resource usage. If you want to limit the container to, say, 512MB,
you would run the container with the flag: docker run -it --memory 512m ubuntu. Since you did not specify a limit, it sees the Host's total memory.
CPU Allocation
The CPU is also shared and managed by the Host OS Kernel, not exclusively allocated.
By default, Docker containers share the Host's CPU resources and can burst up to 100% of all available cores on the host.
Like memory, CPU limits are set using cgroups. For example, to limit the container to 50% of one CPU core, you'd use
docker run -it --cpus 0.5 ubuntu.
Filesystem Allocation
The filesystem is allocated using a layered, copy-on-write (CoW) system, which is highly efficient.
Key Concept: The container's filesystem is composed of two main layers:
Read-Only Image Layers: These are the base layers from the ubuntu image. They are shared among all containers created from that image, saving disk space.
Writable Top Layer (overlay): This is a small, dedicated layer created specifically for your running container (965e7a3a24e1). Any changes you make (e.g., creating a file) are stored here.
The large Size and Avail values (37GB and 30GB) you see for the / directory come from the Host OS's underlying filesystem partition (specifically /dev/mapper/ol-root), which Docker uses as its storage location. The container is showing you the total available space on the disk partition used by Docker, not the space allocated just for the container.
[root@devopsvm01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 756M 0 756M 0% /dev/shm
tmpfs 303M 11M 293M 4% /run
/dev/mapper/ol-root 37G 7.1G 30G 20% /
/dev/sda1 960M 536M 425M 56% /boot
tmpfs 152M 56K 152M 1% /run/user/42
tmpfs 152M 36K 152M 1% /run/user/0
overlay 37G 7.1G 30G 20% /var/lib/docker/overlay2/79471e4d2798e8cef93c8610156c0fc253ee07328457671b062f7052eb377eaa/merged
[root@devopsvm01 ~]#
Ie, The container sees its own filesystem structure (like /), but it’s actually stored in /var/lib/docker on the host.
The container will likely exit if your terminal session times out.
root@dbea984d618c:/# exit
exit
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dbea984d618c ubuntu "/bin/bash" 19 minutes ago Exited (0) 2 seconds ago serene_jackson
965e7a3a24e1 ubuntu "/bin/bash" 31 minutes ago Exited (0) 29 minutes ago eloquent_panini
cfcf272bda4b ubuntu "/bin/bash" 41 minutes ago Exited (0) 41 minutes ago stoic_mcnulty
ff3a9058ef1a hello-world "/hello" About an hour ago Exited (0) About an hour ago frosty_wilson
7666d9a0a66a hello-world "/hello" 2 hours ago Exited (0) 2 hours ago naughty_jepsen
[root@devopsvm01 ~]#
The container runs only as long as its main process is active. In your case, when you ran docker run -it ubuntu, the main process is the interactive shell (likely /bin/bash or /bin/sh).
To view the network related information ,
root@6591579e4a8d:/# apt update
root@6591579e4a8d:/# apt install -y iproute2 net-tools
root@6591579e4a8d:/# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 2e:0e:7a:74:43:e7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@6591579e4a8d:/#
5. Stop/Start the ubuntu container.
[root@devopsvm01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker start f793dfa299d3
f793dfa299d3
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f793dfa299d3 ubuntu "/bin/bash" 4 minutes ago Up 3 seconds heuristic_kowalevski
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker stop f793dfa299d3
f793dfa299d3
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker run ubuntu
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Why docker start f793dfa299d3 stays running
That container was originally started with an interactive session — something like:
That combination -it means:
-
-i= interactive (keep STDIN open) -
-t= allocate a pseudo-TTY (terminal)
So when you docker start that container again, it resumes with a running bash process, which keeps the container alive.
To check the container resource utilization.
Run docker stats from the server machine.
[root@devopsvm01 ~]# docker stats
docker system df
This command is similar to the Linux
df (disk free) command — it shows how much disk space Docker is using and how much can be cleaned up.[root@devopsvm01 ~]# docker system df
TYPE TOTAL ACTIVE SIZE RECLAIMABLE
Images 2 2 78.13MB 0B (0%)
Containers 10 1 43.18MB 43.18MB (100%)
Local Volumes 0 0 0B 0B
Build Cache 0 0 0B 0B
[root@devopsvm01 ~]#
Docker system prune
docker system prune is a powerful cleanup command used to remove unused Docker resources and reclaim disk space on your machine.What docker system prune Removes
When you run docker system prune, Docker will ask for confirmation and then delete the following items:
All Stopped Containers: Containers that are not currently running (
docker ps -ashows them asExited).All Networks Not Used: Networks that are not attached to any running or stopped containers.
All Dangling Images: Images that do not have a tag and are not associated with any container (often left over after a build).
[root@devopsvm01 ~]# docker system prune --help
Usage: docker system prune [OPTIONS]
Remove unused data
Options:
-a, --all Remove all unused images not just dangling ones
--filter filter Provide filter values (e.g. "label=<key>=<value>")
-f, --force Do not prompt for confirmation
--volumes Prune anonymous volumes
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 97bed23a3497 4 weeks ago 78.1MB
hello-world latest 1b44b5a3e06a 2 months ago 10.1kB
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
403a136be406 ubuntu "/bin/bash" 9 minutes ago Up 9 minutes awesome_payne
954830c65252 ubuntu "/bin/bash" 17 minutes ago Exited (0) 17 minutes ago wizardly_brattain
f793dfa299d3 ubuntu "/bin/bash" 24 minutes ago Exited (137) 19 minutes ago heuristic_kowalevski
6591579e4a8d ubuntu "/bin/bash" 54 minutes ago Exited (129) 30 minutes ago amazing_pascal
eff7184828ce ubuntu "/bin/bash" 54 minutes ago Exited (127) 54 minutes ago hungry_heyrovsky
dbea984d618c ubuntu "/bin/bash" About an hour ago Exited (0) 59 minutes ago serene_jackson
965e7a3a24e1 ubuntu "/bin/bash" 2 hours ago Exited (0) About an hour ago eloquent_panini
cfcf272bda4b ubuntu "/bin/bash" 2 hours ago Exited (0) 2 hours ago stoic_mcnulty
ff3a9058ef1a hello-world "/hello" 2 hours ago Exited (0) 2 hours ago frosty_wilson
7666d9a0a66a hello-world "/hello" 3 hours ago Exited (0) 3 hours ago naughty_jepsen
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker system prune
WARNING! This will remove:
- all stopped containers
- all networks not used by at least one container
- all dangling images
- unused build cache
Are you sure you want to continue? [y/N] y
Deleted Containers:
954830c652526c75e1b14a451b331d1a05b5b104e9b3b22308aef601349e599c
f793dfa299d38f57b974938d8170e77afd6cf2f19d970c2cc54bb0b9d9aa9010
6591579e4a8d6d887000611020d229ed5832ca21df837271e7a454b1803c8e8b
eff7184828cebc5ce5412eae901b0370c41b75d051573ea330e5ca95616df9b1
dbea984d618c7aac7e01b7e07257ba3bb9fc542e3efb0b211a88500f7a873ecf
965e7a3a24e161a87f3600bac45050c8ca2e952732f81dd98c778f7a5c77b9d6
cfcf272bda4b0f21f310deab9a22bf3c01383d4c804ef42e09084ac8887ce34a
ff3a9058ef1aed89b0309092ef7c777780cac1ae30e90c88bc8b77d150af914c
7666d9a0a66a40e3dac54282f6bd3704df25e5cec2583b27f1b1237955bf21b2
Total reclaimed space: 43.18MB
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
403a136be406 ubuntu "/bin/bash" 9 minutes ago Up 9 minutes awesome_payne
[root@devopsvm01 ~]#
[root@devopsvm01 ~]#
[root@devopsvm01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 97bed23a3497 4 weeks ago 78.1MB
hello-world latest 1b44b5a3e06a 2 months ago 10.1kB
[root@devopsvm01 ~]#
No comments:
Post a Comment