When you are connected to the internet, your PC have access to limitless collection of resources for entertainment, information and videos. Typically an internet connection allows your computer to connect with other computers connected to internet and vise versa. It also opens up the space for vast amount of threats from the outside. Nowadays cyber-criminals use advance techniques to compromise your computer for their personal gain. Sadly many internet users don’t know the risk they expose themselves to (until they are compromised) and most who know the risk doesn’t really care (thinking they don’t have much valuable stuff to steal). It was decades back where cyber-criminals wanted to damage your computer using a virus, spam your contact list with emails, cripple your working machine with unwanted behaviors or delete the content of your disk. Today there are many sophisticated goals they try to achieve by hacking into your computer.

Most of the oldest tricks used by cyber-criminals require a user action in order to achieve the exploit. You most likely need to download a file to be infected from a virus, you have to click on a link to exploit software vulnerabilities or you have to visit a malicious site which steal your personal and confidential data. These do exists even today, but these are mere efforts for hackers usually known as script-kiddies. Advancement in technology also means there are more possibilities for hackers and even more powerful tools in their arsenal. If you are connected to internet or even on a local network, you need to be aware of the risks and potential danger you put yourselves into before connecting into any kind of network connection.

Most internet users cave into the trap called “sense of false security” due to their ignorance and mainly believing every advertisement you see on internet. The most dangerous place to be in the cyberspace is the “unknown” but comparatively been on a unknown territory thinking you know everything is the biggest downfall of many users. Few of the widely believed misconceptions among many are:

Anti-Virus will keep me safe

Just installing an anti-virus software will keep you safe from viruses because that is what they market and promote. But the reality is not every anti-virus software can detect all the virus in the world, and it very much depend on how you use the software. You need to keep the database up-to-date and most importantly scan your files regularly to detect if there is any infection. Most of the times the usability of a anti-virus software is questioned mostly due the reporting of false positives. But then again, it is another software, hence bugs and errors are to be expected. You cannot just install the software and expect it to do everything and keep you safe, that’s not how it works.

My internet connection is always secure

Assuming that your internet connection is secure at all times is one of the biggest mistakes that will cost you big-time. Ever wondered why people bother about anti-censorship? anonymity? Even if you have a reliable internet service provider that you trust (highly unlikely they can be trusted), the ISP is just the gate for you to connect to other computers. It doesn’t protect you from any outside threat or inside threat for that matter. You need to make sure you understand the role of each entity and not hold any false assumptions. In the corporate or industrial environments some ISP do provide protection against certain kind of cyber-attacks, but it doesn’t come by default to every user.

Public WiFi networks are safe as long as you don’t use critical apps

When you connect to a network regardless if its public or private you expose your device to great amount of threat vectors even if you don’t use the network connection. Connecting to a network allows other users to see your device, the services it runs, ports open and if not well protected to gain control of your device without you even knowing it. Even if your device is well-protected, what about the application data? In any smart-phone today there no such thing as “I don’t use my app in public wifi”. Applications run all the time in background, and can be invoked if necessary without the user noticing. You don’t have to open the app for it to be in use, how do you think instance notifications and updates happen? Install an network monitor and check all sorts of connections made when the phone is idle. So when you connect to a public wifi network by default all your applications try to establish connections with it’s remote server and if not protected, your data could be leaked and possibly account hijacked.

There is no need of security to my phone

One of the most prevalent and arduous thoughts to correct is, “I don’t have any valuable or information that is worth protecting in my phone”. The utmost importance of digital identity itself requires a different article. You don’t need a digital-wallet or access to highly confidential information for you to protect your phone. Your basic usage patterns, social media accounts, basic email accounts, access to other systems, contact information even simply your phone number, or device itself should be protected from unauthorized access. Your phone could be used to launch an attack, to gather information or impersonate you. Have you wondered how social-engineering attacks work and why they are very successful? It’s because of the ignorance of people around.

Emails are harmless as long as you don’t click

Email providers do provide good enough protection against spam and virus threats using different methodologies. But it will only do the needful, and it has it’s limits as well. Earlier days for an email attack to be successful, a user interaction is required. Either you download and open a file, or click a link to open a website. Today with advancement in browser interactivity and feature plugins, just opening an email is sufficient to trigger exploits on your computer. So opening emails from unknown or suspicious users are dangerous unless you have the right protection.

Only adult-rated sites contain viruses

Most people believe that viruses and threats are only generated from sites that contain pornography. Internet is driven on a profit based policy which encourages every site to inject advertisements to their viewers. This allows multiple javascript to be injected when you visit these sites and they are surely not just to display you the best seasonal offer, most of these advertisements attempt to exploit vulnerabilities in your browser or machine.

Linux environment is safe compared to windows

The never-ending question of which platform is better has seen numerous discussions and debates over the years. Linux vs Windows or Android vs iOS are more or less the same to validate the choice of ours. But the most important point in all of this discussions is the fact that there is no single environment that expose zero vulnerabilities. People think that using Linux environment is considered safe compared to windows because most of the viruses are targeted at windows like products (commercialized products). During the early 2000’s this was true, because the deadliest viruses that were uncovered were exploiting vulnerabilities in windows. But, at the same time there were exploits on Linux that had the same impact as viruses on windows. In a security enforcement point of view windows is the most secure operating system compared to Linux, yet at the core-architecture level Linux out-win windows. One thing for certain is that exploiting vulnerabilities in windows is harder than Linux, because;

• Linux is open-source and Windows is closed-source, meaning every issue, bug-fix, reports in Linux source is known to the public whereas Windows maintain a closed-door policy and reveal only the necessary details. Open-source is a double edged sword which not only benefit the developers of software but also malware-authors who can leverage the existence of information.
• Hardly any virus-scanners, anti-virus guards or firewalls are available for the Linux platform that are good as those available for the Windows. The underlying onion-architecture of Linux does provide a formidable defense against bugs in each layer to minimize the scope of the exploit, but a malware-author who has good understanding of the Linux system can easily navigate through.

You can trust applications available at play store and app store

There are many app markets that provide mobile applications that can be downloaded for free or purchase online. Google play-store is the official android app market while Apple App Store is the official market for iOS apps. While publishing an app for play-store is easy compared to app-store due to its rigorous security checks, doesn’t necessarily guarantee that app-store is free of malware apps. However, the Apple store is known for generally having higher quality apps than the Play Store. This is largely due to Apple’s careful process of evaluating an app. This also means that there are fewer apps available in the Apple store than in the Play Store. Whichever, the app you download be it from app-store or play-store, you must be aware of the issues, vulnerabilities, permissions and security policies enforced on the apps you used.

Finally,

So how can you surf the internet without the risk of getting compromised? well there is no bulletproof way. The best thing possible is to make sure you do the necessary in order to prevent or at least make it difficult for those cyber-criminals. Just because there is no guaranteed way to prevent your computer from been compromised, doesn’t mean you should not do the basics. It’s like not locking the door to your home because even if you lock it, it can be broken.

With the rapid increase of internet of things the danger of internet of threats becomes even more. I hope to write another article on the impact of internet of things soon.

Yes, Industry 4.0 is already here and it is the fourth industrial revolution. How did we miss that?

Before I explain what Industry 4.0 is and how it affects us, first lets walk-through what is called an industrial revolution and how come its version 4.0 already? where is 2.0 and 3.0? or 3.1 maybe?

Industrial Revolution

This can be viewed in many different aspects and different fields would have different definitions as to what it is, as it roots to most of the branches of current economical, social, technological and political views. In simple terms, I would like to see it as a process of evolution of the civilized society. This mostly changed the way things happened around the world, and how we perceive social status, financial transactions, innovation, manufacturing etc. The causes of the Industrial Revolution were complicated and remain a topic for debate, with some historians believing the Revolution was an outgrowth of social and institutional changes brought by the end of feudalism.

So according to the folk stories, during the latter part of the 17th century the transition from hand production methods to machinery factories, increased the standard of living for the general population for the first time in history. This was actually the beginning of industrial revolution and not the ‘industrial revolution’ that common people like us have in our mind.

Industry 1.0 is the period where mechanization was introduced using water power and steam power. This is the starting point for the evolution and certainly was not the end to it. Although Industry 1.0 is considered the great industrial revolution, some believe that it was actually Industry 2.0 that speed up the innovation and development. Second industrial revolution also known as the technological revolution is the period where mass production began with assembly lines and more importantly the introduction to electrical systems. The period 1867–1914 “The Age of Synergy” during which most of the great innovations were developed. Unlike the First Industrial Revolution, the inventions and innovations were engineering and science-based.

The third industrial revolution which happened during the 21st century (went right under our noses) is the digitization of manufacturing processes. This is somewhat complicated as to what exactly is the third industrial revolution, vastly different opinions have been put forward as to the introduction of web-based services, autonomous robots, nanotechnology etc. But whichever it is, the third industrial revolution was much more disruptive than previously seen revolutions. Few exaples I could comprehend;

• Creating light weight, durable and strong materials using nanotechnology
• Building sophisticated objects using successive layers in 3D printing
• Genetically engineered viruses used for our own advantages

None of these are definitions or theories of what industrial revolution is and what it is not. Industrial revolution itself is a vast area of study which changed so many aspects of our lives. This article is not about comparing or analyzing the industrial revolutions but to introduce the new revolution that is upcoming (or ongoing), Industry 4.0. So this section was to simply enlighten you the advancement of our socioeconomic status and to emphasize that the evolution did not end but still evolves in a much rapid rate.

Smart Factory or Smart World?

Industry 4.0 or the Fourth Industrial Revolution also known as the “smart factory” instead of the previously known “factory or digitized factory” refers to the current trend of automation, data-exchange and cyber-physical systems in manufacturing technologies. As an example for a factory to be considered Industry 4.0, it must include

• Interoperability — machines, devices, sensors and people that connect and communicate with one another.
• Information transparency — the systems create a virtual copy of the physical world through sensor data in order to contextualize information.
• Technical assistance — both the ability of the systems to support humans in making decisions and solving problems and the ability to assist humans with tasks that are too difficult or unsafe for humans.
• Decentralized decision-making — the ability of cyber-physical systems to make simple decisions on their own and become as autonomous as possible.

It is believed to be launched by Germany under the name “Industrie 4.0” to digitalize manufacturing in 2011 by a group of government officials, industry leaders and academics. The physical systems become Internet of Things, communicating and cooperating both with each other and with humans in real time via the wireless web. However, the definitions and the revolution itself has transformed itself to much more deeper and wider aspects.

IoT (Internet of Things), the convergence of IT (Information Technology) and OT (Operational Technology), rapid application development, digital twin simulation models, cyber-physical systems, advanced robots and cobots, additive manufacturing, autonomous production, consistent engineering across the entire value chain, thorough data collection and provisioning, horizontal and vertical integration, the cloud, big data analytics, virtual/augmented reality and edge computing amidst a shift of intelligence towards the edge (artificial intelligence indeed): these are some of the essential technological components of the fourth industrial revolution.

So when is this happening?

Industry 4.0 is a rather vast vision and, increasingly, vast reality that also stretches beyond merely these technological aspects. Reports have even suggested that emerging markets like India could benefit tremendously from Industry 4.0 practices, and the city of Cincinnati, Ohio has declared itself an “Industry 4.0 demonstration city” to encourage investment and innovation in the manufacturing sector there. So the real question is when not when is it coming? but how quickly it will be adopted and what would be the impact of it?

Although previous industrial revolution was focused only on manufacturing (eventually and gradually other aspects were developed as well), it is going beyond the industry and we clearly see the expansion across other verticals on top of manufacturing in the news we see today. The principles of Industry 4.0 have gone global, at different speeds and connecting like-minded people for collaborative work to solve universal challenges. Much work have been carried out in the research community as well as the industry, collaboratively working together to establish a hyper-connectivity that goes beyond the factory walls and where production means interact not only with the factory environment itself but along the value chain to which customers, suppliers, logistics etc. belong to.

How does it effect us?

Smart Factory is very infectious due to its attractive characteristics and benefits which is not only governing the manufacturing process but also spreading like a worm towards smart transportation and logistics, smart buildings, smart healthcare, smart power generation and even smart cities. This certainly doesn’t mean that technology is taking over the world (those cyber-phobic people spreads false messages as robots are invading) but that all verticals are increasingly adapting the Industry 4.0 concept and the principles. It introduces the end-to-end concept and is widely accepted in many industries where manufacturing is not just creating stuff but also considering the life-cycle of the items considered including usage analytics, customer reviews, customer needs and sales analysis. Every data is collected, processed, analyzed and decentralized decision making by autonomous processes helps to improve the overall quality of service.

Social Machines

Social networking was a buzzing term few years back, which created a platform for people to share information, talk about events and discuss topics with like-minded people. Now you can think of this as an information flow from one party to another with further interactions. Welcome the social network for autonomous intelligent machines sharing information to one another to coordinate processes and create flexible yet efficient production lines. An uninterrupted flow of information to organize themselves on their own and to work together.

Smart Products

Items you create (this is the transformation from traditional way of buying a generic product to manufacturing your own personalized product) will hold data about itself. Data will be collected, updated and evaluated from the first stage of production to customer usage to all the way of recycling. Information such as operating conditions, usage information, current health metric etc. These smart products can talk to machines and tell what kind of action/process it should be performed on, for example the shape or the quantity of the product. Customers are involved to get much more personalized products, while maintaining or reducing the production cost. For example you can create your own personalized sandwich by providing the instructions what and how it should be created. For much better example your car or your TV, you can instruct how it should work, what features it should have etc.

Smart Services

Intelligent products serves much more than satisfying the customer needs, they serve as a platform for new business models. These information collected and processes can be used to provide a foundation for offering personalized, data-based services in addition to the physical product. These new capabilities which are enabled by cyber-physical systems such as health monitoring, structural safety monitoring, logistics, warehousing, shipping, mining are essentially what we call Internet of Things use cases.

Especially in medical technology the two most important are data and connectivity, which are opening the door to new sensor and data analytic operations, as well as remote surgical procedures, training, maintenance, and service operations. Bio-printing is also finding its first applications in the field of regenerative medicine.

Summary

On one end, digital transformation is a technological revolution: mobile internet is more widely available than ever before, smartphones have been democratized, clouds have revealed the potential for almost infinite storage, and the cost of these services is constantly decreasing. On the other end of the spectrum, it’s sociological: faster and more successful market penetrations have left consumers expecting both continuous and immediate service availability. As the industrial application of these digital transformations, Industry 4.0 is radically changing value creation in every market. Industry 4.0 combines a wide set of technologies at different stages of maturity. Supported by new enabler technologies and propositions, there are four levers at play: digital data, inter-connectivity, automation, and digital customer interface.

There is so much more to Industry 4.0 that one could comprehend in one article. Smart house, Smart cities are just two topics itself that can be viewed into detailed level and elaborate the impact of Industry 4.0. But that would be for another article.

References

• http://www.economist.com/node/21553017
• https://en.wikipedia.org/wiki/Industry_4.0
• https://www.forbes.com/sites/bernardmarr/2016/06/20/what-everyone-must-know-about-industry-4-0/#1840f43795f7
• https://www.quora.com/What-is-the-main-difference-between-Industry-3-0-and-Industry-4-0
• https://english.bdi.eu/article/news/what-is-industry-40/
• https://www.rolandberger.com/en/Publications/pub_digital_transformation_in_the_healthcare_space.html

Passwords are an important part of computer security at any organization. They often serve as the first line of defense in preventing unauthorized access to organizational resources and confidential data. Hence, it is important to choose passwords that are complex and cryptic enough to prevent others from guessing them or from cracking them with “password cracker” programs. It is also important to keep passwords secret and secure so others can’t use them or find them.

But there is a misconception or a false sense of security among many, that password complexity need to be a mixture of alphanumeric characters with case sensitivity and special characters. This is not true today, given the rapid development of computing power. The randomness of a password is called its entropy. Reading about password entropy in detail will almost hurt your brain. To simplify, a password such as “password” or “12345678” has almost no entropy; a password such as “vB%&7P” has a higher-than-average entropy. However, it’s nearly impossible to calculate a password’s true entropy without examining it along with every other choice in the password space. But several people have made intelligent guesses, and the password entropy model you rely on will have a significant impact on the overall success of your password policy defense.

According to the new NIST (National Institute for Standards and Technology, USA) guidelines for password policies, a ‘secure password’ is not what the norm is right now. Anyone interested in the draft specification for Special Publication 800–63–3: Digital Authentication Guidelines can review it as it evolves over on Github or in a more accessible form on NIST’s website. So what’s new?

• User friendly password
  Complex password doesn’t necessarily mean a combination of characters that doesn’t make sense to the user, it only burden the user and the verifier as well. In other words, we need to stop asking users to do things that aren’t actually improving security.
• Size Matters
  NIST’s new guidelines say you need a minimum of 8 characters. (That’s not a maximum minimum — you can increase the minimum password length for more sensitive accounts). Better yet, NIST says you should allow a maximum length of at least 64, so no more “Sorry, your password can’t be longer than 16 characters.”
• No dictionary words
  You should not use common words like ‘yankees’, ‘thisispassword’, ‘password’ etc and applications should prevent such passwords using a comprehensive ‘banned list’.
• No composition rules
  No more rules that force you to use particular characters or combinations, like those daunting conditions on some password reset pages that say, “Your password must contain one lowercase letter, one uppercase letter, one number, four symbols but not &%#@_, and the surname of at least one astronaut.” Let people choose freely, and encourage longer phrases instead of hard-to-remember passwords.
• No password hints
  Password hints are more useful to attackers than the users themselves. If we promote to use password they can remember instead of complex combinations, we would not require an hint for the password.
• No more expiration without reason
  This is my favorite piece of advice: If we want users to comply and choose long, hard-to-guess passwords, we shouldn’t make them change those passwords unnecessarily. The only time passwords should be reset is when they are forgotten, if they have been phished, or if you think (or know) that your password database has been stolen and could therefore be subjected to an offline brute-force attack.

Further tips,

• Do not share your passwords with anyone else, or in anyway publish them
• Use of password managers are highly encouraged, as it will provide you a convenient way to store your passwords as well as provide you feedback on how good your password with an up-to-date word list of ‘words we should not use’
• Don’t let your applications or browser remember/store passwords that provide access to restricted systems or confidential data
• Use different passwords for accounts that provide access to restricted data than for your less-sensitive or personal accounts.

In summary, passwords are still one of the main line of defense against cyber attacks, so it is the responsibility of the user to use a secure password and protect access to restricted systems and confidential data. Secure password is not necessarily a combination of multiple characters, it can be a mixture of words that make sense to you like “EveningSamanthaAte2PanCake$”. Use of password managers is a convenient way to store, retrieve and update your passwords.

Links:

1. https://lifehacker.com/5529133/five-best-password-managers
2. http://www.passwordmeter.com
3. https://howsecureismypassword.net/

Last year when I was attending the IEEE CLOUD16 conference in San Francisco there was a buzz about something called “the fog”. I was attending to the keynote speech by Kerrie Holley then CTO, Analytics & Automation Platforms at Cisco Systems where he spoke about the new trends in software engineering, the emergence of devops practices and the role of the cloud, big data and machine learning for automation. One thing he mentioned that stuck me was the emergence of something called the fog, in his own words it was similar to cloud but not exactly cloud. The buzz of fog was around the conference especially with the IoT research work. At a time when the term ‘cloud’ was not that familiar with everyone (even though some have heard not many actually know what it is), fog computing was a bit confusing, at least to me.

Recently I found out another buzz named “edge computing” and it referred to the same or at least similar definition (according to my understanding) to what fog was all about. I came across a Congress on Edge Computing named MEC Congress which stands for Multi-access Edge Computing (formerly as Mobile Edge Computing) Congress. This was the opportunity for me to attend this event and learn about Edge computing technology from the experts themselves. MEC Congress 2017 held in Berlin, Germany was attended by many big tech companies such as Intel, Google etc and many other leading companies from different industries that uses Edge computing in their industries, such as Toyota, Huawei, AT&T, Vodafone, Verizon, Sony etc. I was fortunate to get an VIP invitation for the whole event to attend the workshops, conference and award ceremony as well. There will be separate article focused on that.

So, what exactly is fog computing? and what is edge computing? do they relate to each other or is it the same thing with two different names? In order to explain what each of this means, first lets touch base on what is cloud computing. Cloud computing was a revolution few years back which changed how we process data efficiently using resources, which is the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer. With the rapid growth of technology and emergence of Internet of Things, there are lots of data to be processed and the demand for it has sky rocketed. Cloud computing enabled us to share resources and fasten our computational work remarkably, but there was one bottleneck that everyone expected would be the single point for performance degradation for the cloud model, which is the network bandwidth.

Today the technology has developed immensely that you can share your experience with others in 4k resolution or at least full HD. The internet has changed from a information pulling source to data feeding mechanism, computational power is going back from centralized to distributed architectures, streaming videos has evolved to augmented reality and virtual reality, thus enabling many advanced features to the end users. But this all comes with a price for the network bandwidth. So many data going around, Telecos and middle-ware providers have to keep up with the demand and constantly pushing the limits further. We have now developed 5G technology to keep up with the high-speed demand and never ending increase for quality of service. But the question is will the cloud alone be able to withstand the high-amount of traffic that is been generated? do we really need to send everything to the cloud? can’t we have more computational processing closer to the device (edge of the network)?

In an attempt to solve this while keeping the cloud model, two solutions were presented which involve pushing intelligence and processing capabilities down closer to where the data originates, the fog computing and the edge computing. In respect of manufacturing and automation industries this means a network and system architectures that attempt to collect, analyze, and process data from these assets (data generating physical assets or things deployed at the very edge of the network — such as motors, light bulbs, generators, pumps, and relays) more efficiently than traditional cloud architecture. These architectures share similar objectives:

• To reduce the amount of data sent to the cloud
• To decrease network and Internet latency
• To improve system response time in remote mission-critical applications.

Fog Computing

Fog computing is a term “cisco” developed for the extended cloud computing model in which the concept according to Wikipedia is

an architecture that uses one or more collaborative end-user clients or near-user edge devices to carry out a substantial amount of storage (rather than stored primarily in cloud data centers), communication (rather than routed over the internet backbone), control, configuration, measurement and management (rather than controlled primarily by network gateways such as those in the LTE core network).

In simple terms its an architectural concept to bring computational power and storage capability and networking optimizations to the edge of the IoT devices to address the challenges of latency, bandwidth, security etc. This would enable IoT to focus on its own growth rather than worrying about the offloading and processing problems. Thus OpenFog consortium was founded to create a framework which standardizes how fog computing should be built with interoperability, and an open architecture. A framework to create a secure and robust multi-vendor interoperable fog computing environment.

You can find more information about the framework from this site: https://www.openfogconsortium.org/ra/

Edge Computing

Another group formed to drive edge interoperability is the Edge X Foundry, an open source consortia approach managed by The Linux Foundation and seeded with some 125,000 lines of code developed internally by Dell Technologies. According to Wikipedia edge computing is

a method of optimizing cloud computing systems by performing data processing at the edge of the network, near the source of the data. This reduces the communications bandwidth needed between sensors and the central data centre by performing analytics and knowledge generation at or near the source of the data. This approach requires leveraging resources that may not be continuously connected to a network such as laptops, smartphones, tablets and sensors.

In edge computing, physical assets like pumps, motors, and generators are again physically wired into a control system where the PAC (point of an automation controller) automates them by executing an onboard control system program. Intelligent PACs with edge computing capabilities collect, analyze, and process data from the physical assets they’re connected to — at the same time they’re running the control system program. In edge computing, intelligence is literally pushed to the network edge, where our physical assets or things are first connected together and where IoT data originates.

More about the OpenEdge architecture reference: https://documentation.progress.com/output/ua/OpenEdge_latest/index.html#page/gsdev%2Fan-overview-of-openedge-high-level-application-a.html%23wwID0ES3DK

Summary

While “fog computing” and “edge computing” are overly simplified concepts that simply rehash ideas that we’ve had before, the real opportunity lies in configuring the “nodes” and optimizing their performance. The primary difference between your IoT device communicating with a node versus the cloud is that bi-directional communication with a node can take milliseconds while conversing in the same manner with the cloud can take minutes. In my opinion these are two different solutions for a single problem to optimize cloud performance. While the fog computing is been more favored by the service providers or the data processing companies, the edge computing is favored by the telecos and middle-ware companies that actually owns the back-bone network and radio network.

Hosting analytics, performance processing, and heterogeneous applications closer to physical centers and control systems, can help enable edge intelligence. They will help us move portions from cloud-based applications closer to devices which use them. It isn’t easy to figure out what software tasks to remove from the cloud, but the growth of bandwidth-consuming devices may force us to take a different approach.

Debugging is the most annoying part of code development and nobody enjoys the process especially when it is not your code. In order to develop an application smoothly you need to setup the right tools correctly that help make the process a little less painful. This get even worse if you are using Docker to setup your development environment and the tools you usually need are not promptly available at the command line. In this article, I will show how to integrate docker components in PHPStorm to ease your pain.

Docker Environment

Docker is an eco-system for building, shipping and running applications in multiple environments, giving programmers, devOps and sysadmins the common box they need to configure in order to get their job done in their software development pipeline. You can easily setup your dev environment using Docker for multiple operating systems (Windows, RedHat, Ubuntu etc), multiple versions of applications (PHP 5.5, 7 etc) and multiple application services (Java, Ruby, Python etc). Having Docker to take care the environment problem we can leverage it’s benefit to focus on development.

But the problem is that most of the IDE’s are developed to run on top of the host system and very few support containerized environments. But not all hope is lost, most IDE’s are now providing integration support for Docker. I will be using PHPStorm 2016.3 to demonstrate the idea.

PHPStorm & Docker Integration

Once you have configured Docker to deploy your development environment, we can start configuring PhpStorm to work with Docker. First we need to configure the Docker daemon with our PhpStorm, this could either be in a remote host using API or directly in your local machine socket. Go to file-> settings -> Build, Execution, Deployment -> Docker

Click on the + icon to add a Docker daemon and setup the correct configuration. In your local machine docker can be accessed using the unix socket, for docker-compose you can give the absolute path for the executable or leave the command name if its configured with your profile. Once you have a Docker daemon configured, the next step is to configure which image we should use to run our application for debugging or testing purposes. In your settings menu go to Languages & Frameworks -> PHP. Click on configure CLI interpreter,

Select the Docker server you configured earlier and it will list the images you currently have pulled in your machine. You can select one image from existing list or you can type the image name you want the interpreter to be on. Once you select the image PHPStorm will automatically detect the PHP version and the Debugger version in the image.

Finally, we need to configure phpunit so within the IDE itself you can execute test and do various test activities that are supported by PHPStorm. In the settings windows go to Languages & Frameworks -> PHP -> PHPUnit and add a PHPUnit by clicking the + button and select Remote Interpreter, in the drop down you will find the interpreter we just configured, select the settings and provide the path to the phpunit program.

Your docker environment should provide support for Xdebug in order to configure the development workflow properly. Using xdebug we can make our lives easier as every time we run a script in PHP, information will be sent to our IDE and it will display it in an informative view. This is a sample configuration for xdebug.ini

xdebug.remote_enable=on
xdebug.remote_autostart=on
xdebug.remote_connect_back=off
xdebug.remote_handler=dbgp
xdebug.profiler_enable=0
xdebug.profiler_output_dir="/var/www/html"
xdebug.remote_host=172.17.0.1
xdebug.remote_port=9000

So assuming everything is configured inside the container, we will enable Debugging in PhpStorm as follow. Open the project via PHPStorm, we need to configure the container where our code is running. Add all containers (if multiple used) so it would be easy when we need to configure the debugging options. Go to File->settings and search for the keyword ‘servers’, you will get a screen like this;

Click on the + sign and add the containers by setting a name you prefer, and provide the IP address of the container (which you can obtain using Docker command docker inspect piped to grep using a regex for easiness) and the port its running (Apache port, Nginx port etc). You should tick the option “Use path mappings” and provide the host path and absolute path inside the container. For example your code may reside in your host machine in “/home/user/workspace/php-app” and inside the container it will be in your web server Document root, something like “/var/www/html/php-app”.

Everything is set for you to run your tests and debug your code using any PHP version thanks to Docker. There are many more features PHPStorm offers you to get the power of Docker, you can even run Docker commands view Docker containers, you can even debug containers itself inside using the IDE. All in All PHPStorm is a great IDE which provides just everything you need when your developing your application.

Dockerized PHP Development with PHPStorm was originally published in Docker Captain on Medium, where people are continuing the conversation by highlighting and responding to this story.

When you are working on multiple projects with tight deadlines it becomes a pain in the neck to change your host environment to match the project requirements. Not only the hassle but the risk of ruining your almost optimum development environment which worked fine since the beginning of time, now needs to be altered. Working on multiple machines or virtual machines can solve the problem but the time for context switch could be a concern. So why not use docker container technology to solve this problem of environment isolation.

Few days back one of my friends tried Docker and was interested to use docker to orchestrate his development environment using Docker. The problem he was facing and actually a common issue for most linux developers is software change management. The scenario goes like this, he was doing well with LAMP setup of PHP 5.5 and MySQL 5.7 until he got a project which required him to use MySQL 5.5, which he thought should be a piece of cake and started to downgrade the MySQL version. He followed few tutorials here and there and was able to successfully downgrade to MySQL 5.5 but only to find out later that it was not working as expected. Spending hours to troubleshoot and figure out what went wrong, despite the fact there is a deadline to meet in the project he was frustrated and running out of safe options. This is where Docker came to help (obviously not a smooth solution but gets the problem solved).

Here is how you can easily set up different versions of software and use them at the same time without conflicting the resources of one another. Following docker-compose file is a simple setup to use two PHP versions and MySQL versions on the same host and complimentary tool phpmyadmin to make it feel like home. Let’s assume you are running Ubuntu Xenial which by default is packaged with PHP7 and MySQL 5.7. Now we want to use PHP 5.5 and 5.6 with MySQL 5.5 and 5.6 versions all at the same time without compromising the host setup.

version: '2'
services:  
 web55:    
  image: php:5.5-apache
  ports:      
   - "7070:443"    
  volumes:      
   - ./web55/html:/var/www/html      
   - ./web55/php5/apache2/php.ini:/etc/php5/apache2/php.ini
   - ./web55/php5/cli/php.ini:/etc/php5/cli/php.ini  
   - ./web55/apache_logs:/var/log/apache2     
   - /etc/localtime:/etc/localtime    
  links:      
   - db55      
   - db56 
  restart: always    
  container_name: dev_web_55  
 
 web56:    
  image: php:5.6-apache    
  ports:      
   - "7071:443"    
  volumes:      
   - ./web56/html:/var/www/html      
   - ./web56/php5/apache2.php.ini:/etc/php/5.6/apache2/php.ini
   - ./web56/php5/cli/php.ini:/etc/php/5.6/cli/php.ini      
   - ./web56/apache_logs:/var/log/apache2     
   - /etc/localtime:/etc/localtime   
  links:      
   - db55
   - db56      
  restart: always    
  container_name: dev_web_56  
 
 db55:    
  image: mysql:5.5    
  expose:      
   - "3306"    
  volumes:      
   - ./db55/config:/etc/mysql  
   - ./db55/mysql_logs:/var/log    
   - /etc/localtime:/etc/localtime  
  environment: 
   MYSQL_ROOT_PASSWORD: 1234    
  restart: always    
  container_name: dev_mysql_55   

 db56:    
  image: mysql:5.6   
  expose:      
   - "3306"    
  volumes:      
   - ./db56/config:/etc/mysql 
   - ./db56/mysql_logs:/var/log
   - /etc/localtime:/etc/localtime    
  environment: 
   MYSQL_ROOT_PASSWORD: 1234    
  restart: always    
  container_name: dev_mysql_56   

 phpmyadmin:    
  image: phpmyadmin/phpmyadmin
  volumes:      
   - /etc/localtime:/etc/localtime    
  links:      
   - db55      
   - db56   
  ports:      
   - "9090:80"    
  environment:      
   PMA_HOSTS: db55,db56   
  restart: always  
  container_name: dev_phpmyadmin

This docker-compose configuration file consists of 5 containers namely dev_web_55, dev_web_56, dev_mysql_55, dev_mysql_56 and dev_phpmyadmin. Note the naming convention I used to depict the version of the software. I have also linked each web container to both MySQL containers and same for phpmyadmin. This way you can have multiple combinations for different projects. If you are not familiar with the notations please see my article on Docker terminology and docker-compose usage. You can also refer the official Docker documentation which is self-explanatory and gives you handful of examples to understand.

Now all you have to do is correctly volume the settings you want inside the container. I have linked the html folder and few php settings so I can change these settings on run-time just as you do for your host setup. You can also volume the Apache settings and any other director/file as you prefer.

Once everything is setup, you can use PHP 5.5 by accessing with the port 7070 and PHP 5.6 with the port 7071. Within the application you can connect to different MySQL hosts using the host name db55 and db56. I have also included a multi host phpmyadmin which you can access using the port 9090 and allows you to login into both db55 and db56 containers. Hope this enlighten you to try out Docker to deploy multi version tools. Happy development!!

Multiple versions of AMP in One Host was originally published in Docker Captain on Medium, where people are continuing the conversation by highlighting and responding to this story.

First, lets take a look at how docker works, in my previous articles I explained the high-level technology of Docker and the primary concepts of Docker which defines the rest of the terminology. Docker images are the base of everything and it’s a stack of read-only layers where in each layer a Docker command is recorded. When we start a container from such a image, Docker engine takes the read-only stack of layers and add a read-write layer on top of it where the changes are applied. It also make sure that the changes in read-write layer hides the underlying original file in the read-only layer. As usual Docker has a name for this technology too, Union File System; combination of read-only layers with a read-write layer on top.

Within the Union File System, Docker came up with the concept called volumes, which enabled us to persist data and share between containers. They are foreign objects out of the Union File System which can be mounted with either read-only or read-write permissions.

Docker volume can be looked at in many ways, the primary way to categorize volumes are

• Data Volume
• Data Volume Container.

There are three main use cases for Docker data volumes

1. To keep data around when a container is removed
2. To share data between the host filesystem and the Docker container
3. To share data with other Docker containers

Let’s take a look how we can make use of volumes to persist data. The easiest way to achieve this is to create volumes from the host machine. To demonstrate the idea, I will be using Ubuntu:14.04 image. Let’s spin up a container and list the directory in /var

docker run Ubuntu:14.04 ls /var

Now lets, mount a directory in our host system to /var and run the same command as above. I created a sample directory with a hello.txt document inside it to demonstrate the example.

$docker run  -v ~/sample:/var ubuntu:14.04 ls /var

hello.txt

As you can see the content inside the /var directory of the container we ran is the same as the content in the new directory we created. This way anything the container writes to the /var directory will be persisted as long as the content exist in ~/sample directory we mounted on. Additionally we can specify if the volume in read-only or read-write mode to prevent unwanted modifications.

This is very useful to modify configuration files, data files and installation files inside containers which needs instant updates and dynamically loaded into the container. As we know contents inside docker container is the same as instantiated from the image. This way we can freeze the programs we don’t want to be modified later by the user and allow only certain programs to be altered at run-time.

Now, let’s have a look at the more complex idea of docker volumes using another container. Yeah! that’s right, we can use a container as a shared medium between multiple containers without running any program on top of it. As I explained in my previous articles, a container would be live only as long as the primary/initial program (PID 1) is running. Since data containers doesn’t require any program, it will not be live, but will get the job done. How to build a good data container is a question that is repeatedly asked in the docker community. The main objective of a data container is to store data and only that. It shouldn’t run any application, it should be small and simple that would not cause problems at the production level which would be hard to troubleshoot.

Let’s have a look how we can make use of a data container, on a docker eco-system. For this example, I will be using the BusyBox image (BusyBox is a very good ingredient to craft space-efficient distributions) which is most light-weight container. First, we spin up a data container with a directory named foo

docker run -v /foo --name data-container busybox

Now lets spin up a Ubuntu container and create a file named bar.txt inside /foo directory which is mounted in data-container volume.

docker run --volumes-from data-container ubuntu:14.04 touch /foo/bar.txt

Finally, lets spin up another container with data-container volume so we can list the content of /foo directory. Remember original Ubuntu container doesn’t have a directory named /foo and the busy box didn’t have a bar.txt file in it.

docker run --rm --volumes-from data-container ubuntu:14.04 ls /foo

You will see the output of /foo directory with a file named bar.txt which we created earlier using Ubuntu container. So, the idea is very simple we can use multiple containers but one container to share data between them. This comes pretty handy when you need to backup data and remove the tedious task of running multiple commands in all your containers. Using docker commands like export and import we can create backups of the data-container and migrate to different servers easily. More on the application later. For now, my intention was to give you an idea of what docker volume is and how we can leverage the benefit of it.

Docker Volumes was originally published in Docker Captain on Medium, where people are continuing the conversation by highlighting and responding to this story.

Let’s setup a dev environment for web application development to see how it works. The art of dockerization is identifying decomposable components and designing a architecture that is easily pluggable and easy to maintain. So if we take a simple web application we need a web server, database server, programming environment and optionally a load balancer. For this exercise lets create a simple setup which includes a Apache Server, MySQL Server and PHP 5.5 environment. First lets setup a MySQL server using Docker with the following command

docker run -d --name Database_Server --restart always -e MYSQL_ROOT_PASSWORD=root mysql:5.5

This command will pull mysql image with the tag 5.5 and instantiate a container named “Database_Server”. If you noticed we have used some additional parameters (which are simple to understand) with Docker run command. Docker run accepts many flags and parameters which gives us the flexibility to modify the container behavior as we wish. You can find the full list of parameters for Docker run command here, I will explain the ones I used above.

• d or - -detach is a flag used to indicate the running mode of the container. There are two modes you can choose the container to run from which are the default “foreground” mode or the detached “background” mode. Simply put in foreground method the container would exit once the command it run exit(or once you exit the interactive shell). Background mode can be used to keep the container alive until we explicitly stop the container. More details on that can be found here. By design, containers started in detached mode exit when the root process used to run the container exits.
• - -name followed by a string (a name) would set the container name to that specified string. Each container has a unique name and a container ID to identify the container within the host.
• - -restart flag is used to set the restart policy of the container. Docker daemon can restart your container (if stopped by failure) according to the policy we set. If MySQL server process exit due to some exception, the container would automatically stop since that is the root process used to run the container. Hence, we need some sort of restart mechanism to start our containers, thankfully Docker provides that. You have several restart policies given by docker. Possible options are : no, on-failure[:max-retry], always, unless-stopped.
• e or - -env followed by a key=value combination would set the value as a environment variable in the docker container. These environment variables are specific to the container we are running. In this case we pass the ROOT_PASSWORD for the MySQL database. You can find more environment variables you can set for the MySQL container here.

Once you enter this command, you will get a hash string which is the ID of the container. You can use docker ps to verify that a container named Database_Server is up and running. The MySQL image with tag 5.5 has the bash installed on it (usually it is not installed) so we can use docker exec -it Database_Server bash to open a bash inside the container. Then, we can use any MySQL command we use in a normal bash to execute inside the container. You can check the logs of the container by using docker logs Database_Server.

Now that we have a MySQL server up and running what we need is a PHP environment and a Apache server to serve our web pages. You can either use two different containers one for PHP and Apache and link these together or use one container that has both. I prefer to use one container which has Apache installed with PHP 5.5. So let’s go ahead and instantiate a container with both Apache and PHP. First you need to create your own directory which will be used as the web root directory of the container. It doesn’t have to be in your host /var/www/html instead you can define your own folder.

docker run -d --name Web_Server --restart always -p 80:80 -v "$PWD":/var/www/html  --link Database_Server:dbserver php:5.5-apache

There are few additional parameters I have used here to instantiate my Apache container.

• -p or --published followed by a mapping (ABC:DEF) would publish a containers port to one of host port. The order is HostPort:ContainerPort. In our use case we publish 80 port with host 80 port. If we don’t specify a mapping and instead just a port then docker would automatically map the given port of the container to a random port in the host.
• -v or --volume followed by a mapping (A/B/C:D/E/F) would mount a volume in the host. Additionally we can specify modes of mounting (read only/read-write etc). Here we mount the ‘/var/www/html’ directory of the container to the current directory of the host.
• --link followed by a mapping (A:B) will link containers. We can refer containers within containers by using this setup. For our web applications we need to communicate with the database server. Hence we need to know the Docker IP address of the container, but with this option we can easily use a link that can be used as the host name and docker will automatically map the correct IP address to that. So we do not need to query the IP address of the database server manually and set it up.

You can verify that your web server is working by including a index.html file in your current directory and accessing it using your web browser with http://localhost

Now, everything works fine! We have a working web server linked with a database server. But, this only solves the problem partially. We can’t remember each and every parameter for the run command when we setup a dev environment for a new machine. The above example we might be able to remember the exact command but when it comes to different containers remembering this would be not practical. On the other hand what we desire was one simple command to get this up and running for us. This is where docker-compose gives you the added advantage. Compose is a tool for defining and running multi-container Docker applications. First, lets check if you have docker-compose installed in your machine using the command “docker-compose --version” and if it doesn’t recognize your command you should install docker-compose. Click here to see instructions.

Now the idea is simple, we need to create a docker-compose.yml file which captures all the commands we ran earlier. This way we can use docker-compose to run the same commands to instantiate all the containers we require in one command. That’s pretty cool rite? let’s try this out.

First we need to define the containers using the syntax of docker-compose. You can find more details on that here. For the above setup the docker-compose file is as follows

Web_Server:
  image: php:5.5-apache
  restart: always
  container_name: Web_Server
  volumes:
    - /var/run/docker.sock:/tmp/docker.sock:ro
    - ./logs/apache2:/var/log/apache2
    - ./html:/var/www/html
    - /etc/localtime:/etc/localtime
  environment:
    - VIRTUAL_HOST=example_host
  links:
    - Database_Server:dbserver
  ports:
    - 80:80

Database_Server:
  container_name: Database_Server
  image: mysql:5.5
  restart: always
  volumes:
    - /etc/localtime:/etc/localtime
  environment:
    - MYSQL_ROOT_PASSWORD=root

I have additionally linked the host clock and container clock so the clocks are synced (which is useful when debugging), and I have mounted the logs directory for Apache in one of the folders. Using this docker-compose.yml file we can use the following command to instantiate the dev environment

docker-compose up

The above command should be initiated within the directory the docker-compose.yml file is or we can specify the file using the -f parameter. The above command will instantiate all defined containers. If we have multiple definitions and only need certain containers to be started we can use the same command followed by the container names. There are more controls we can use to configure the way our containers would start (start up order, network config, volume containers etc.) using docker-compose. But, for this exercise this would suffice.

In order to check the status of docker containers we usually use docker ps command which would list the status of all the containers running in our machine. If we want to know the status of the containers defined in our docker-compose file we can use the command docker-compose ps which is similar to previous command but filters the containers we require.

I didn’t cover all the scenarios of setting up a dev environment, but I hope this would help you to get an idea on how we can utilize docker to setup our own environment. There are multiple ways you can create your dev environment, this is just one simple way to elaborate the usage of docker-compose. If you have any query do comment below I will help to the best of my knowledge.

Setting up a dev environment using Docker was originally published in Docker Captain on Medium, where people are continuing the conversation by highlighting and responding to this story.

Docker Image

Docker image is the basis of containers. It’s a collection of layers stacked on top of each other. Each Docker image references a list of read-only layers that represent filesystem differences. Think of it like the jar file for java applications, you create one jar file but you can deploy it anywhere a java run time is enabled.

We can create our own docker images, but you will be able to find the exact same image you wanted to create if you just checked at Docker Hub. Docker tools to manage images, provide a easy way to build, ship and deploy. Just build your own image, push to docker hub and everyone can pull the image to deploy a container.

Furthermore, docker images are extensible. Yes that’s right! you can even extend one of the official docker-image which will have the same attributes of your selected image but with additional settings you put on it. The advantage is reuse of open source code. You don’t have to re-invent the same Docker Image but rather extend an existing image.

Docker Container

Docker container is the actual running piece created from a docker image. The only difference between a docker image and a docker container is a top writable layer. When you create a new container, you add a new, thin, writable layer on top of the underlying stack. This layer is often called the “container layer”. All changes made to the running container — such as writing new files, modifying existing files, and deleting files — are written to this thin writable container layer. But once you delete the container, this top layer will be deleted as well. So it’s not persistent. The best thing with docker is that you can create a docker image using the current docker container with a commit. Hence, enabling us to capture system information and make it immutable so its reproducible anywhere. This solves many of the server related problems we encounter these days.

Dockerfile

Blueprint of a docker image (a text document) is known as Dockerfile. This file contains all the commands you would run in order to build the docker image you want. Docker can build images reading this file, which is one of the key advantages of docker.

#
# Super simple example of a Dockerfile
#
FROM ubuntu:latest
MAINTAINER Andrew Odewahn "odewahn@oreilly.com"

RUN apt-get update
RUN apt-get install -y python python-pip wget
RUN pip install Flask

ADD hello.py /home/hello.py

WORKDIR /home

So putting everything we discussed so far, we first write a Dockerfile which is like the definition of the image. Using the Dockerfile we create a docker image. We then push this image to Docker Hub and provide a unique tag that can be used to identify our image. Using this tag and image name, we can pull the docker image and deploy on another computer as a docker container.

Docker in Action

Docker has so many new concepts and words after sometime you get a headache understanding one another. So lets take a break from the theoretical learning and run some commands and get a feeling of what docker can offer. First and foremost you need to install docker in your machine. You can find clear and precise instructions at their website on how to install docker, depending on your operating system. If you are on windows or Mac, download the docker toolbox and follow the wizard, everything will be setup for you. If your having a linux operating system there is a easy way to install docker, using curl or wget.

 curl -sSL https://get.docker.com/ | sh

or

wget -qO- https://test.docker.com/ | sh

Assuming you have installed docker properly, let’s continue to run some commands. To check if you have docker installed, run

docker version

you should be able to see a output similar to this

Client:
 Version:      1.11.1
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   5604cbe
 Built:        Tue Apr 26 23:30:23 2016
 OS/Arch:      linux/amd64

Server:
 Version:      1.11.1
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   5604cbe
 Built:        Tue Apr 26 23:30:23 2016
 OS/Arch:      linux/amd64

which means you have docker installed in your machine. Lets check what are the running containers in your machine by issuing the following command

docker ps

PS: If the current user is not on the docker group, you will be getting an error like, “docker daemon is not running”. In that case you can add your current user to docker group using

sudo usermod -aG docker $your_user

If everything is working fine, you should be able to see a list of containers running. But if your a beginner, it would be empty. So let’s try running a ubuntu container with just a hello world example.

docker run ubuntu echo "hello-world"

This command entails several other docker commands to serve your desire. The above command says “docker please run a ubuntu container and print hello world”. Before I explain how docker would take care of the rest, let me first briefly explain about docker image name and tag. Basically each docker image has it’s own image name and a tag that uniquely identifies a docker image. For example we have several nginx containers like nginx:alpine, nginx:latest etc. If you have not mentioned a tag by default docker would assume the tag is ‘latest’. So when we request a ubuntu container it would run a ubuntu:latest container.

So now that’s clear, lets see how docker do the necessary to run our command. First docker would check in your local repository if there is a docker image names ubuntu:latest. If there is no such image it would pull the image from Docker Hub or any pre-configured private/public registry. You can confirm this by issuing the following command and observing the images you have in your local machine, once you run the above command.

docker images

Once the image is pulled, docker would create a container and then run the echo command. This would print “hello-world” and exit. Amazing right? You just spin up a ubuntu environment and printed ‘hello world’ in a matter of few seconds. Docker containers are more useful for short-time, small-scale jobs. You can just run the particular command once and get rid of the container.

You can run a container in daemon mode (in background) by indicating at the docker run command. So, let’s try running a Apache container in daemon mode.

docker run -d nginx

This would fetch the ‘latest’ nginx image and initialize a docker container in daemon mode. In order to access the nginx server we first need to know either the name of the docker container or the container id. Each container has a unique name and a id that can be used to issue docker commands. We can name our containers by using ‘- -name’ flag at run command. If we do not specify the name docker will come up with a random but cool name for your docker container. But the container id is automatically generated based on some hash function. So let’s run docker ps and see the name and id of your nginx container. You should be getting a similar screen as below

We have a container named ‘kickass_bose’ (you might have a different name) running with container ID 99654384943a. The container creation date/time and the status (stopped, paused, up), exposed ports and several other information can be observed. This information indicates that the container has 80 and 443 ports opened, which means nginx is runing on these ports. Now in order to access this server we need to get the IPAddress of the container. Each container will have its own docker generated IPAddress which can be used to access from the host system. Using following command we can get this information.

docker inspect kickass_bose | grep IPAddress

Using docker inspect command we can get the full details of this container, the network interfaces, mounted volumes, configuration information etc. As I mentioned earlier docker commands can be used with container name or container id. Here I have used the container name for my container but you can also use container ID as well. But remembering names is pretty easy than some random numbers. Since we are only concerned of the IPAddress of the container we piped it with a regular expression. (You can simply use docker inspect command without pipelining and see what information you can get about your container.) Using the above command you will see the IPAddress assigned to your container, and using that you will be able to access the home page of nginx server through your browser.

We can map one of the host port to any container, so it can be accessed even from remote machines. To do that we have to use the -p flag with HOST_PORT:CONTAINER_PORT. Now the container port should be exposed by the container in order for this to work. Since nginx container by default exposes 80 and 443 port we can use one of that to bind with a host machine port.

docker run -d --name nginxServer -p 8080:80 nginx

There is nothing new in this command, we simply named the container and mapped the two ports. So now you should be able to access your second nginx container simply by accessing http://localhost:8080

Now run docker ps again, you should be able to see two nginx servers running. You can run any number of nginx containers (limited by your computing resources) concurrently with other apache containers, IIS containers etc. Each container can have different settings, different programming languages, different run time environments etc.

The other advantage of docker since its lightweight, the speed of execution. You can start, stop, instantiate, terminate any container in matter of seconds. Let’s stop our second nginx container by issuing the following command

docker stop nginxServer

This will stop the container and no one can access this container. If you try to access http://localhost:8080 again you will get an error page. Now if you run docker ps you will only see one container running. Using the -a flag we can list all the containers in our machine. By default docker ps would only list the active running containers.

docker ps -a

Above command should list the nginxServer container and indicate its status as stopped. You can start the container again by issuing

docker start nginxServer

It would bring up the nginx server in quick time. So, imagine each container contains a web application and you can just switch it on/off the service using above commands. This opens up many possibilities that were not even in our wildest dreams few years back.

Is that all you can do with Docker containers? Nope. This is just one of many use cases. There are several ways you can use docker containers to deploy your desired application. This was just to give an introduction to docker commands, hope it was a worthwhile read. Happy dockering!!

Getting started with Docker was originally published in Docker Captain on Medium, where people are continuing the conversation by highlighting and responding to this story.

Metaphorically it’s actually the same meaning where a person would load/unload ships at a port. Docker is a tool designed to ease your work of creating, maintaining, shipping and deploying applications using containers. Containers are light weight tools that does the exact same thing (more and less) a virtual machine does. Container is an operating system level virtualization method to run multiple systems on a single host. Usual virtual machine hypervisors emulate virtual hardware, thus making it fat in terms of system requirements. Containers on the other hand share operating system instead of emulating hardware which leaves about 90% of junk of VM and provide you a tiny, neat capsule to run your applications.

Docker is not the first company to reap the benefits of container technology, actually containers date back to at least year 2000. In fact, everything in Google runs in a container. So why all of a sudden docker became the hot word? what did docker change?

Docker, previously called dotCloud, is an extension of LXC’s (LinuX Containers) capabilities. Docker introduced a new eco-system that provided high-level API for everything about your container, starting from developing to deploying. Docker-Engine, Docker Hub, Docker Compose etc are some of those tools that is part of the docker eco-system that helps automate a lot of the work previously had to be done by writing thousands of lines of code. Docker offers much more than just being light weight.

• Portability: just like Java “write once and deploy anywhere”, you can use Docker to create a single object containing all your bundled applications and run it in any docker-enabled host. This object can be transferred and quickly installed in just matter of seconds.
• Versioning: You can keep track successive versions of a container using git like capabilities with commit, diff, roll back etc. With Docker Hub you can just push your code once and pull to install anywhere in the world.
• Component reuse: Docker allows building or stacking of already created packages. For instance, if you need to create several machines that all require Apache and MySQL database, you can create a ‘base image’ containing these two items, then build and create new machines using these already installed.
• Shared libraries: There is already a public registry (http://index.docker.io/ ) where thousands have already uploaded the useful containers they have created. Again, think of the AWS common pool of different configs and distros — this is very similar.

So docker is not just another container technology, its not another configuration management tool. Docker is a tool that empowers your devOps practices such as Infrastructure as Code, Continuous Integration and Continuous Deployment etc. Docker containers are easy to deploy in a cloud. As Ben Lloyd Pearson wrote in opensource.com, “Docker has been designed in a way that it can be incorporated into most DevOps applications, including Puppet, Chef, Vagrant, and Ansible, or it can be used on its own to manage development environments. The primary selling point is that it simplifies many of the tasks typically done by these other applications. Specifically, Docker makes it possible to set up local development environments that are exactly like a live server, run multiple development environments from the same host that each have unique software, operating systems, and configurations, test projects on new or different servers, and allow anyone to work on the same project with the exact same settings, regardless of the local host environment.”

This really only touches on what docker technology is about, but it has a lot of people very excited. Docker is a game changer, what it does now compared to what we have been doing couple of years back is just “magic”. That is why Docker is changing the face of development. The Docker community is already curating and cultivating generic service containers that anyone can use as starting points. The fact that you can use these Docker containers on any system that runs the Docker server is an incredible feat of engineering.