Docker Overview

Why do we need docker ?

Docker is a tool that lets you package your application with everything it needs (code, libraries, settings) into a single unit called a container, so it can run anywhere — on any computer, server, or cloud — exactly the same way.

---

What it can do?

Docker is a tool that lets you run applications in small, lightweight packages called containers, so they work the same on any computer or server.

---

What are container?

Containers are lightweight, standalone, and executable software packages that include everything needed to run a piece of software, including the code, runtime, system tools, libraries, and settings. They are isolated from each other and the host system, ensuring that they run consistently across different computing environments. Containers are a core component of Docker, allowing applications to be deployed and run reliably regardless of the underlying infrastructure.

---

Virtual machine vs Container

---

What is Public Docker Registry - dockerhub and how it related to docker?

🌐 What is a Public Docker Registry?

A public Docker registry is an online library where developers can store, share, and download Docker containers (called images).

---

🐳 What is Docker Hub?

Docker Hub is the official public Docker registry provided by Docker.

It’s like the Play Store or App Store, but for Docker images!

---

🧩 How Docker Hub is Related to Docker:

---

🐳 Container vs 🖼️ Image (with Examples)

Basic Docker Commands

▶️ 1. Running Containers

---

📋 2. Viewing Containers

---

⏹️ 3. Stopping and Removing Containers

---

🖼️ 4. Working with Images

---

⚙️ 5. Running Commands Inside Containers

---

🔀 6. Attach / Detach Mode

---

→ Run the command docker version and look for the version of Client and Server Engine.

→ Run a container with the nginx:1.14-alpine image and name it webapp

• Run the command docker run -d --name webapp nginx:1.14-alpine and check the status of created container by docker ps command.

→ Delete all images on the host

• Stop and delete all the containers being used by images.

• Then run the command to delete all the available images: docker rmi $(docker images -aq)

→ docker run redis:4.0 here the version (4.0) specified concider as TAG. When we don’t specify for tag, docker consider it as latest. We can find all the versions on https://hub.docker.com/

---

✅ Goal:

We will create a simple Python application that:

• Asks the user for their name via standard input (input()).

• Greets them with a welcome message: Welcome, <name>!.

We'll then run it using Docker in both non-interactive and interactive (-it) modes to demonstrate the difference.

---

✅ Step 1: Create the Python App

app.py

name = input("Enter your name: ")
print(f"Welcome, {name}!")

---

✅ Step 2: Create a Dockerfile

Dockerfile

FROM python:3.11-slim

WORKDIR /app
COPY app.py .

CMD ["python", "app.py"]

---

✅ Step 3: Build the Docker Image

docker build -t python-input-demo .

---

✅ Step 4: Run the Container (Non-Interactive Mode)

docker run python-input-demo

Output:

Enter your name:

➡️ It hangs or exits immediately without taking input.

---

✅ Step 5: Run the Container with -it (Interactive Mode)

docker run -it python-input-demo

Output:

Enter your name: Arindam
Welcome, Arindam!

✅ Success! Because -it attaches a pseudo-TTY and lets you interact with the container's STDIN.

🐳 Docker Port Mapping

---

🧠 What Is Port Mapping?

Docker containers run in isolated environments. If a container serves content on port 80, you can’t access it directly from your computer unless you map that port to your host machine.

👉 Port Mapping connects:

<your-host-machine>:<host-port> ➝ <container>:<container-port>

---

📦 Example App: Nginx Web Server

Nginx is a lightweight web server that listens on port 80 by default.

---

✅ Option 1: Run Container With Port Mapping

🔹 Command:

docker run -d --name mynginx -p 8080:80 nginx

🔹 What it does:

• Runs Nginx in the background (-d)

• Maps your host’s port 8080 ➝ container’s port 80

• Container is named mynginx

🔹 Test it:

Open your browser or run:

curl http://localhost:8080

✅ You’ll see the default Nginx page.

---

🚫 Option 2: Run Container Without Port Mapping

🔹 Command:

docker run -d --name mynginx2 nginx

This runs Nginx without mapping its port to the host, so:

• You cannot access it via localhost

• You must access it via the container’s internal IP

---

🔍 How to Access the App via Container IP (No Port Mapping)

Step 1: Find the container IP:

docker exec <container_name_or_id> hostname -i

🔹 Output:

172.17.0.3

That’s the internal Docker IP.

Step 2: Access the container (only works from the host, not the internet):

curl http://172.17.0.3

✅ You’ll see the Nginx welcome page even without port mapping.

🧨 This won’t work from another device unless you do port mapping.

---

📦 Docker Volume Mapping – MySQL Example

---

🧠 Why Use Volumes?

By default, when you remove a container, all data stored inside it is lost. Volumes allow you to:

• Persist database data

• Share files between host and container

• Backup and restore easily

---

🔴 Scenario 1: Running MySQL Without Volume Mapping

docker run --name mysql -e MYSQL_ROOT_PASSWORD=root -d mysql

• Starts a MySQL container.

• Password is set to root.

• No volume is mounted.

❌ Problem:

docker stop mysql
docker rm mysql

Now all data (e.g., tables, users, etc.) is lost forever, because /var/lib/mysql was inside the container.

---

✅ Scenario 2: Run MySQL With Volume Mapping

🔹 Step 1: Run MySQL with a volume:

docker run --name mysql -e MYSQL_ROOT_PASSWORD=root \
-v /opt/datadir:/var/lib/mysql \
-d mysql

• -v /opt/datadir:/var/lib/mysql maps:

  • /opt/datadir on the host

  • to /var/lib/mysql in the container (where MySQL stores its data)

🔹 Step 2: Stop and Remove Container

docker stop mysql
docker rm mysql

🚫 Container is gone, but...

🔹 Step 3: Data is still safe on the host:

ls /opt/datadir

📁 You’ll see MySQL’s database files.

---

🔹 Step 4: Start a New Container with Same Volume

docker run --name mysql2 -e MYSQL_ROOT_PASSWORD=root \
-v /opt/datadir:/var/lib/mysql \
-d mysql

✅ MySQL will reuse the existing data from /opt/datadir.

---

🛠️ Common Docker Inspection & Logging Commands

---

Docker Images

How to create an image file ?

To create a Docker image file for your Flask web application, follow these steps:

1. Create a Dockerfile: This file contains the instructions to build the Docker image.

    FROM ubuntu
    RUN apt-get update
    RUN apt-get install -y python3 python3-pip
    RUN pip3 install flask flask-mysql
    COPY . /opt/source-code
    ENTRYPOINT FLASK_APP=/opt/source-code/app.py flask run
   

2. Build the Docker Image: Use the Dockerfile to build your image and tag it appropriately.

    docker build -t arindam/my-custom-app .
   

3. Push to Docker Hub: If you want to make the image available publicly, push it to Docker Hub.

    docker push arindam/my-custom-app
   

By following these steps, you will have created a Docker image for your Flask web application, which can be shared and deployed across different environments.

---

🧱 Layered Architecture in Docker (Explained with Dockerfile)

When you build a Docker image, each line in your Dockerfile creates a new layer in the image. These layers are stacked on top of each other to form the final image.

---

🔍 What is a Layer?

• A layer is a read-only snapshot of the file system at a certain point during image build.

• Docker caches layers and reuses them when possible to speed up builds.

• Only the top layer (created when a container is run) is writable.

---

📄 Example Dockerfile (Layered Breakdown)

DockerfileCopyEditFROM ubuntu:20.04                        # Layer 1
RUN apt-get update -y                   # Layer 2
RUN apt-get install -y python3 pip      # Layer 3
COPY . /opt/source-code                 # Layer 4
WORKDIR /opt/source-code                # Layer 5
RUN pip install -r requirements.txt     # Layer 6
ENV FLASK_APP=app.py                    # Layer 7
ENTRYPOINT ["flask", "run", "--host=0.0.0.0"]  # Layer 8

---

docker history <image-name> shows a layer-by-layer breakdown of how a Docker image was built, including commands used and layer sizes.

---

🎨 Using Environment Variables in Applications & Docker

🧠 Application Code with Hardcoded Value:

color = "red"

---

✅ Step 1: Replace with Environment Variable

Update your code to:

import os

color = os.environ.get('APP_COLOR', 'red')  # Default: red

---

🚀 Step 2: Run with a Custom Value in Terminal

export APP_COLOR=blue
python app.py

➡️ This sets color = "blue" at runtime!

---

🐳 Using ENV Variables in Docker

🔹 Run Docker Container with ENV Variable:

docker run -e APP_COLOR=blue simple-webapp-color

---

🔍 Inspect ENV Variable Inside a Running Container:

docker inspect <container_name> | grep APP_COLOR

Or see all environment variables:

docker inspect <container_name> | grep -i env

---

🐳 Docker: CMD vs ENTRYPOINT – What's the Difference?

---

🔹 ENTRYPOINT – The Main Command

Think of this as the “always run this command” part of your container.

✅ Fixed command
✅ Hard to override (unless you use --entrypoint)
✅ Great for containers that always run one app (e.g., nginx, python, java)

Example:

ENTRYPOINT ["python"]
CMD ["app.py"]

🔸 On container start →

python app.py

🔸 If you run:

docker run myimage script.py

It runs:

python script.py

---

🔹 CMD – The Default Arguments

This is the "default instruction" when no command is passed.

✅ Can be overridden easily at runtime
✅ Works with or without ENTRYPOINT
✅ Good for setting default parameters

Example:

CMD ["echo", "Hello from CMD"]

🔸 On container start →

echo Hello from CMD

🔸 But if you run:

docker run myimage echo "Hi there"

✅ It overrides CMD!

---

🔄 Combined Usage

ENTRYPOINT ["python"]
CMD ["app.py"]

• 🟢 docker run myimage → python app.py

• 🟡 docker run myimage test.py → python test.py

---

Docker Compose

🐳 Setting Up Multi-Service Applications with Docker Compose

When setting up a complex application that runs multiple services, Docker Compose is the better approach. Instead of running several docker run commands manually, you can define your entire application stack in a single YAML configuration file named docker-compose.yaml.

With docker-compose, you:

✅ Define all services and their configurations
✅ Run the complete stack using docker-compose up
✅ Maintain a version-controlled configuration in one file
❗ Note: Docker Compose is intended for a single Docker host (not multiple nodes)

---

🗳️ Example: Simple Voting Application

This is a basic voting application stack with the following components:

🧱 Application Architecture:

User
 ↓
Vote App (Python) → Redis
                     ↓
                Worker (.NET) → PostgreSQL
                                         ↓
                               Result App (Node.js)

---

🔧 Running Services Individually (Using docker run)

Assuming all images are pre-built and available:

# Run Redis
docker run -d --name=redis redis

# Run PostgreSQL
docker run -d --name=db postgres:9.4

# Run Vote app with Redis link
docker run -d --name=vote -p 5000:80 --link redis:redis voting-app

# Run Result app with DB link
docker run -d --name=result -p 5001:80 --link db:db result-app

# Run Worker with links to both Redis and DB
docker run -d --name=worker --link redis:redis --link db:db worker

🔗 --link creates aliases and adds entries to /etc/hosts, allowing containers to resolve each other by name.

---

✅ Docker Compose!

Instead of running each container manually, define all of them in a docker-compose.yaml file:

version: '3'

services:
  redis:
    image: redis
    container_name: redis

  db:
    image: postgres:9.4
    container_name: db

  vote:
    image: voting-app
    container_name: vote
    ports:
      - "5000:80"
    depends_on:
      - redis

  result:
    image: result-app
    container_name: result
    ports:
      - "5001:80"
    depends_on:
      - db

  worker:
    image: worker
    container_name: worker
    depends_on:
      - redis
      - db

💡 depends_on ensures that services are started in the right order.

---

🚀 Launching the Stack

Once the docker-compose.yaml is ready, you can bring up the entire stack with:

docker-compose up -d

To stop and remove everything:

docker-compose down

---

🔧 Docker Engine

• Definition: The core part of Docker, allowing building, running, and managing containers.

• Architecture:

  • docker (CLI) —> sends commands via REST API —> dockerd (daemon)

• Components:

  • Docker Daemon (dockerd)

  • Docker Client (docker)

  • Docker REST API

• Edit Docker Engine Host:

    // /etc/docker/daemon.json
    {
      "hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2375"]
    }
  

    sudo systemctl restart docker
  

---

🌐 Remote Docker Access

• Insecure (no TLS):

    docker -H tcp://<REMOTE_IP>:2375 ps
  

• Secure (with TLS):

    docker --tlsverify \
      --tlscacert=ca.pem \
      --tlscert=cert.pem \
      --tlskey=key.pem \
      -H=tcp://<REMOTE_IP>:2376 ps
  

---

🧱 Namespaces in Docker

Namespaces isolate resources to create container environments.

📌 Used to make containers feel like they are separate systems.

---

🧮 cgroups (Control Groups)

• Purpose: Limit, monitor, and isolate resource usage of processes.

• Docker uses cgroups to control:

  • CPU

  • Memory

  • Disk I/O

  • Number of processes (PIDs)

  • Devices

• Example Command:

    docker run --memory="256m" --cpus="1" nginx
  

• Monitor container usage:

    docker stats <container_id>
  

• cgroup location in Linux:

    /sys/fs/cgroup/
  

---

🐳 Docker Storage

---

📁 File System Structure in Docker

When Docker is installed on a system, it creates a specific folder structure at:

/var/lib/docker

This directory contains several subdirectories:

🔹 Important: Docker stores images, containers, volumes, and other metadata in this location by default.

---

🧱 Layered Architecture of Docker Images

Docker builds images using a layered architecture. Each line in the Dockerfile forms a new layer, which contains only the changes made by that instruction.

✅ Example:

1. FROM ubuntu → Base image layer

2. RUN apt-get install → Adds system packages

3. RUN pip install flask → Adds Python packages

4. COPY . /app → Adds source code

5. ENTRYPOINT ["python", "app.py"] → Defines startup command

🔄 Layer Reuse (Cache Efficiency)

When building another application with the same base image and dependencies, Docker reuses the common layers from cache, creating only the new layers (e.g., source code and entrypoint).

✅ This approach:

• Saves build time

• Reduces disk space usage

---

🧠 Understanding the Copy-on-Write (CoW) Mechanism

Image layers are read-only.

🔧 What happens when a file is modified inside a container?

1. Docker copies the original file to the container’s read-write layer.

2. All future modifications happen on this copied version.

3. This is called the Copy-on-Write mechanism.

✅ Benefits:

• Keeps image layer unchanged and reusable

• Allows multiple containers to share the same image layer

---

📦 Container Writable Layer

When a container is created (docker run), Docker adds a writable layer above the image layers.

This layer stores:

• Logs

• Temporary files

• Any data written by applications

❗ This writable layer is:

• Ephemeral — it exists only as long as the container exists.

• Deleted when the container is removed.

---

💾 Persisting Data Using Volumes

🔹 Problem: What if you want to preserve data (e.g., DB records) even after container deletion?

✅ Solution: Use Volumes

---

🗂️ Volume Mounting (Managed by Docker)

Step 1: Create a volume

docker volume create data_volume

This creates a directory under:

/var/lib/docker/volumes/data_volume/_data

Step 2: Run container with volume

docker run -v data_volume:/var/lib/mysql mysql

• data_volume is mounted to /var/lib/mysql inside the container.

• All DB writes go to this volume on the host.

• Data persists even after the container is deleted.

💡 If you skip creating the volume beforehand:

docker run -v data_volume2:/var/lib/mysql mysql

Docker will auto-create the data_volume2.

---

📂 Bind Mounting (Using Host Directory)

If you already have data on the host (e.g., /data/mysql) and want to use that:

docker run -v /data/mysql:/var/lib/mysql mysql

This maps the host folder /data/mysql directly into the container.

🔄 This is called Bind Mounting.

---

🆕 Modern Way: Using --mount Option

The -v flag is considered the old style.

🧾 Preferred: --mount

docker run \
  --mount type=bind,source=/data/mysql,target=/var/lib/mysql \
  mysql

Key-Value Options:

---

⚙️ Storage Drivers – The Core Behind Docker Storage

Docker uses Storage Drivers to manage:

• Layered image architecture

• Copy-on-write functionality

• Container writable layer

Common Storage Drivers:

✅ Docker auto-selects the best storage driver depending on the host OS.

---

🌐 Docker Networking

---

🚀 Overview

When Docker is installed, it automatically creates 3 default networks:

---

🧰 Basic Networking Commands

---

🛠️ Bridge Network (Default)

• A private internal network created by Docker on the host.

• Containers get an internal IP (typically from 172.17.x.x range).

• Containers can communicate with each other using internal IPs.

• External access requires port mapping:

    docker run -p 8080:5000 webapp
  

🔍 Example:

docker run -d --name web1 nginx
docker run -d --name web2 nginx
# web1 and web2 can talk to each other using 172.17.x.x or by container name

---

🏠 Host Network

• The container shares the same network interface as the host.

• No network isolation → directly uses host’s IP and ports.

• Useful for performance or access simplicity (e.g., for servers).

✅ Pros:

• No need for port mapping (-p flag not required).

• Fast network performance.

⚠️ Cons:

• Port conflicts: Can’t run multiple containers on the same port.

• Breaks isolation between host and container.

---

🚫 None Network

• The container is not attached to any network.

• No external access.

• No communication with other containers.

• Best for security and sandboxing.

---

🔧 Creating a Custom Bridge Network

If you want containers to be grouped or isolated, create a custom internal network:

docker network create \
--driver bridge \
--subnet 182.18.0.0/16 \
custom-isolated-network

🎯 Benefits:

• Group containers logically.

• Provide isolation between groups.

• Assign static subnets.

---

📜 Listing & Inspecting Networks

---

🔁 Container-to-Container Communication

🧭 Access by IP

• You can use a container’s internal IP like 172.17.0.3.

• ❌ Not reliable: IPs may change after restarts.

🧱 Access by Name ✅ (Best Practice)

• Containers can resolve each other by name.

• Docker runs a built-in DNS server at 127.0.0.11 inside containers.

🔹 Example:

• Web app container can connect to MySQL using:

    mysql://mysql_container:3306
  

• As long as both are on the same Docker network.

---

🧪 Under the Hood: How Docker Implements Networking

1. Network Namespaces

• Each container runs in its own network namespace.

• Provides complete isolation: interfaces, routing tables, etc.

2. Virtual Ethernet (veth) Pairs

• Docker connects containers using veth pairs:

  • One end inside container, other end in bridge.

  • Acts like a virtual network cable.

3. Bridge Interface

• Docker creates a bridge (e.g., docker0) on the host.

• All container interfaces connect to this bridge.

4. Built-in DNS Server

• Docker includes an embedded DNS server to resolve container names.

• Internal IP: 127.0.0.11 in containers.

• Automatically updates when containers join/leave a network.

---

Docker Registry

📦 What is a Docker Registry?

A Docker Registry is a storage and distribution system for Docker images. It is where Docker images are stored, managed, shared, and retrieved.

---

🧾 Key Concepts

---

🌐 Types of Docker Registries

1. Docker Hub (Public Cloud Registry)

• Default registry used by Docker.

• Hosted at: https://hub.docker.com

• You can pull images directly:

    docker pull nginx
  

• Or push your own:

    docker push username/myapp
  

2. Private Registry

• You can host your own Docker registry within your organization:

    docker run -d -p 5000:5000 --name registry registry:2
  

• Useful for:

  • Internal development

  • Restricted access

  • Faster access inside local network

3. Other Registries

• Amazon ECR (Elastic Container Registry)

• Google Container Registry (GCR)

• GitHub Container Registry (GHCR)

• Harbor (open-source enterprise-grade registry)

---

⚙️ Docker Registry vs Repository

• Registry is the server that stores images.

• Repository is a collection of images (usually different versions of the same app) in the registry.

📌 Example:

• nginx → a repository

• nginx:latest, nginx:1.21 → image tags in that repository

• Stored at Docker Hub, which is the registry

---

🔁 Common Docker Registry Commands

---

🛡️ Authentication & Access Control

• Docker Hub supports public and private repositories.

• Private registries can be secured using:

  • HTTPS

  • Authentication mechanisms

  • Role-based access control

---

⚙️ Container Orchestration – Explained Visually

---

🐳 Docker and Its Limitation

🔹 Running a Single Application

You can run a Node.js application with Docker using:

docker run nodejs

• ✅ Simple and fast for local development

• ❌ But... it only runs one instance on one host

---

❌ The Problems with Manual Scaling

---

🚀 Solution: Container Orchestration

A system for managing, scaling, healing, and automating containerized applications across multiple Docker hosts.

---

🧰 What It Does

• 🔄 Automatic deployment of containers

• 📈 Auto-scaling: scale up when demand increases

• 📉 Auto down-scaling: scale down when demand drops

• ♻️ Self-healing: restart failed containers

• 🧭 Load balancing: distribute traffic across instances

• 🌐 Multi-host support: containers can run across many nodes

• 🔐 High availability: no single point of failure

---

🖥️ Typical Setup

[ Orchestration System ]
        |
+----------------------+
|    Multiple Hosts    |
+----------------------+
| Host 1 | Host 2 | ...|
| Nodejs | Nodejs | ...|
+----------------------+

Each host runs Docker and is controlled by the orchestration tool.

---

🧪 Docker Swarm Example

docker service create --replicas=100 nodejs

• 🎯 Deploys 100 instances of the nodejs application

• 📡 Swarm manages distribution, health, and load balancing

---

🔧 Popular Container Orchestration Tools

---

🐝 Docker Swarm – Container Orchestration with Ease

---

🧠 What is Docker Swarm?

Docker Swarm is Docker's native container orchestration tool that allows you to combine multiple Docker hosts into a single cluster (called a Swarm).

It provides high availability, load balancing, and fault tolerance — all while keeping Docker's simplicity.

---

🧱 Why Use Swarm?

---

🔧 Architecture of Docker Swarm

+----------------------------+
|       Swarm Manager       |
| (Leader & decision maker) |
+----------------------------+
             |
   -------------------------
   |           |           |
Worker 1   Worker 2   Worker 3  ← Executes tasks/containers

🎯 Roles:

• Manager Node:

  • Initializes and controls the swarm

  • Accepts service creation commands

  • Distributes tasks

• Worker Nodes:

  • Execute containers (tasks)

  • Report status to manager

---

🚀 Step-by-Step: Setting Up Docker Swarm

🖥️ Prerequisites:

• At least 2 or more hosts (VMs or machines) with Docker installed

---

✅ Step 1: Initialize the Swarm (Manager Node)

docker swarm init

📝 Output includes a docker swarm join command with a token for worker nodes.

---

✅ Step 2: Join Worker Nodes to the Swarm

Run the command from manager output on each worker node:

docker swarm join \
--token <worker-token> \
<manager-ip>:2377

✅ Once joined, these nodes become Swarm Nodes.

---

📦 Deploying Applications with Docker Services

Instead of manually running containers on each host, you can now use Docker Services, which Swarm distributes automatically.

---

🛠️ Traditional Method (not ideal):

docker run my-web-server

• Must be run manually on each node

• No auto-scaling, recovery, or balancing

---

✅ Swarm-Orchestrated Method (recommended):

docker service create --replicas=3 my-web-server

• Run from manager node only

• Creates 3 replicas of your web server

• Distributes replicas across worker nodes

• Monitors health & restarts if one fails

---

📡 Swarm Service In Action

---

🔍 Swarm Management Commands

---

☸️ Kubernetes – The King of Container Orchestration

---

🧱 What is Kubernetes?

Kubernetes (a.k.a. K8s) is an open-source container orchestration platform that automates:

• 🔄 Deployment

• ⚖️ Scaling

• ♻️ Self-healing

• 🔄 Rolling Updates

Think of it as the "brain" behind managing containers at scale in production environments.

---

🐳 Docker vs ☸️ Kubernetes

---

🚀 What Can Kubernetes Do?

• ✅ Deploy thousands of app instances with one command

• 📈 Automatically scale up/down based on load

• 🔁 Rolling upgrades to update versions without downtime

• ↩️ Rollback to previous versions if something goes wrong

• 🧪 Perform A/B testing (canary deployments)

• 🧠 Monitor app health and restart failed containers

• 🌍 Spread containers across multiple machines

---

🔗 Docker & Kubernetes – What's the Relationship?

Kubernetes runs containers, and Docker was the original container runtime used.
But Kubernetes now supports multiple runtimes like:

• 🔹 Docker

• 🔹 containerd

• 🔹 CRI-O

• 🔹 rkt (deprecated)

👉 Kubernetes manages containers; Docker runs them.

---

🏗️ Kubernetes Architecture

⚙️ Cluster = Master + Worker Nodes

               +----------------------------+
               |       Master Node          |
               |  (Control Plane Components)|
               +----------------------------+
                    /         |         \
                   /          |          \
     +------------+   +------------+   +------------+
     | Worker Node|   | Worker Node|   | Worker Node|
     +------------+   +------------+   +------------+
         |                  |                |
     [Docker]          [containerd]      [CRI-O]
         |                  |                |
     [Pods/Containers] [Pods/Containers] [Pods/Containers]

---

🧠 Master Node Components (Control Plane)

---

🔧 Worker Node Components

---

🛠️ kubectl – The Kubernetes Command-Line Tool

You interact with Kubernetes using kubectl (Kube Control):

🔧 Examples:

kubectl run my-web-server --image=web:v1 --replicas=1000
kubectl scale deployment my-web-server --replicas=2000
kubectl rolling-update my-web-server --image=web:v2
kubectl rolling-update my-web-server --rollback
kubectl get pods
kubectl describe deployment my-web-server

🧠 It communicates with the API Server, which updates the cluster state via etcd and schedules changes through the scheduler.

---

📦 Kubernetes Objects Overview

---

⚖️ Kubernetes = Production-Grade Orchestration