Docker cho Nguoi Moi Bat Dau: Tu Image Dau Tien den Deploy Production

spinny:~/writing $ vim docker-containers-complete-guide.md

1~
2Docker da thay doi cach chung ta xay dung, phan phoi va chay phan mem. Thay vi "chay duoc tren may cua toi", Docker dam bao rang ung dung cua ban chay giong nhau o moi noi - tren laptop cua ban, tren may cua dong nghiep, trong CI/CD va trong production. Trong huong dan nay, chung ta se di tu con so khong den viec deploy mot ung dung thuc te.
3~
4## Docker la gi?
5~
6Docker la mot nen tang dong goi ung dung cua ban va tat ca cac phu thuoc cua no vao mot don vi chuan hoa goi la **container**. Container la mot tien trinh co lap, nhe, chia se kernel OS cua may chu nhung co he thong tap tin, mang va khong gian tien trinh rieng.
7~
8```mermaid
9graph TD
10    subgraph "Traditional Deployment"
11        A1[App 1] --> OS1[Guest OS]
12        A2[App 2] --> OS2[Guest OS]
13        OS1 --> HV[Hypervisor]
14        OS2 --> HV
15        HV --> HW1[Hardware]
16    end
17~
18    subgraph "Docker Deployment"
19        B1[App 1] --> D1[Container]
20        B2[App 2] --> D2[Container]
21        D1 --> DE[Docker Engine]
22        D2 --> DE
23        DE --> HW2[Hardware]
24    end
25```
26~
27### Container vs May Ao
28~
29| Khia canh | Container | May Ao |
30|-----------|-----------|--------|
31| **Khoi dong** | Giay | Phut |
32| **Kich thuoc** | MB | GB |
33| **OS** | Chia se kernel may chu | OS khach day du |
34| **Co lap** | Cap tien trinh | Cap phan cung |
35| **Hieu suat** | Gan nhu native | Chi phi tu hypervisor |
36| **Mat do** | Hang tram moi may chu | Hang chuc moi may chu |
37~
38## Cai dat Docker
39~
40```bash
41# macOS
42brew install --cask docker
43~
44# Ubuntu/Debian
45curl -fsSL https://get.docker.com | sh
46sudo usermod -aG docker $USER
47~
48# Verify installation
49docker --version
50docker run hello-world
51```
52~
53## Cac Khai niem Cot loi
54~
55### Image
56~
57Image la mot template chi doc voi cac huong dan de tao container. Hay nghi ve no nhu mot ban chup nhanh cua ung dung va moi truong cua no.
58~
59```bash
60# Pull an image from Docker Hub
61docker pull node:20-alpine
62~
63# List local images
64docker images
65~
66# Remove an image
67docker rmi node:20-alpine
68```
69~
70### Container
71~
72Container la mot phien ban dang chay cua mot image. Ban co the tao, khoi dong, dung va xoa container.
73~
74```bash
75# Run a container
76docker run -d --name my-app -p 3000:3000 node:20-alpine
77~
78# List running containers
79docker ps
80~
81# List all containers (including stopped)
82docker ps -a
83~
84# Stop a container
85docker stop my-app
86~
87# Remove a container
88docker rm my-app
89~
90# View logs
91docker logs my-app
92~
93# Execute a command inside a running container
94docker exec -it my-app sh
95```
96~
97## Viet Dockerfile
98~
99Dockerfile la mot tap tin van ban voi cac huong dan de xay dung image. Moi huong dan tao mot layer.
100~
101### Dockerfile Co ban cho Ung dung Node.js
102~
103```dockerfile
104# Use an official Node.js runtime as base image
105FROM node:20-alpine
106~
107# Set working directory
108WORKDIR /app
109~
110# Copy package files first (better caching)
111COPY package.json package-lock.json ./
112~
113# Install dependencies
114RUN npm ci --only=production
115~
116# Copy application code
117COPY . .
118~
119# Expose the port the app runs on
120EXPOSE 3000
121~
122# Command to run the application
123CMD ["node", "server.js"]
124```
125~
126### Build va Chay
127~
128```bash
129# Build the image
130docker build -t my-node-app .
131~
132# Run the container
133docker run -d -p 3000:3000 my-node-app
134~
135# Visit http://localhost:3000
136```
137~
138## Multi-Stage Build
139~
140Multi-stage build giu cho image production cua ban nho bang cach tach moi truong build khoi runtime.
141~
142```dockerfile
143# Stage 1: Build
144FROM node:20-alpine AS builder
145WORKDIR /app
146COPY package.json package-lock.json ./
147RUN npm ci
148COPY . .
149RUN npm run build
150~
151# Stage 2: Production
152FROM node:20-alpine AS runner
153WORKDIR /app
154COPY --from=builder /app/dist ./dist
155COPY --from=builder /app/node_modules ./node_modules
156COPY --from=builder /app/package.json ./
157EXPOSE 3000
158CMD ["node", "dist/server.js"]
159```
160~
161Dieu nay tao ra mot image chi chua dau ra da bien dich va cac phu thuoc production - khong co ma nguon, khong co phu thuoc phat trien, khong co cong cu build.
162~
163### Vi du Multi-Stage cho Next.js
164~
165```dockerfile
166FROM node:20-alpine AS deps
167WORKDIR /app
168COPY package.json package-lock.json ./
169RUN npm ci
170~
171FROM node:20-alpine AS builder
172WORKDIR /app
173COPY --from=deps /app/node_modules ./node_modules
174COPY . .
175RUN npm run build
176~
177FROM node:20-alpine AS runner
178WORKDIR /app
179ENV NODE_ENV=production
180COPY --from=builder /app/public ./public
181COPY --from=builder /app/.next/standalone ./
182COPY --from=builder /app/.next/static ./.next/static
183EXPOSE 3000
184CMD ["node", "server.js"]
185```
186~
187## Volume: Du lieu Ben vung
188~
189Mac dinh, du lieu ben trong container se mat khi container bi xoa. Volume giai quyet van de nay.
190~
191```bash
192# Create a named volume
193docker volume create my-data
194~
195# Run with a volume
196docker run -d -v my-data:/app/data my-app
197~
198# Bind mount (map host directory to container)
199docker run -d -v $(pwd)/data:/app/data my-app
200~
201# List volumes
202docker volume ls
203```
204~
205## Mang
206~
207Docker tao cac mang co lap de cac container giao tiep voi nhau.
208~
209```bash
210# Create a custom network
211docker network create my-network
212~
213# Run containers on the same network
214docker run -d --name api --network my-network my-api
215docker run -d --name db --network my-network postgres:16
216~
217# Containers can reach each other by name
218# From "api" container: postgres://db:5432
219```
220~
221```mermaid
222graph LR
223    subgraph "my-network"
224        API[api container\nport 3000] -- "db:5432" --> DB[db container\nport 5432]
225    end
226    User -- "localhost:3000" --> API
227```
228~
229## Docker Compose
230~
231Docker Compose cho phep ban dinh nghia va chay cac ung dung nhieu container voi mot tap tin YAML duy nhat.
232~
233### docker-compose.yml
234~
235```yaml
236services:
237  api:
238    build: ./api
239    ports:
240      - "3000:3000"
241    environment:
242      - DATABASE_URL=postgres://user:pass@db:5432/mydb
243    depends_on:
244      - db
245~
246  db:
247    image: postgres:16-alpine
248    environment:
249      - POSTGRES_USER=user
250      - POSTGRES_PASSWORD=pass
251      - POSTGRES_DB=mydb
252    volumes:
253      - pgdata:/var/lib/postgresql/data
254    ports:
255      - "5432:5432"
256~
257  redis:
258    image: redis:7-alpine
259    ports:
260      - "6379:6379"
261~
262volumes:
263  pgdata:
264```
265~
266### Cac Lenh
267~
268```bash
269# Start all services
270docker compose up -d
271~
272# View logs
273docker compose logs -f
274~
275# Stop all services
276docker compose down
277~
278# Rebuild and restart
279docker compose up -d --build
280~
281# Scale a service
282docker compose up -d --scale api=3
283```
284~
285## .dockerignore
286~
287Giong nhu `.gitignore`, tap tin nay ngan cac tap tin khong can thiet bi sao chep vao image.
288~
289```plaintext
290node_modules
291.git
292.env
293*.md
294.next
295dist
296coverage
297```
298~
299## Cac Phuong phap Tot nhat cho Production
300~
301### 1. Su dung Image Co so Nho
302~
303```dockerfile
304# Bad: 1GB+
305FROM node:20
306~
307# Good: ~180MB
308FROM node:20-alpine
309```
310~
311### 2. Khong Chay voi Quyen Root
312~
313```dockerfile
314FROM node:20-alpine
315RUN addgroup -S app && adduser -S app -G app
316USER app
317WORKDIR /home/app
318COPY --chown=app:app . .
319```
320~
321### 3. Su dung Tag Image Cu the
322~
323```dockerfile
324# Bad: can change unexpectedly
325FROM node:latest
326~
327# Good: pinned version
328FROM node:20.11-alpine3.19
329```
330~
331### 4. Tan dung Build Cache
332~
333Sap xep cac huong dan Dockerfile tu it thay doi nhat den thay doi nhieu nhat:
334~
335```dockerfile
336FROM node:20-alpine
337WORKDIR /app
338~
339# These change rarely - cached
340COPY package.json package-lock.json ./
341RUN npm ci --only=production
342~
343# This changes often - not cached
344COPY . .
345```
346~
347### 5. Health Check
348~
349```dockerfile
350HEALTHCHECK --interval=30s --timeout=3s --retries=3 \
351  CMD wget -qO- http://localhost:3000/health || exit 1
352```
353~
354### 6. Su dung Bien Moi truong
355~
356```dockerfile
357ENV NODE_ENV=production
358ENV PORT=3000
359```
360~
361## Bang Tham chieu Nhanh cac Lenh Docker Thuong dung
362~
363```bash
364# Images
365docker build -t name:tag .        # Build image
366docker images                      # List images
367docker rmi image_name              # Remove image
368docker image prune                 # Remove unused images
369~
370# Containers
371docker run -d -p 3000:3000 image   # Run detached
372docker ps                          # List running
373docker stop container_name         # Stop
374docker rm container_name           # Remove
375docker logs -f container_name      # Follow logs
376docker exec -it container sh       # Shell into container
377~
378# Compose
379docker compose up -d               # Start services
380docker compose down                # Stop services
381docker compose logs -f             # Follow all logs
382docker compose ps                  # List services
383~
384# Cleanup
385docker system prune -a             # Remove everything unused
386```
387~
388## Tu Docker den Kubernetes
389~
390Docker quan ly cac container rieng le. Khi ban can dieu phoi hang tram container tren nhieu may chu, ban can Kubernetes. Docker va Kubernetes bo sung cho nhau:
391~
3921. **Docker**: xay dung va chay container
3932. **Kubernetes**: dieu phoi container o quy mo lon (lap lich, mo rong, tu phuc hoi)
394~
395Neu ban quan tam den buoc tiep theo, hay xem bai viet cua toi ve Gioi thieu Kubernetes.
396~
397## Ket luan
398~
399Docker la mot ky nang co ban cho cac nha phat trien hien dai. No loai bo su khong nhat quan ve moi truong, don gian hoa viec deploy va la nen tang cho viec dieu phoi container voi Kubernetes. Bat dau voi mot Dockerfile don gian, chuyen sang Docker Compose cho cac ung dung nhieu dich vu, va ap dung multi-stage build cung cac phuong phap bao mat tot nhat khi ban phat trien.
400~
401Cach tot nhat de hoc Docker la container hoa mot du an ma ban dang lam viec. Hay bat dau ngay hom nay.
402~

NORMAL · docker-containers-complete-guide.md [readonly]402 lines · :q to close

2Docker da thay doi cach chung ta xay dung, phan phoi va chay phan mem. Thay vi "chay duoc tren may cua toi", Docker dam bao rang ung dung cua ban chay giong nhau o moi noi - tren laptop cua ban, tren may cua dong nghiep, trong CI/CD va trong production. Trong huong dan nay, chung ta se di tu con so khong den viec deploy mot ung dung thuc te.

4## Docker la gi?

6Docker la mot nen tang dong goi ung dung cua ban va tat ca cac phu thuoc cua no vao mot don vi chuan hoa goi la **container**. Container la mot tien trinh co lap, nhe, chia se kernel OS cua may chu nhung co he thong tap tin, mang va khong gian tien trinh rieng.

8```mermaid

9graph TD

10 subgraph "Traditional Deployment"

11 A1[App 1] --> OS1[Guest OS]

12 A2[App 2] --> OS2[Guest OS]

13 OS1 --> HV[Hypervisor]

14 OS2 --> HV

15 HV --> HW1[Hardware]

16 end

17~

18 subgraph "Docker Deployment"

19 B1[App 1] --> D1[Container]

20 B2[App 2] --> D2[Container]

21 D1 --> DE[Docker Engine]

22 D2 --> DE

23 DE --> HW2[Hardware]

24 end

25```

26~

27### Container vs May Ao

28~

29| Khia canh | Container | May Ao |

30|-----------|-----------|--------|

31| **Khoi dong** | Giay | Phut |

32| **Kich thuoc** | MB | GB |

33| **OS** | Chia se kernel may chu | OS khach day du |

34| **Co lap** | Cap tien trinh | Cap phan cung |

35| **Hieu suat** | Gan nhu native | Chi phi tu hypervisor |

36| **Mat do** | Hang tram moi may chu | Hang chuc moi may chu |

37~

38## Cai dat Docker

39~

40```bash

41# macOS

42brew install --cask docker

43~

44# Ubuntu/Debian

45curl -fsSL https://get.docker.com | sh

46sudo usermod -aG docker $USER

47~

48# Verify installation

49docker --version

50docker run hello-world

51```

52~

53## Cac Khai niem Cot loi

54~

55### Image

56~

57Image la mot template chi doc voi cac huong dan de tao container. Hay nghi ve no nhu mot ban chup nhanh cua ung dung va moi truong cua no.

58~

59```bash

60# Pull an image from Docker Hub

61docker pull node:20-alpine

62~

63# List local images

64docker images

65~

66# Remove an image

67docker rmi node:20-alpine

68```

69~

70### Container

71~

72Container la mot phien ban dang chay cua mot image. Ban co the tao, khoi dong, dung va xoa container.

73~

74```bash

75# Run a container

76docker run -d --name my-app -p 3000:3000 node:20-alpine

77~

78# List running containers

79docker ps

80~

81# List all containers (including stopped)

82docker ps -a

83~

84# Stop a container

85docker stop my-app

86~

87# Remove a container

88docker rm my-app

89~

90# View logs

91docker logs my-app

92~

93# Execute a command inside a running container

94docker exec -it my-app sh

95```

96~

97## Viet Dockerfile

98~

99Dockerfile la mot tap tin van ban voi cac huong dan de xay dung image. Moi huong dan tao mot layer.

100~

101### Dockerfile Co ban cho Ung dung Node.js

102~

103```dockerfile

104# Use an official Node.js runtime as base image

105FROM node:20-alpine

106~

107# Set working directory

108WORKDIR /app

109~

110# Copy package files first (better caching)

111COPY package.json package-lock.json ./

112~

113# Install dependencies

114RUN npm ci --only=production

115~

116# Copy application code

117COPY . .

118~

119# Expose the port the app runs on

120EXPOSE 3000

121~

122# Command to run the application

123CMD ["node", "server.js"]

124```

125~

126### Build va Chay

127~

128```bash

129# Build the image

130docker build -t my-node-app .

131~

132# Run the container

133docker run -d -p 3000:3000 my-node-app

134~

135# Visit http://localhost:3000

136```

137~

138## Multi-Stage Build

139~

140Multi-stage build giu cho image production cua ban nho bang cach tach moi truong build khoi runtime.

141~

142```dockerfile

143# Stage 1: Build

144FROM node:20-alpine AS builder

145WORKDIR /app

146COPY package.json package-lock.json ./

147RUN npm ci

148COPY . .

149RUN npm run build

150~

151# Stage 2: Production

152FROM node:20-alpine AS runner

153WORKDIR /app

154COPY --from=builder /app/dist ./dist

155COPY --from=builder /app/node_modules ./node_modules

156COPY --from=builder /app/package.json ./

157EXPOSE 3000

158CMD ["node", "dist/server.js"]

159```

160~

161Dieu nay tao ra mot image chi chua dau ra da bien dich va cac phu thuoc production - khong co ma nguon, khong co phu thuoc phat trien, khong co cong cu build.

162~

163### Vi du Multi-Stage cho Next.js

164~

165```dockerfile

166FROM node:20-alpine AS deps

167WORKDIR /app

168COPY package.json package-lock.json ./

169RUN npm ci

170~

171FROM node:20-alpine AS builder

172WORKDIR /app

173COPY --from=deps /app/node_modules ./node_modules

174COPY . .

175RUN npm run build

176~

177FROM node:20-alpine AS runner

178WORKDIR /app

179ENV NODE_ENV=production

180COPY --from=builder /app/public ./public

181COPY --from=builder /app/.next/standalone ./

182COPY --from=builder /app/.next/static ./.next/static

183EXPOSE 3000

184CMD ["node", "server.js"]

185```

186~

187## Volume: Du lieu Ben vung

188~

189Mac dinh, du lieu ben trong container se mat khi container bi xoa. Volume giai quyet van de nay.

190~

191```bash

192# Create a named volume

193docker volume create my-data

194~

195# Run with a volume

196docker run -d -v my-data:/app/data my-app

197~

198# Bind mount (map host directory to container)

199docker run -d -v $(pwd)/data:/app/data my-app

200~

201# List volumes

202docker volume ls

203```

204~

205## Mang

206~

207Docker tao cac mang co lap de cac container giao tiep voi nhau.

208~

209```bash

210# Create a custom network

211docker network create my-network

212~

213# Run containers on the same network

214docker run -d --name api --network my-network my-api

215docker run -d --name db --network my-network postgres:16

216~

217# Containers can reach each other by name

218# From "api" container: postgres://db:5432

219```

220~

221```mermaid

222graph LR

223 subgraph "my-network"

224 API[api container\nport 3000] -- "db:5432" --> DB[db container\nport 5432]

225 end

226 User -- "localhost:3000" --> API

227```

228~

229## Docker Compose

230~

231Docker Compose cho phep ban dinh nghia va chay cac ung dung nhieu container voi mot tap tin YAML duy nhat.

232~

233### docker-compose.yml

234~

235```yaml

236services:

237 api:

238 build: ./api

239 ports:

240 - "3000:3000"

241 environment:

242 - DATABASE_URL=postgres://user:pass@db:5432/mydb

243 depends_on:

244 - db

245~

246 db:

247 image: postgres:16-alpine

248 environment:

249 - POSTGRES_USER=user

250 - POSTGRES_PASSWORD=pass

251 - POSTGRES_DB=mydb

252 volumes:

253 - pgdata:/var/lib/postgresql/data

254 ports:

255 - "5432:5432"

256~

257 redis:

258 image: redis:7-alpine

259 ports:

260 - "6379:6379"

261~

262volumes:

263 pgdata:

264```

265~

266### Cac Lenh

267~

268```bash

269# Start all services

270docker compose up -d

271~

272# View logs

273docker compose logs -f

274~

275# Stop all services

276docker compose down

277~

278# Rebuild and restart

279docker compose up -d --build

280~

281# Scale a service

282docker compose up -d --scale api=3

283```

284~

285## .dockerignore

286~

287Giong nhu `.gitignore`, tap tin nay ngan cac tap tin khong can thiet bi sao chep vao image.

288~

289```plaintext

290node_modules

291.git

292.env

293*.md

294.next

295dist

296coverage

297```

298~

299## Cac Phuong phap Tot nhat cho Production

300~

301### 1. Su dung Image Co so Nho

302~

303```dockerfile

304# Bad: 1GB+

305FROM node:20

306~

307# Good: ~180MB

308FROM node:20-alpine

309```

310~

311### 2. Khong Chay voi Quyen Root

312~

313```dockerfile

314FROM node:20-alpine

315RUN addgroup -S app && adduser -S app -G app

316USER app

317WORKDIR /home/app

318COPY --chown=app:app . .

319```

320~

321### 3. Su dung Tag Image Cu the

322~

323```dockerfile

324# Bad: can change unexpectedly

325FROM node:latest

326~

327# Good: pinned version

328FROM node:20.11-alpine3.19

329```

330~

331### 4. Tan dung Build Cache

332~

333Sap xep cac huong dan Dockerfile tu it thay doi nhat den thay doi nhieu nhat:

334~

335```dockerfile

336FROM node:20-alpine

337WORKDIR /app

338~

339# These change rarely - cached

340COPY package.json package-lock.json ./

341RUN npm ci --only=production

342~

343# This changes often - not cached

344COPY . .

345```

346~

347### 5. Health Check

348~

349```dockerfile

350HEALTHCHECK --interval=30s --timeout=3s --retries=3 \

351 CMD wget -qO- http://localhost:3000/health || exit 1

352```

353~

354### 6. Su dung Bien Moi truong

355~

356```dockerfile

357ENV NODE_ENV=production

358ENV PORT=3000

359```

360~

361## Bang Tham chieu Nhanh cac Lenh Docker Thuong dung

362~

363```bash

364# Images

365docker build -t name:tag . # Build image

366docker images # List images

367docker rmi image_name # Remove image

368docker image prune # Remove unused images

369~

370# Containers

371docker run -d -p 3000:3000 image # Run detached

372docker ps # List running

373docker stop container_name # Stop

374docker rm container_name # Remove

375docker logs -f container_name # Follow logs

376docker exec -it container sh # Shell into container

377~

378# Compose

379docker compose up -d # Start services

380docker compose down # Stop services

381docker compose logs -f # Follow all logs

382docker compose ps # List services

383~

384# Cleanup

385docker system prune -a # Remove everything unused

386```

387~

388## Tu Docker den Kubernetes

389~

390Docker quan ly cac container rieng le. Khi ban can dieu phoi hang tram container tren nhieu may chu, ban can Kubernetes. Docker va Kubernetes bo sung cho nhau:

391~

3921. **Docker**: xay dung va chay container

3932. **Kubernetes**: dieu phoi container o quy mo lon (lap lich, mo rong, tu phuc hoi)

394~

395Neu ban quan tam den buoc tiep theo, hay xem bai viet cua toi ve Gioi thieu Kubernetes.

396~

397## Ket luan

398~

399Docker la mot ky nang co ban cho cac nha phat trien hien dai. No loai bo su khong nhat quan ve moi truong, don gian hoa viec deploy va la nen tang cho viec dieu phoi container voi Kubernetes. Bat dau voi mot Dockerfile don gian, chuyen sang Docker Compose cho cac ung dung nhieu dich vu, va ap dung multi-stage build cung cac phuong phap bao mat tot nhat khi ban phat trien.

400~

401Cach tot nhat de hoc Docker la container hoa mot du an ma ban dang lam viec. Hay bat dau ngay hom nay.

402~