Hello World: Deconstructed

[!NOTE] Running docker run hello-world seems simple, but it triggers a complex sequence of events involving the Registry, Daemon, and Kernel.

1. The Command

$ docker run hello-world

Here is the output you typically see:

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pull complete
Digest: sha256:d37ada95d4d8...
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.
...

2. Step-by-Step Breakdown

1. The Check (Local Cache)

Docker first checks your local image cache (on disk).

  • Action: docker images | grep hello-world
  • Result: “Unable to find image ‘hello-world:latest’ locally”.

2. The Pull (Registry)

Since it’s missing, the daemon contacts Docker Hub (the default Registry).

  • Action: docker pull hello-world:latest
  • Detail: It downloads the image layers (manifests and blobs) and verifies the SHA256 checksum.

3. The Create (Container)

Docker creates a new container from the image.

  • Action: docker create hello-world
  • Status: Created. It has an ID but isn’t running yet. It has a read-write layer allocated.

4. The Start (Execution)

Docker starts the container.

  • Action: docker start <container_id>
  • Detail: It launches the process defined in the image’s CMD instruction (/hello).
  • Output: The process prints “Hello from Docker!” to Standard Output (STDOUT). Docker streams this to your terminal.

5. The Exit (Termination)

The process finishes its job and exits (code 0).

  • Crucial Concept: A container only runs as long as its main process is running.
  • Once /hello finishes printing, the process dies. Therefore, the container stops.

3. Interactive: Anatomy of a Container

Visualize what actually makes up a “Container”. It’s not a single file; it’s a composition of layers and metadata.

JSON Configuration (Metadata)
Container Layer (Read-Write)
Image Layer 1 (Read-Only)
Image Layer 0 (Base OS)
Hover over a layer to see details.

4. Why did it stop?

Beginners often ask: “I ran an Ubuntu container, but it exited immediately!”

docker run ubuntu
# (Exits immediately, no output)

Reason: The default command for the ubuntu image is /bin/bash.

  1. Docker started /bin/bash.
  2. Bash looked for input (stdin).
  3. Since you didn’t attach a terminal (-it), Bash saw “End of File” immediately.
  4. Bash exited.
  5. Container stopped.

Fix: Keep it alive with an interactive terminal.

docker run -it ubuntu
  • -i: Interactive (Keep STDIN open)
  • -t: TTY (Allocate a pseudo-terminal)

Now you are inside the shell!