Publish your container image to Container Registry
Introduction to Docker
Docker is an open platform for developing, shipping, and running applications. With Docker, you can separate your applications from your infrastructure and treat your infrastructure like a managed application. Docker helps you ship code faster, test faster, deploy faster, and shorten the cycle between writing code and running code.
Docker does this by combining kernel containerization features with workflows and tooling that helps you manage and deploy your applications.
Docker containers can be directly used in Kubernetes, which allows them to be run in the Kubernetes Engine with ease. After learning the essentials of Docker, you will have the skillset to start developing Kubernetes and containerized applications.
What you'll learn
In this lab, you will learn how to do the following:
- How to build, run, and debug Docker containers.
- How to pull Docker images from Docker Hub and Google Container Registry.
- How to push Docker images to Google Container Registry.
This is an introductory level lab. Little to no prior experience with Docker and containers is assumed. Familiarity with Cloud Shell and the command line is suggested, but not required. If you are looking for more advanced material in this service area, be sure to check out the following labs:
- App Dev: Deploying the Application into Kubernetes Engine - Python
- Hello Node Kubernetes
- Managing Deployments Using Kubernetes Engine
Once you're ready, scroll down to get your lab environment set up.
Setup and requirements
Before you click the Start Lab button
Read these instructions. Labs are timed and you cannot pause them. The timer, which starts when you click Start Lab, shows how long Google Cloud resources will be made available to you.
This hands-on lab lets you do the lab activities yourself in a real cloud environment, not in a simulation or demo environment. It does so by giving you new, temporary credentials that you use to sign in and access Google Cloud for the duration of the lab.
To complete this lab, you need:
- Access to a standard internet browser (Chrome browser recommended).
- Time to complete the lab---remember, once you start, you cannot pause a lab.
How to start your lab and sign in to the Google Cloud Console
Click the Start Lab button. If you need to pay for the lab, a pop-up opens for you to select your payment method. On the left is the Lab Details panel with the following:
- The Open Google Console button
- Time remaining
- The temporary credentials that you must use for this lab
- Other information, if needed, to step through this lab
Click Open Google Console. The lab spins up resources, and then opens another tab that shows the Sign in page.
Tip: Arrange the tabs in separate windows, side-by-side.
Note: If you see the Choose an account dialog, click Use Another Account.
If necessary, copy the Username from the Lab Details panel and paste it into the Sign in dialog. Click Next.
Copy the Password from the Lab Details panel and paste it into the Welcome dialog. Click Next.
Important: You must use the credentials from the left panel. Do not use your Google Cloud Skills Boost credentials. Note: Using your own Google Cloud account for this lab may incur extra charges.
Click through the subsequent pages:
- Accept the terms and conditions.
- Do not add recovery options or two-factor authentication (because this is a temporary account).
- Do not sign up for free trials.
After a few moments, the Cloud Console opens in this tab.
Activate Cloud Shell
Cloud Shell is a virtual machine that is loaded with development tools. It offers a persistent 5GB home directory and runs on the Google Cloud. Cloud Shell provides command-line access to your Google Cloud resources.
- Click Activate Cloud Shell at the top of the Google Cloud console.
When you are connected, you are already authenticated, and the project is set to your PROJECT_ID. The output contains a line that declares the PROJECT_ID for this session:
gcloud is the command-line tool for Google Cloud. It comes pre-installed on Cloud Shell and supports tab-completion.
(Optional) You can list the active account name with this command:
Your output should now look like this:
(Optional) You can list the project ID with this command:
gcloud, in Google Cloud, refer to the gcloud CLI overview guide.
Task 1. Hello world
Open up Cloud Shell and enter the following command to run a hello world container to get started:
This simple container returns
Hello from Docker! to your screen. While the command is simple, notice in the output the number of steps it performed. The docker daemon searched for the hello-world image, didn't find the image locally, pulled the image from a public registry called Docker Hub, created a container from that image, and ran the container for you.
Run the following command to take a look at the container image it pulled from Docker Hub:
This is the image pulled from the Docker Hub public registry. The Image ID is in SHA256 hash format—this field specifies the Docker image that's been provisioned. When the docker daemon can't find an image locally, it will by default search the public registry for the image.
Run the container again:
Notice the second time you run this, the docker daemon finds the image in your local registry and runs the container from that image. It doesn't have to pull the image from Docker Hub.
Finally, look at the running containers by running the following command:
There are no running containers. You already exited the hello-world containers you previously ran.
In order to see all containers, including ones that have finished executing, run
docker ps -a:
This shows you the
Container ID, a UUID generated by Docker to identify the container, and more metadata about the run. The container
Names are also randomly generated but can be specified with
docker run --name [container-name] hello-world.
Task 2. Build
Next, build a Docker image that's based on a simple node application.
Execute the following command to create and switch into a folder named
This file instructs the Docker daemon on how to build your image.
- The initial line specifies the base parent image, which in this case is the official Docker image for node version long term support (lts).
- In the second, you set the working (current) directory of the container.
- In the third, you add the current directory's contents (indicated by the
".") into the container.
- Then expose the container's port so it can accept connections on that port and finally run the node command to start the application.
Now you'll write the node application, and after that you'll build the image.
Run the following to create the node application:
This is a simple HTTP server that listens on port 80 and returns "Hello World".
Now build the image.
Note again the
".", which means current directory so you need to run this command from within the directory that has the Dockerfile:
It might take a couple of minutes for this command to finish executing. When it does, your output should resemble the following:
-t is to name and tag an image with the
name:tag syntax. The name of the image is
node-app and the
0.1. The tag is highly recommended when building Docker images. If you don't specify a tag, the tag will default to
latest and it becomes more difficult to distinguish newer images from older ones. Also notice how each line in the
Dockerfile above results in intermediate container layers as the image is built.
Now, run the following command to look at the images you built:
Your output should resemble the following:
node is the base image and
node-app is the image you built. You can't remove
node without removing
node-app first. The size of the image is relatively small compared to VMs. Other versions of the node image such as
node:alpine can give you even smaller images for easier portability. The topic of slimming down container sizes is further explored in Advanced Topics. You can view all versions in the official repository in node.
Task 3. Run
In this module, use this code to run containers based on the image you built:
--name flag allows you to name the container if you like. The
-p instructs Docker to map the host's port 4000 to the container's port 80. Now you can reach the server at
http://localhost:4000. Without port mapping, you would not be able to reach the container at localhost.
Open another terminal (in Cloud Shell, click the
+icon), and test the server:
The container will run as long as the initial terminal is running. If you want the container to run in the background (not tied to the terminal's session), you need to specify the
Close the initial terminal and then run the following command to stop and remove the container:
Now run the following command to start the container in the background:
- Notice the container is running in the output of
docker ps. You can look at the logs by executing
docker logs [container_id].
docker logs 17bif the container ID is
Now modify the application.
In your Cloud Shell, open the test directory you created earlier in the lab:
app.jswith a text editor of your choice (for example nano or vim) and replace "Hello World" with another string:
Build this new image and tag it with
Notice in Step 2 that you are using an existing cache layer. From Step 3 and on, the layers are modified because you made a change in
Run another container with the new image version. Notice how we map the host's port 8080 instead of 80. You can't use host port 4000 because it's already in use.
Test the containers:
And now test the first container you made:
Task 4. Debug
Now that you're familiar with building and running containers, go over some debugging practices.
You can look at the logs of a container using
docker logs [container_id]. If you want to follow the log's output as the container is running, use the
Sometimes you will want to start an interactive Bash session inside the running container.
You can use
docker execto do this. Open another terminal (in Cloud Shell, click the + icon) and enter the following command:
-it flags let you interact with a container by allocating a pseudo-tty and keeping stdin open. Notice bash ran in the
WORKDIR directory (/app) specified in the
Dockerfile. From here, you have an interactive shell session inside the container to debug.
Look at the directory
Exit the Bash session:
You can examine a container's metadata in Docker by using Docker inspect:
--formatto inspect specific fields from the returned JSON. For example:
Be sure to check out the following docker doc resources for more information on debugging:
Task 5. Publish
Now you're going to push your image to the Google Container Registry (gcr). After that you'll remove all containers and images to simulate a fresh environment, and then pull and run your containers. This will demonstrate the portability of Docker containers.
To push images to your private registry hosted by gcr, you need to tag the images with a registry name. The format is
[project-id]= your project's ID
[image]= your image name
[tag]= any string tag of your choice. If unspecified, it defaults to "latest".
You can find your project ID by running:
[project-id]with your configuration..
Push this image to gcr. Remember to replace
Command output (yours may differ):
Check that the image exists in gcr by visiting the image registry in your web browser.
- You can navigate via the console to Navigation menu > Container Registry and click node-app or visit:
http://gcr.io/[project-id]/node-app. You should land on a similar page:
Test this image. You could start a new VM, ssh into that VM, and install gcloud. For simplicity, just remove all containers and images to simulate a fresh environment.
Stop and remove all containers:
You have to remove the child images (of
node:lts) before you remove the node image.
At this point you should have a pseudo-fresh environment.
Pull the image and run it. Remember to replace the
Test completed task
Click Check my progress to verify your performed task. If you have successfully published a container image to the Container Registry, you'll see an assessment score.
Here the portability of containers is showcased. As long as Docker is installed on the host (either on-premise or VM), it can pull images from public or private registries and run containers based on that image. There are no application dependencies that have to be installed on the host except for Docker.
Congratulations on completing the Introduction to Docker. To recap, you:
Ran containers based on public images from Docker Hub.
Built your own container images and pushed them to Google Container Registry.
Learned ways to debug running containers.
Ran containers based on images pulled from Google Container Registry.
Finish your quest
This self-paced lab is part of the quest. A quest is a series of related labs that form a learning path. Completing this quest earns you a badge to recognize your achievement. You can make your badge or badges public and link to them in your online resume or social media account. Enroll in this quest or any quest that contains this lab and get immediate completion credit. See the Google Cloud Skills Boost catalog to see all available quests.
Looking for a hands-on challenge lab to demonstrate BigQuery your skills and validate your knowledge? On completing this quest, finish this additional challenge lab.
Take your next lab
Continue your Quest with Hello Node Kubernetes, or check out these suggestions:
Next steps / Learn more
- Dockerfile reference
- Docker Hub
- Learn more about Docker in the official documentation
- Container Registry documentation
Google Cloud training and certification
...helps you make the most of Google Cloud technologies. Our classes include technical skills and best practices to help you get up to speed quickly and continue your learning journey. We offer fundamental to advanced level training, with on-demand, live, and virtual options to suit your busy schedule. Certifications help you validate and prove your skill and expertise in Google Cloud technologies.
Manual Last Updated September 13, 2022
Lab Last Tested September 13, 2022
Copyright 2022 Google LLC All rights reserved. Google and the Google logo are trademarks of Google LLC. All other company and product names may be trademarks of the respective companies with which they are associated.