What Is Docker?

What is Docker?

The phrase ‘Write once, run anywhere’ was created by SUN Microsystems to illustrate the universality of Java. This is a great example, apart from the fact that, if you have a java application, it needs to have platform-specific builds of the Java Virtual Machine in order to run it on any device. At the opposite end of the range of places to run software, Virtual Machines exist. This strategy is adaptable, yet it requires large image sizes, significant IO usage and upkeep expenses. Could there exist a form of technology that is lightweight and can be utilized without regards to the coding language used or the physical environment where it is being operated?

This is where Docker comes in! Docker is a software that enables you to group together and store your programming and its accompanying parts into a tidy, contained unit – an image. This photo can then be used to create a version of your program – a container. The main distinction between containers and Virtual Machines is that containers do not include a hardware virtualization layer.

This approach takes care of several issues:

• No platform specific, IDE, or programming language restrictions.
• Small image sizes, making it easier to ship and store.
• No compatibility issues relating to the dependencies/versions/setup.
• Quick and easy application instance deployment.
• Applications and their resources are isolated, leading to better modularity and security.

Docker Architecture

For an application to be independent, the Docker approach increases the abstraction from the hardware to the Operating System level.

In order to gain a more thorough comprehension of Docker, let us analyze its architecture. It uses a client-server model and comprises of the following components:

• Docker daemon: The daemon is responsible for all container related actions and receives commands via the CLI or the REST API.
• Docker Client: A Docker client is how users interact with Docker. The Docker client can reside on the same host as the daemon or a remote host.
• Docker Objects: Objects are used to assemble an application. Apart from networks, volumes, services, and other objects the two main requisite objects are:
• Images: The read-only template used to build containers. Images are used to store and ship applications.
• Containers: Containers are encapsulated environments in which applications are run. A container is defined by the image and configuration options. At a lower level, you have containerd, which is a core container runtime that initiates, and supervises container performance.
• Docker Registries: Registries are locations from where we store and download (or “pull”) images.

Basic Docker Operations

• Docker Image Repositories — A Docker Image repository is a place where Docker Images are actually stored, compared to the image registry which is a collection of pointers to this images. This page gathers resources about public repositories like the Docker hub and private repositories and how to set up and manage Docker repositories.
• Working With Dockerfiles — The Dockerfile is essentially the build instructions to build the Docker image. The advantage of a Dockerfile over just storing the binary image is that the automatic builds will ensure you have the latest version available. This page gathers resources about working with Dockerfiles including best practices, Dockerfile commands, how to create Docker images with a Dockerfile and more.
• Running Docker Containers — All docker containers run one main process. After that process is complete the container stops running. This page gathers resources about how to run docker containers on different operating systems, including useful docker commands.
• Working With Docker Hub — Docker Hub is a cloud-based repository in which Docker users and partners create, test, store and distribute container images. Through Docker Hub, a user can access public, open source image repositories, as well as use a space to create their own private repositories, automated build functions, and work groups. This page gathers resources about Docker Hub and how to push and pull container images to and from Docker Hub.
• Docker Container Management — The true power of Docker container technology lies in its ability to perform complex tasks with minimal resources. If not managed properly they will bloat, bogging down the environment and reducing the capabilities they were designed to deliver. This page gathers resources about how to effectively manage Docker, how to pick the right management tool including a list of recomended tools.
• Storing Data Within Containers — It is possible to store data within the writable layer of a container. Docker offers three different ways to mount data into a container from the Docker host: volumes, bind mounts, or tmpfs volumes. This page gathers resources about various to store data with containers, the downsides like the persistent storage and information on how to manage data in Docker.
• Docker Compliance — While Docker Containers have fundamentally accelerated application development, organizations using them still must adhere to the same set of external regulations, including NIST, PCI and HIPAA.  They also must meet their internal policies for best practices and configurations. This page gathers resources about Docker compliance, policies, and its challenges.

Docker Images

What is a Docker Image?

A Docker image acts as a blueprint for creating new containers. It provides a baseline for the container that will be spawned. It’s a depiction of a file system and associated software programs for a particular operating system. A Dockerfile can be utilized to build a new image by executing the commands that are contained in it. While it is doable, it is not advisable to generate an image from a live container. For example, this Dockerfile would take a base Ubuntu 16.06 image and install mongoDB, resulting in a new image:

FROM ubuntu:16.04
RUN apt-get install -y mongodb-10gen

From a physical standpoint, an image is made up of a collection of non-modifiable layers. Image layers function as follows:

• Each image layer is the outcome of one command in the image’s Dockerfile—an image is then a compressed (tar) file containing the series of layers.
• Each additional image layer only includes the set of differences from the previous layer (try running docker history for a given image to list all its layers and what created them).

To gain more knowledge, you can consult the Docker Documentation, which covers topics on images, containers, and storage drivers.

Running Images as Containers

An image and a container are two distinct entities—a container is a live execution of an image. One image can be employed to initiate multiple containers. Pictures cannot be changed, while containers can be edited. Any modifications made to a container will vanish when the container is gotten rid of, unless those changes are preserved in a new image.

Follow these steps to run an image as container:

• First, note that you can run containers specifying either the image name or image ID (reference).
• Run the docker images command to view the images you have pulled locally or, alternatively, e x plore the Docker Hub repositories for the image you want to run the container from.

Once you’ve identified the title or ID of the image, you can begin a docker container by inputting the docker run command. For example, to download the Ubuntu 16.04 image (if not available locally yet), start a container and run a bash shell:

docker run -it ubuntu:16.04 /bin/bash

What Makes Docker So Great?

Docker makes it easy to transition an application from a developer’s laptop to the testing stage and then on to production. Examining a concrete example of how to bundle an application into a Docker image will help you gain greater understanding of the process.

Are you aware that it takes less than a second to launch a docker container?

It is unbelievably swift, and can work on any computer that has a compatible Linux Kernel. (Supports Windows as well)

It is not possible to operate a Windows container on a Linux host as the Linux Kernel does not provide support for Windows. You can read about Windows containers from here

Docker takes advantage of a Copy-on-write union file system for the purpose of saving its images. Thus, if alterations are made to a holder, only those adjustments will be recorded to the disk using the copy-write system.

By utilizing Copy on Write, your containers will have optimized shared storage layers for greater efficiency.

Docker Adoption Statistics

Here is the google trends data on Docker. It has grown rapidly over the past five years.

Docker Core Architecture

In the upcoming sections, Docker architecture and its related elements will be explored. We will also explore how every part contributes to the success of Docker.

The structure of Docker has gone through certain alterations since its introduction. When I initially released this article in written form, it was composed with the understanding that Docker was constructed on the basis of LXC.

Notable architectural modifications that occurred in relation to Docker can be seen here.

1. Docker moved from LXC to libcontainer in 2014
2. runc – a CLI for spinning up containers that follow all OCI specifications.
3. containerd – Docker separated its container management component to containerd in 2016

The Open Container Initiative is a set of standards that are available to the public and govern the runtime of containers.

When Docker was first brought out, it had a single-component construction. It is now broken down into three sections.

1. Docker Engine (dockerd)
2. docker-containerd (containerd)
3. docker-runc (runc)

Docker and other major corporations offered their assistance in establishing a standard container runtime and management layers. Therefore, Containerd and Runc are now members of the Cloud Native Foundation, with involvement from all the organizations.

Docker Engine

The Docker engine consists of the Docker daemon, a programming interface, and the Docker command line interface. Docker daemon (dockerd) runs continuously as dockerd systemd service. It is responsible for building the docker images.

Dockerd uses the docker-containerd APIs for the purpose of managing images and running containers.

docker-containerd (containerd)

Containerd is a different system daemon service that is tasked with downloading Docker images and executing them as containers. Its API is opened to receive commands from the dockerd service.

docker-runc

The engine that creates the divisions of namespaces and cgroups necessary for a container is Runc. The runc runtime then carries out the container commands within those namespaces, according to the OCI specification.

Have a look at this brilliant 3-part blog entry arrangement to become more familiar with container runtime environments.

How Does Docker Work?

We have seen the core building blocks of Docker.

Let’s get a better comprehension of the Docker process by examining the elements of Docker.

Docker Components

Docker ecosystem is composed of the following four components

1. Docker Daemon (dockerd)
2. Docker Client
3. Docker Images
4. Docker Registries
5. Docker Containers

What is a Docker Daemon?

Docker has a client-server architecture. The Docker Daemon (dockerd) acts as a server and is in charge of all activities concerning containers.

The daemon is responsible for taking instructions from the Docker client, either via the Command Line Interface (CLI) or the Representational State Transfer application programming interface (REST API). The Docker client can exist on the same host as the Docker daemon, or it can be located on another host.

By default, the docker daemon will respond to requests sent to the docker.sock UNIX socket. In order to access the docker API from outside the local host, you must enable it to be reached through a host port. An example of how Docker can be used is to have it operate as a Jenkins agent.

If you desire to utilize Docker within Docker, you can take advantage of the docker.sock from the host computer.

What is a Docker Image?

Images are the basic building blocks of Docker. It has all the necessary programs, components, and instruments to execute a program.

Pre-made pictures containing application requirements can be used to generate containers. For instance, if you want to utilize an Nginx web server as a Ubuntu container, you need to build a Docker image including the Nginx executable and all the operating system libraries necessary for the Nginx to work.

What is a Dockerfile?

The notion of Dockerfile, employed to build a picture, exists within Docker. A Dockerfile is a type of text document that has a single command written on each line.

Here is an example of a Dockerfile.

A docker image is organized in a layered fashion. For every command given in a Dockerfile, a layer is added to the image. The highest layer of the image that can be written on is a container.

Every image is created from a base image.

An illustration of this would be taking a base image of Ubuntu and creating a separate image that has the Nginx application installed. A base picture can be traced back to a primary source or created from an original image. Have a look at his docker article to acquire further information.

You may inquire about the origin of the initial image (the Parent image)? Docker utilities can be used to build the original base image. It integrates the necessary OS libraries into a basic image. It’s not necessary for you to accomplish this task, since you can just get the approved foundation images for Linux distributions.

The uppermost level of an image can be manipulated and utilized by the operating container. Other layers in the image are read-only.

This diagram provides an overview of the conventional Docker process at an administrative level.

Related posts:

IT and Cloud Infrastructure – What Is It? What Are the Advantages and Disadvantages of Web Applications? Cloud Computing – What Is It? How to Create a Mobile Application for iOS