Docker, A light weight containerization tool which provide complete isolation to your applications. Whenever i have to make someone understand the meaning of Docker, I always come up with a simplest and very basic explanation which is;
Suppose you are eating an Indian food buffet in which you have different veggies to choose. So you pick up a plate and start serving yourself some of those curries, vegetables, salad and you pile all of it onto a single plate. After some time what do you see:
- Veggies mixing up with each other
- It creates a mess
- Some of them using more area and some less
- Due to mix all taste the same
So what is the solution? Take different plates for each vegetable?
- Not all the plates will be used to their fullest
- Plates will be heavy to carry
Basically not a feasible solution! But what if I say that you can have different size of small bowls which can fit on your plate and you can serve those vegetable inside them:
- No vegetable will get mix
- No mess and proper isolation
- Different size of bowls according to the quantity
- More feasible
Now exactly through this example, think about, Servers as a plate, Docker containers as bowls and Vegetables as your Applications.
Advantages of running your application on Docker:
- Containers have isolated environments like a Linux namespace.
- It has Isolated network ports.
- Isolated processes
- Very Light weight
- Fast and Easy to configure
- Cost saving
- Supported by Multiple cloud
- Very effective in Micro services architecture
- Security for the application
and much more!
Docker containers only shares the kernel of server. But how does it work? How does a container gets created? How to run an application on a docker container? I am not going to tell you about how to download it but how to use it!!
It all starts with an "Dockerfile".
Dockerfile
A Dockerfile is a file in which you configure the state of your container; the packages and software you need to have inside the container; the ports you want to work on; any data which you want to copy from server to container; any data you want to add from any URL to container; etc and so much more.
Docker file is usually named as Dockerfile only but you can create one with different name as well but in that case you need to define that name by using -f flag while building the Docker Image using that Docker file.
A Dockerfile is nothing but set of command which setup your environment of the container . Some of the commands are , FROM, COPY, ADD, RUN, VOLUME, ENV, ENTRYPOINT, CMD etc.
Learn more about Docker command here: Docker Commands
Learn more about Docker command here: Docker Commands
A Dockerfile consists of different layers. Each command used in Dockerfile is a layer and layer uses its own space that's why it is recommended to create a Dockerfile with minimum numbers of layers. On each layer an Intermediate container gets created(Not a stable container) because everything gets worked on the Dockerfile level and when it gets build it runs all the commands on intermediate containers and create an Docker Image finally.
Finally, By building the Dockerfile one gets a docker image.
Finally, By building the Dockerfile one gets a docker image.
Docker Image
A running Docker Image is nothing but a container. As I mentioned before, when we build the Dockerfile to create a docker image; it gets created in Intermediate layers and One more aspect of Layering of the docker file is the Increase re-usability, decrease disk-space and speed up docker build by allowing each layer to cached and once the layers which are being downloaded gets cached until any new layer is not added in between them.
There are mostly 2 types of Docker Images i.e. Official Docker Images and Custom Docker Images. Official Docker Images can be find over the Docker Hub.It's usually preferred that you use only official Docker Images in production environment as a Base Image of your Custom Docker Images such as Ubuntu, CentOS, Java, Tomcat etc.
One can setup a Private DTR (Docker Trusted Registry) to store their docker images for any project and use them by pulling inside the servers to create docker containers and run application on them.
See more about DTR here : DTR
If you will go to Docker Hub and search for any Official Docker Image and click on it then on the next page you will be able to find the version of that particular Docker Image. There you will find that these docker images have different version mostly the choices are Jessie, Wheezy, Slim and Alpine. Each version tag has its own variation, most of the people uses Slim but you can choose any version and it totally depends upon your exact requirement like Alpine versions are used as a base image to create very light weight images and they provide more or less 33% light weight images than the Slim version.
One can setup a Private DTR (Docker Trusted Registry) to store their docker images for any project and use them by pulling inside the servers to create docker containers and run application on them.
See more about DTR here : DTR
If you will go to Docker Hub and search for any Official Docker Image and click on it then on the next page you will be able to find the version of that particular Docker Image. There you will find that these docker images have different version mostly the choices are Jessie, Wheezy, Slim and Alpine. Each version tag has its own variation, most of the people uses Slim but you can choose any version and it totally depends upon your exact requirement like Alpine versions are used as a base image to create very light weight images and they provide more or less 33% light weight images than the Slim version.
Finally by running these Docker Images we get our Containers Isolated for the Docker Host server.
Docker Containers
Images become container when they run Docker Engine. Docker containers that run on Docker engine are:- Portable: Once created then they can be easily portable anywhere either using the Docker Images or By packaging those container into a .zip file.
- Light Weight: Docker containers shares only the machine OS kernel and do not require an Operating System per application.
- Flexible: Docker containers are flexible because they can use the Host resources flexibly while Virtual Machine uses only fixed defined resources of the Host.
- Secure: Applications are safer in container because of its Isolated nature. Docker uses kernel namespaces to provide isolation to the containers.
Docker uses different namespace like PID namespace for process isolation, NET namespace for network isolation, IPC namespace for IPC isolation, MNT namespace for mounting isolation and UTS namespace for isolating kernel and version identifiers.
Container services are provided by 5 alternatives than Docker:
- CoreOS rkt (Rocket Containers)
- Mesos Containerizer
- LXC Linux containers
- OpenVZ
- Containerd
Basically, One can run their own application inside the docker containers as a running service. Multiple containers can talk to each other when they are in a common network or linked to each other.
Docker Networks provide the network to docker containers. Docker networking system is plug-gable by using drivers like bridge, host, overlay, macvlan, none or any third party plugin.
Docker Volumes provides the storage by using storage drivers to Docker containers. Some of them are overlay2, aufs, device-mapper, btrfs, zfs and vfs.
Summary
A docker container is a container which provides you applications and services to run in a secure, flexible and portable environment by minimal usage of Host resources. Using Base images we create Custom images by writing Docker files and After building them we get Docker Images. Running a docker images gives us a running container.Use of Docker container is very helpful in running a micro-services architecture by running each services in a single container which helps to isolate them with each other and do not allow to effect from one service to another. It helps for proper usage of system resources.
Author: Lovedeep Sharma
Very Useful.. Thanks!!
ReplyDeleteSingle blog covering many aspects of docker.
ReplyDelete