DOCKER-1 (BASICS)
Docker is a set of PAAS (Platform as a Service) which uses OS level
virtualization.
Docker images are non-interactive (change not permitted) and reusable
Containers are interactive (change permitted), and we can create image from containers.
Docker architecture:
DOCKER ENGINE: There are three major components,
1. Docker
daemon (Server)
The Docker daemon (dockerd)
listens for Docker API requests and manages Docker objects such as images,
containers, networks, and volumes. A daemon can also communicate with other
daemons to manage Docker services.
2. REST
API
It is the interface that the
Docker clients use to interact with the Docker daemon. The clients can talk to
the daemon through the API and can provide instructions to it.
3. DOCKER
Client/CLI
With the help of Docker Clients, users can interact with Docker. Docker client provides a command-line interface (CLI) that allows users to run, and stop application commands to a Docker daemon
Docker uses Client-Server architecture, The Docker client talks to the Docker daemon, The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface.
Docker Daemon
Docker Host
Docker Client
Docker Registry
Docker Objects
Docker Daemon
ð Listens
to Docker API requests and manages Docker objects such as images, containers,
networks and volumes.
Docker Host
ð Provides
a complete environment to execute and run applications. It comprises of the
Docker daemon, Images, Containers, Networks, and Storage.
Docker Client
ð Docker
Client is interface between us and Docker Daemon, Client provides CLI to access
daemon/engine by which we can create/delete/run/stop/manage containers. Client
uses commands and REST API to communicate with Docker Daemon.
Docker Registry
ð With
the help of Docker Clients, users can interact with Docker. Docker client
provides a command-line interface (CLI) that allows users to run, and stop
application commands to a Docker daemon.
Docker Objects
ð Images,
Containers, Volumes, Networks
Above info derived from below posts, Thanks to authors for excellent explanation.
https://docs.docker.com/get-started/overview/
https://www.upgrad.com/blog/docker-architecture/
https://morioh.com/p/47719a08c1e8
https://www.aquasec.com/cloud-native-academy/docker-container/docker-architecture/
Limitations of Docker:
1. Cross
platform compatibility issue: A container with application designed to run on
windows container will not support Linux container and vice versa.
2. Docker
is not recommended for heavy graphical application or GUI interface.
3. Development/Testing/Production
OS should be same for Docker Containers.
4. Persistent
data storage is complicated: By design, all of the data inside a container
disappears forever when the container shuts down, unless you save it somewhere
else first. There are ways to save data persistently in Docker, such as Docker
Data Volumes, but this is arguably a challenge that still has yet to be
addressed in a seamless way.
5. Management issue with large no of containers,
[root@centos-docker2 ~]# docker run ubuntu
[root@centos-docker2 ~]# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4fdd2745b16f ubuntu
"bash" 32 seconds
ago Exited (0) 30 seconds ago heuristic_ellis
8eeaf46c3b96 hello-world "/hello" 23 hours ago Exited (0) 23 hours ago fervent_meninsky
[root@centos-docker2 ~]# docker container ls
CONTAINER
ID IMAGE COMMAND
CREATED STATUS PORTS
NAMES
[root@centos-docker2 ~]# docker container run ubuntu
[root@centos-docker2 ~]#
[root@centos-docker2 ~]# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e07abc88549 ubuntu
"bash" 8 seconds
ago Exited (0) 5 seconds ago gallant_lamport
4fdd2745b16f ubuntu
"bash" 3 minutes
ago Exited (0) 3 minutes ago heuristic_ellis
8eeaf46c3b96 hello-world
"/hello" 23 hours
ago Exited (0) 23 hours ago fervent_meninsky
[root@centos-docker2 ~]# docker container ls
CONTAINER
ID IMAGE COMMAND
CREATED STATUS PORTS
NAMES
[root@centos-docker2 ~]# docker container ls -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e07abc88549 ubuntu
"bash" 27 seconds
ago Exited (0) 24 seconds ago gallant_lamport
4fdd2745b16f ubuntu
"bash" 3 minutes
ago Exited (0) 3 minutes ago heuristic_ellis
8eeaf46c3b96 hello-world "/hello" 23 hours ago Exited (0) 23 hours ago fervent_meninsky
What is the difference between both commands?
# docker run ubuntu & # docker container run ubuntu
Both are same,
Prior to docker 1.13 the docker run command was only available. The CLI commands were then refactored to have the form docker COMMAND SUBCOMMAND, wherein this case the COMMAND is container and the SUBCOMMAND is run
# docker --help
There are two parts “Management Commands:” & “Commands:”
Before diving deep, let’s have some basics.
As per DOCKER DOC,
Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications
Docker is basically a virtualization technology, which follow below chronology.
Dockerfile → (Build) → Image → (Run) → Container
Dockerfile is bunch of code prepare to perform some particular task or can say a blueprint prepared for some task.
Next we need to build Image from Dockerfile and then we have to run that image to get our final product which is Container.
So what is the difference between Image and Container?
A container is an instance of an image, or an executable snapshot of an image.
Image:
An image is an read only file that's essentially a snapshot of a container. Images are created with the build command, and they'll produce a container when started with run. Images are stored in a Docker registry such as registry.hub.docker.com. Because they can become quite large, images are designed to be composed of layers of other images, allowing a minimal amount of data to be sent when transferring images over the network.
A Docker Container is a Docker Image with one extra layer.
This extra layer is called "the container layer", and it is writable. In other words when we run a Docker Container, we can write new files to the container, modify and delete existing files, and this container remembers these changes.
They do not affect the Docker Image from which the container was created. And they do not affect other Docker Containers created from the same Image.
When we build an image and start running it; we are running in a container.
In simple terms, an image is a template, and a container is a copy of that template. You can have multiple containers (copies) of the same image.
A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state.
By default, a container is relatively well isolated from other containers and its host machine. You can control how isolated a container’s network, storage, or other underlying subsystems are from other containers or from the host machine.
A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that are not stored in persistent storage disappear.
We can create one VM and run several containers on top of that one OS, Container uses resource sharing with actual OS. Containers share kernel from OS and act as separate/isolated entity. A Docker container is a packaged collection of all the app's libraries and dependencies already prebuilt and ready to be executed.
Docker architecture
As per DOCKER DOC,
https://docs.docker.com/get-started/overview/
Docker uses client-server architecture. The Docker client talks to
the Docker daemon, which does the heavy lifting of building, running, and
distributing your Docker containers. The Docker client and daemon can run on
the same system, or you can connect a Docker client to a remote Docker daemon.
The Docker client and daemon communicate using a REST API, over UNIX sockets or
a network interface. Another Docker client is Docker Compose that lets you work
with applications consisting of a set of containers.
The Docker daemon:
The Docker daemon (dockerd) listens for Docker API requests and manages Docker objects such as images, containers, networks, and volumes. A daemon can also communicate with other daemons to manage Docker services. Docker daemon called: dockerd is the Docker engine which represents the server.
The Docker client:
The Docker client (docker) is the primary way that many Docker users interact with Docker. When you use commands such as docker run, the client sends these commands to dockerd, which carries them out. The docker command uses the Docker API. The Docker client can communicate with more than one daemon.
Docker registries:
A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker is configured to look for images on Docker Hub by default. You can even run your own private registry.
When you use the docker pull or docker run commands, the required images are pulled from your configured registry. When you use the docker push command, your image is pushed to your configured registry.
Docker objects:
When you use Docker, you are creating and using images, containers, networks, volumes, plugins, and other objects. This section is a brief overview of some of those objects.
Images:
An image is a read-only template with instructions for creating a Docker container. Often, an image is based on another image, with some additional customization. For example, you may build an image which is based on the ubuntu image, but installs the Apache web server and your application, as well as the configuration details needed to make your application run.
You might create your own images or you might only use those created by others and published in a registry. To build your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the image and run it. Each instruction in a Dockerfile creates a layer in the image. When you change the Dockerfile and rebuild the image, only those layers which have changed are rebuilt. This is part of what makes images so lightweight, small, and fast, when compared to other virtualization technologies.
Containers:
A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state.
By default, a container is relatively well isolated from other containers and its host machine. You can control how isolated a container’s network, storage, or other underlying subsystems are from other containers or from the host machine.
A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that are not stored in persistent storage disappear.
Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container.
These namespaces provide a layer of isolation. Each aspect of a container runs in a separate namespace and its access is limited to that namespace.
DOCKER REGISTRIES:
Which stores docker images, it may be public or private.
Public registry is Docker Hub whereas we can create our own private
registry at docker Hub or local system or at desired location.
Docker pull, pulls images either from public or private registry.
Docker push, pushes our image to private registry
Good Read and References,
https://phoenixnap.com/kb/docker-image-vs-container
https://docs.docker.com/get-started/overview/
Great as always.
ReplyDeleteRevolutionize your business with KVM Consulting's expert guidance. Elevate your strategies, optimize operations, and embrace innovation. Unleash growth potential today – partner with us for unparalleled solutions. Transform your vision into reality; let KVM Consulting drive your success. Seize the future with tailored consultancy that empowers your business to thrive in a dynamic landscape.
ReplyDelete