Overview
“Docker” comes from a British expression meaning dock worker — person who loads and unloads cargo from ships. When someone says "Docker", they can be referring to either of the following:
- Docker, Inc. the company
Docker the technology
Docker, INC.
Docker, Inc. is a San Francisco based technology company founded by developer and entrepreneur Solomon Hykes. The company started out as a platform as a service (PaaS) provider called dotCloud (build on Linux containers). To manage these containers, they built a tool eventually named Docker". This is how Docker was born.
Docker technology.
Docker isn’t a programming language or framework, It's just a tool that helps to resolve any such problems like software installation, packaging, maintenance, distribution, interdependency, mutability, etc. It achieves all of this using a container technology already built into your operating system kernel termed as containers. Applications running inside containers are directly connected or hang together with the host’s Linux kernel. As in the above diagram 1.1, the architecture can be roughly divided into four parts:
- Linux Operating System - Docker uses Linux kernel namespaces and cgroups such as,
- process ID (pid) namespaces or network (net) namespaces, allow Docker to encapsulate processes that run inside the container.
- Control Groups allow Docker to limit the resources such as CPU time or the amount of RAM, that each container is allocated.
- The runtime - Operates at the lowest level and is responsible for starting and stopping containers.
- runc - The low-level runtime is called runc. Its job is to interface with the underlying OS and start and stop containers.
- containerd - The higher-level runtime is called containerd. It manages the entire lifecycle of a container, including pulling images, creating an interface network, and managing lower-level runc instances.
- The daemon or engine - The Docker daemon (dockerd) sits above containerd and performs higher-level tasks such as; exposing the Docker remote API, managing images, managing volumes, managing networks, and more. A major job of the Docker daemon is to provide an easy-to-use standard interface that abstracts the lower levels.
The Orchestrator - Docker also has native support for managing clusters of nodes running Docker. These clusters are called swarms and the native technology is called Docker Swarm, can package and run applications as containers, find existing container images from others, and deploy a container on a laptop, server, or cloud (public cloud or private). However, most people are choosing to use Kubernetes instead of Docker Swarm. Orchestration tools for Docker include the following:
- Docker Machine — Provisions hosts and installs Docker Engine.
- Docker Swarm — Clusters multiple Docker hosts under a single host. It can also integrate with any tool that works with a single Docker host.
- Docker Compose — Deploys multi-container applications by creating the required containers.
There are many container orchestration tools available in the market like Kubernetes, OpenShift, Nomad, etc.
- Linux Operating System - Docker uses Linux kernel namespaces and cgroups such as,
What are Containers & Images?
Docker Containers - Imagine a physical shipping container. Just like the shipping containers that can easily be transported, isolated, collaborated with cranes, ships, trains, vehicles, etc, so can Docker run, copy and distribute containers with ease and then it can be moved or shipped around pretty easily across all the platforms. So in Layman's terms, the container is a lightweight box where you can store, run an application, and all of its dependencies which can then be shipped across all the platforms. The component that fills the shipping container role is called an image.
Containers are -
- Created from docker images
- Building block of application
- Isolated and secure application platform
- Run component of docker
Docker Images - A Docker image is a stack of all the files that should be available to a program running inside a container. An image contains a single file: a small executable Linux program.
Whenever you ship any Software with Docker, basically you pass these docker images, and the receiver system creates containers from them.
Images are -
- Used to create docker containers, provides a way to build new or update existing containers
- Build components of docker.
What running docker on your machine looks like?
As shown in figure 1.2 that running docker means running two programs in user space.
Userspace - All the code which is required to run user programs (applications, process) is called userspace. When you initiate a program action, for example, to create a file, the process in the userspace makes a system call to Kernel space.
- Docker CLI (Command Line Interface) - this is the Docker program that users interact with. For e.g. start, stop or install packages.
- Docker Daemon - It's a process that runs in the background and does the whole heavy lifting for creating containers, talking to OS Kernel. Basically, it's the heart of the Docker.
- It runs on a host machine
- Creates and Manages docker objects such as - Images, Containers, Network config, Volume, Data, etc
- Containers - As in Figure 1.2 there are three running containers, each is running as a child process of the docker engine, wrapped with a container. Programs running inside a container can access only their own memory and resources as scoped by the container.
Containers are build using the following features.
- PID namespace - Process identifiers and capabilities
- UTS namespace - Host and domain name
- MNT namespace - Filesystem access and structure
- IPC namespace - Process communication over shared memory
- NET namespace - Network access and structure
- USR namespace - User names and identifiers
- chroot syscall - Controls the location of the filesystem root
- cgroups - Resource protection
- CAP drop - Operating system feature restrictions
- Security modules - Mandatory access controls
Installation
No matter what OS you're using, they're all really easy to install. You can simply search "How to install docker on /Your OS/" or download here. If you are using Mac or Windows 10 professional, then I would recommend that you install Docker for Desktop. For now, we'll proceed with Linux.
Installing Docker on Ubuntu Linux 20.04 LTS.
- Update the apt package index.
deep@Latitude-5590:~/docker-guide$ sudo apt-get update Get:1 http://eu-west-1.ec2.archive.ubuntu.com/ubuntu focal InRelease [265 kB] ...
- Install Docker
deep@Latitude-5590:~/docker-guide$ sudo apt-get install docker.io Reading package lists... Done Building dependency tree ...
- Docker is now installed and you can check by running some commands.
deep@Latitude-5590:~/docker-guide$ sudo docker --version Docker version 19.03.8, build afacb8b7f0
deep@Latitude-5590:~/docker-guide$ sudo docker info Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0
Hello World
Assuming you have Docker installed, head to your command prompt and type the following "docker run hello-world". After you do so, it will start downloading various components and eventually print out "Hello from Docker!"
So what happens after running docker run hello-world ?
deep@Latitude-5590:~/docker-guide$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:1a523af650137b8accdaed439c17d684df61ee4d74feac151b5b337bd29e7eec
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
# Checking containers
deep@Latitude-5590:~/docker-guide$ docker info
Server:
Containers: 1
# Verifying Images
deep@Latitude-5590:~/docker-guide$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest bf756fb1ae65 11 months ago 13.3kB
Here, "hello-world" is the image (or repository) name. The image itself is a collection of files and metadata. Metadata includes the specific program to execute and other relevant configuration details.
The first time you run this command, Docker figures out whether the "hello-world" image has already been downloaded. If it’s unable to locate it on your computer, Docker makes a call to Docker Hub. Docker Hub is a public registry provided by Docker Inc. Docker Hub replies to Docker running on your computer to indicate where the image (hello-world) can be found, and Docker starts the download.
What happens when you run docker run hello-world again ? When you execute the same command second time, Docker will check again to see whether "hello_world" is installed. This time it will find the image on your machine and can build another container and execute it right away. When you use docker run the second time, it creates a second container from the same repository. This means that if you repeatedly use docker run and create a bunch of containers, you’ll need to get a list of the containers you’ve created and maybe at some point destroy them.
deep@Latitude-5590:~/docker-guide$ docker run hello-world
Hello from Docker!
# Checking containers
deep@Latitude-5590:~/docker-guide$ docker info
Server:
Containers: 2
# Verifying Images
deep@Latitude-5590:~/docker-guide$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest bf756fb1ae65 11 months ago 13.3kB
If you found this article helpful, do well to leave your feedback in the comment section and share this resource.
Thank you for reading and follow me for more.