Docker
Topics
- Virtualisation
- Containers
- Virtual machines vs Containers
- Docker
- Docker commands
- Docker image
Virtualisation
Virtual machine - virtualise hardware
Container - virtualise operating system
Virtual Machine (Virtualisation)
Container (Virtualisation)
Containers vs Virtual Machines
Comparison: VMs vs Containers
| VMs | Containers |
|---|---|
| Heavyweight (full OS) | Lightweight (shared os) |
| Run its own OS | Share the host OS |
| Hardware virtualisation | OS virtualisation |
| Long startup time | Short startup time |
| Committed required memory | Used as needed |
| Machine-level isolation (more secure) | Process-level isolation (possibly less secure) |
VMs : Advantage / Disanvantage
Advantages:
- matured VM management and security tools
- run multiple applications requiring different OSs on the same infrastructure
- emulate an entire computing environment, including all OS resources
- simplify the portability and migration between on-premises and cloud-based platforms
Disadvantages:
- VM images are usually large, so it takes longer to backup or migrate between platforms
- a physical server can support fewer VMs than containers
- VM startup time can take some time (minutes)
Containers : Advantage / Disanvantage
Advantages:
- more lightweight than VMs, images size in MBs rather than GBs
- require fewer IT resources to deploy/run/manage
- startup time is short (milliseconds)
- a physical server can run more containers as compared to VMs
Disadvantages:
- must run using the same OS as host
- may be less secure than VMs since the underlying OS is shared
Containers
Isolated area of an OS with resource usage limits applied
In Linux, use kernel building blocks:
namespaces- partitions kernel resources such that one set of processes sees one set of resources while another set of processes sees a different set of resources
control group(orcgroups)- limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes
Docker With Linux Containers
Docker
Containers are OS-level virtualisation, not specific to Linux.
There are other implementations of containers, for example
chroot- https://en.wikipedia.org/wiki/ChrootLXC- https://en.wikipedia.org/wiki/LXCFreeBSD jail- https://en.wikipedia.org/wiki/FreeBSD_jailSolaris Containers- https://en.wikipedia.org/wiki/Solaris_Containers- List of other implementations from wikipedia
Docker
- a set of platform as a service (PaaS) products that use OS-level virtualisation to deliver software in packages called containers.
Docker Architecture
Docker Runtimes
Docker Installation
Linux -
Dockerfor Linux- vm / native
- https://docs.docker.com/engine/install/
macOS -
Docker Desktopfor MacWindows -
Docker Desktopfor Windows- Windows (vm / native / WSL)
- https://docs.docker.com/desktop/windows/install/
Container Life Cycle
Docker Commands
- all commands start with
dockerthen followed by a subcommand - getting help
docker --help
- get basic docker information
docker versiondocker system info
- common management commands
imagecontainervolumenetwork
Docker Image
Docker Image when Run in Container
References
- Containers vs virtual machines
- Clound Native Computing Fundation (CNCF)
- containerd : an industry-standard container runtime
- gRPC : open source universal RPC framework
- Open Container Initiative (OCI) : open industry standards around container formats and runtimes