What is docker ?
Docker is a computer program that performs operating-system-level virtualisation, also known as "containerization"
Docker uses all the operating system resources (file system,process trees,user) and carve them in virtual OS called container.
In computing, a namespace is a set of symbols that are used to organize objects of various kinds, so that these objects may be referred to by name. A namespace ensures that all the identifiers within it have unique names so that they can be easily identified.
It limits the resources that can be used by the container. eg out of 4GB ram of host, container can only use 1% of it.
VM vs Container
- Docker is a popular tool to make it easier to build , deploy and run application using containers. Containers allow us to package all the things that our application need like such as libraries and other dependencies and ship it all as a single package . In this way our application can be run on any machine and have the same behaviour.
- Creating a modular application.
- Kernel ( Namespaces and Control Groups) [ Described Earlier]
- Docker Engine
dockerd - The Docker daemon itself. The highest level component in your list and also the only 'Docker' product listed. Provides all the nice UX features of Docker.
(docker-)containerd - Also a daemon, listening on a Unix socket, exposes gRPC endpoints. Handles all the low-level container management tasks, storage, image distribution, network attachment, etc...
(docker-)containerd-ctr - A lightweight CLI to directly communicate with containerd. Think of it as how 'docker' is to 'dockerd'.
(docker-)runc - A lightweight binary for actually running containers. Deals with the low-level interfacing with Linux capabilities like cgroups, namespaces, etc...
(docker-)containerd-shim - After runC actually runs the container, it exits (allowing us to not have any long-running processes responsible for our containers). The shim is the component which sits between containerd and runc to facilitate this.
Working with Images
- Images are the read only template from which a container is build.
- It contains:
A registry is a storage and content delivery system, holding named Docker images, available in different tagged versions.
Registry / Repo / Image (tag)
Docker.io / redis / latest
- docker image pull <image name>
- docker history <image name>
- docker image inspect <image name>.
- Gives you the manifest file.
- docker container run -d -name mynginx -p 8080:80 <image name>
- docker image rm <image name>
- deletes the image
Creating your own image
- Create Dockerfile in the root folder
FROM alpine RUN apk add -update nodejs nodejs-npm COPY ./src WORKDIR /src RUN npm install EXPOSE 8080 ENTRYPOINT ["node","./app.js"]
Running an image as a Container
First build the image
docker image build -t <tag-name>
docker build -t amit/nginx
docker image lsto see if it is built.
Running it as container.
docker container run -d --name mynginx -p 8080:80 amit/nginx