What is ?

Docker is a software platform that allows you to build, test, and deploy applications quickly. Docker packages software into standardized units called containers that have everything the software needs to run including libraries, system tools, code, and runtime. Using Docker, you can quickly deploy and scale applications into any environment and know your code will run.

Running Docker on AWS provides developers and admins a highly reliable, low-cost way to build, ship, and run distributed applications at any scale.

How Docker works

Docker works by providing a standard way to run your code. Docker is an operating system for containers. Similar to how a virtual machine virtualizes (removes the need to directly manage) server hardware, containers virtualize the operating system of a server. Docker is installed on each server and provides simple commands you can use to build, start, or stop containers.

Why use Docker

Using Docker lets you ship code faster, standardize application operations, seamlessly move code, and save money by improving resource utilization. With Docker, you get a single object that can reliably run anywhere. Docker's simple and straightforward syntax gives you full control. Wide adoption means there's a robust ecosystem of tools and off-the-shelf applications that are ready to use with Docker.

Docker architecture

Docker client : Takes on the role of interacting with users and Docker. When you use a command docker run, the docker client sends those commands to dockerd and executes them, docker commands use the docker API and they can interact with one or more docker daemons.
Docker daemon : Will listen to requests API requestand docker client manage Docker objects such as images, containers, networks, volumes. They can communicate with other daemons to manage docker services
Registry : Used to store images, Docker hubis a Public Request where everyone can use and by default the configured docker will search and pull images from docker hub. docker runWhen you run the or command docker pull, the necessary images will be retrieved from docker hub and when you use the command, docker pushyou will also upload the image docker hub.
Docker Desktop : is an easy-to-install application for window and Mac environments, Docker desktop includes docker client, docker daemon, docker compose, Docker Content Trust, Kubernetesand Credential Helperto know more you can take a look at docker desktop .

Docker objects

Image

image is an read-only templateexample of your application will be packaged into an image, this image will contain the environment, libraries, technology..., usually this image will be based on another image (for example, laravel's application If you package it into a laravel image, you will need a php image).

You can create your own image or use someone else's image and you can post it to the Registry. To create an image you need to create it dockerfile with simple syntax to determine the steps needed to create and use.

Dockerfilewill run each command divided into each layout. If you change or modify a command in the dockerfile, they will only change that layout and keep the remaining layouts intact, that is one of the reasons why. image copy is fast and compact when compared to other virtualization technologies.

Container

A container is an instance of an image, simply put, a docker container is generated from a docker image when running a command and the things we use or manipulate are through this guy.

You can create, delete, stop, move containers using docker API or CLI, can connect to multiple networks..., Containers will operate independently of other containers, you can control the isolation level of containers through the network, or subsystems, other containers, or servers

Network

Provides a private network that exists only between the container and the host

Volume

Volume in Docker is used to share data for containers. The following is an illustration of the relationships between the above components:

Orchestration tools

Docker Machine : Machine creates Docker Engine on your laptop or on any popular cloud service like AWS, Azure, Google Cloud, Softlayer or on data center systems like VMware, OpenStack. Docker Machine will create virtual machines and install Docker Engine on them and finally it will configure Docker Client to communicate with Docker Engine securely.
Docker Compose : is a tool that helps define and launch multi-container Docker applications
Docker Swarm : is a tool that helps us create a Docker clustering. It helps us group multiple Docker Engines together and we can "see" it as a single virtual Docker Engine.

Some other ingredients

Dockerfile: as a script used to build images in containers. Dockerfile consists of consecutive commands that are automatically executed on an original image to create a new image. Dockerfile simplifies the process from start to finish
Docker Toolbox: Because Docker Engine uses some features of the Linux kernel, we will not be able to run Docker Engine natively on Windows or BSD. In previous versions, we would need a virtual machine with a certain version of Linux installed and then install Docker Engine on that virtual machine.

Docker vs Virtual Machine

Virtual Machine

Is a virtual machine that works exactly like a computer, in short it helps create multiple machines on one physical machine.

For example, applications VMware Workstation, it helps us install multiple operating systems on a physical computer and they also have the same requirements as other operating systems such as memory ram... and all of that is virtual. chemistry.

Infrastructure: can be a laptop, server... understood as a physical machine
HOST OPERATING SYSTEM: is the operating system being used in the infrastructure
HYPERVISOR (monitoring software): treats the virtual machine as an independent computer packaged into a file, HYPERVISOR will be used to stop, start, reset each virtual machine, allowing them to access hardware resources at below, this software will limit the resources of each virtual machine
GUST OS: is the operating system of the virtual machine, it is necessary to install an accompanying operating system for the virtual machine and provide the necessary resources for that virtual machine (eg ram, memory...).
Bins/libs services and applications will need accompanying files and libraries
App code of applications and software

Docker

INFRASRUCTURE and HOST OPERATING SYSTEM are the same as explained above.
DOCKER DAEMON: this is a service that operates on the server, used to manage necessary components and interact with the docker container.
BINS/LIBS files and accompanying libraries of the service are added to the docker image.
App source code of applications and software is added to the docker container.

Difference between docker and VM

From the image we can see that the VM has its own virtual machine running on a virtual operating system and does not share the operating system. This will make the machine heavier because each operating system requires a certain amount of hard resources. Much is needed, otherwise docker containers only share and that's why docker containers are lighter.

Sharing the operating system between containers will make them very lightweight and start up in just a few seconds, so the cost to manage will be very low compared to virtual machines.

Docker containers are great when you run multiple applications through a single operating system kernel, but if you need to run on multiple operating systems then a virtual machine will be a must.

Security

VMs do not share an operating system and they are completely isolated in the kernel so they are more secure than containers. Containers have many security risks because they share and share the same kernel.

Unset docker resources namespacecan exploit all containers in a pod if they have access to a container. In VM, HYPERVISOR has limited resource usage of the virtual machine and you cannot access the VM's resources.

Flexibility

Docker containers are easy to migrate because they do not have a separate operating system, they can be migrated to another operating system and are easy to start. On the other hand, VMs have separate operating systems, so migration will be more difficult and time-consuming because of their size.

Below is the conclusion between docker and VM

Docker	Virtual Machine
Share operating system	Each has its own operating system
Starts up in seconds	Depending on the device, booting takes longer
Small capacity	Large capacity
Software virtualization	Hardware virtualization
Requires less memory usage	Allocate memory according to need
Process-level isolation is less secure	Completely isolated and safer

Docker

Virtual Machine

Share operating system

Each has its own operating system

Starts up in seconds

Depending on the device, booting takes longer

Small capacity

Large capacity

Software virtualization

Hardware virtualization

Requires less memory usage

Allocate memory according to need