What is ?
Last updated
Last updated
Docker is a software platform that allows you to build, test, and deploy applications quickly. Docker packages software into standardized units called containers that have everything the software needs to run including libraries, system tools, code, and runtime. Using Docker, you can quickly deploy and scale applications into any environment and know your code will run.
Running Docker on AWS provides developers and admins a highly reliable, low-cost way to build, ship, and run distributed applications at any scale.
Docker works by providing a standard way to run your code. Docker is an operating system for containers. Similar to how a virtual machine virtualizes (removes the need to directly manage) server hardware, containers virtualize the operating system of a server. Docker is installed on each server and provides simple commands you can use to build, start, or stop containers.
Using Docker lets you ship code faster, standardize application operations, seamlessly move code, and save money by improving resource utilization. With Docker, you get a single object that can reliably run anywhere. Docker's simple and straightforward syntax gives you full control. Wide adoption means there's a robust ecosystem of tools and off-the-shelf applications that are ready to use with Docker.
Docker client : Takes on the role of interacting with users and Docker. When you use a command docker run
, the docker client sends those commands to dockerd and executes them, docker commands use the docker API and they can interact with one or more docker daemons.
Docker daemon : Will listen to requests API request
and docker client
manage Docker objects such as images, containers, networks, volumes. They can communicate with other daemons to manage docker services
Registry : Used to store images, Docker hub
is a Public Request where everyone can use and by default the configured docker will search and pull images from docker hub. docker run
When you run the or command docker pull
, the necessary images will be retrieved from docker hub and when you use the command, docker push
you will also upload the image docker hub
.
Docker Desktop : is an easy-to-install application for window and Mac environments, Docker desktop includes docker client
, docker daemon
, docker compose
, Docker Content Trust
, Kubernetes
and Credential Helper
to know more you can take a look at docker desktop .
image is an read-only template
example of your application will be packaged into an image, this image will contain the environment, libraries, technology..., usually this image will be based on another image (for example, laravel's application If you package it into a laravel image, you will need a php image).
You can create your own image or use someone else's image and you can post it to the Registry. To create an image you need to create it dockerfile
with simple syntax to determine the steps needed to create and use.
Dockerfile
will run each command divided into each layout. If you change or modify a command in the dockerfile, they will only change that layout and keep the remaining layouts intact, that is one of the reasons why. image copy is fast and compact when compared to other virtualization technologies.
A container is an instance of an image, simply put, a docker container is generated from a docker image when running a command and the things we use or manipulate are through this guy.
You can create, delete, stop, move containers using docker API or CLI, can connect to multiple networks..., Containers will operate independently of other containers, you can control the isolation level of containers through the network, or subsystems, other containers, or servers
Network
Provides a private network that exists only between the container and the host
Volume
Volume in Docker is used to share data for containers. The following is an illustration of the relationships between the above components:
Docker Machine : Machine creates Docker Engine on your laptop or on any popular cloud service like AWS, Azure, Google Cloud, Softlayer or on data center systems like VMware, OpenStack. Docker Machine will create virtual machines and install Docker Engine on them and finally it will configure Docker Client to communicate with Docker Engine securely.
Docker Compose : is a tool that helps define and launch multi-container Docker applications
Docker Swarm : is a tool that helps us create a Docker clustering. It helps us group multiple Docker Engines together and we can "see" it as a single virtual Docker Engine.
Dockerfile: as a script used to build images in containers. Dockerfile consists of consecutive commands that are automatically executed on an original image to create a new image. Dockerfile simplifies the process from start to finish
Docker Toolbox: Because Docker Engine uses some features of the Linux kernel, we will not be able to run Docker Engine natively on Windows or BSD. In previous versions, we would need a virtual machine with a certain version of Linux installed and then install Docker Engine on that virtual machine.
Is a virtual machine that works exactly like a computer, in short it helps create multiple machines on one physical machine.
For example, applications VMware Workstation
, it helps us install multiple operating systems on a physical computer and they also have the same requirements as other operating systems such as memory ram... and all of that is virtual. chemistry.
Infrastructure: can be a laptop, server... understood as a physical machine
HOST OPERATING SYSTEM: is the operating system being used in the infrastructure
HYPERVISOR (monitoring software): treats the virtual machine as an independent computer packaged into a file, HYPERVISOR will be used to stop, start, reset each virtual machine, allowing them to access hardware resources at below, this software will limit the resources of each virtual machine
GUST OS: is the operating system of the virtual machine, it is necessary to install an accompanying operating system for the virtual machine and provide the necessary resources for that virtual machine (eg ram, memory...).
Bins/libs services and applications will need accompanying files and libraries
App code of applications and software
INFRASRUCTURE and HOST OPERATING SYSTEM are the same as explained above.
DOCKER DAEMON: this is a service that operates on the server, used to manage necessary components and interact with the docker container.
BINS/LIBS files and accompanying libraries of the service are added to the docker image.
App source code of applications and software is added to the docker container.
From the image we can see that the VM has its own virtual machine running on a virtual operating system and does not share the operating system. This will make the machine heavier because each operating system requires a certain amount of hard resources. Much is needed, otherwise docker containers only share and that's why docker containers are lighter.
Sharing the operating system between containers will make them very lightweight and start up in just a few seconds, so the cost to manage will be very low compared to virtual machines.
Docker containers are great when you run multiple applications through a single operating system kernel, but if you need to run on multiple operating systems then a virtual machine will be a must.
VMs do not share an operating system and they are completely isolated in the kernel so they are more secure than containers. Containers have many security risks because they share and share the same kernel.
Unset docker resources namespace
can exploit all containers in a pod if they have access to a container. In VM, HYPERVISOR has limited resource usage of the virtual machine and you cannot access the VM's resources.
Docker containers are easy to migrate because they do not have a separate operating system, they can be migrated to another operating system and are easy to start. On the other hand, VMs have separate operating systems, so migration will be more difficult and time-consuming because of their size.
Below is the conclusion between docker and VM
Share operating system
Each has its own operating system
Starts up in seconds
Depending on the device, booting takes longer
Small capacity
Large capacity
Software virtualization
Hardware virtualization
Requires less memory usage
Allocate memory according to need
Process-level isolation is less secure
Completely isolated and safer