Docker

Docker provides a comprehensive tool to create, deploy, manage and run containers. In a normal setup, it bases on container technology as well as on Linux control groups and copy-on-write file systems to achieve good manageability and efficiency during execution of containers. Docker distinguishes between images and containers: images are a set of files used to run a container instance. A container is a runnable instance of an image.


Images can be stacked: a base image (not having any dependencies) could provide a plain Linux environment. Another image could contain a web server and refer to the base image. On top of the web server, web content could reside in another image. This structure facilitates management of the individual layers, and makes it easy to re-use parts of this stack (like the Linux environment, or the web server on top the Linux environment) for other purposes.

Docker will use copy-on-write for files to only store the differences between the images: the files of the Linux environment will only be stored in the base image, not in the web content container. On the other hand, should several disjoint images refer to the same underlying image, will libraries of that underlying image only be loaded once into memory: all the efficiency of shared libraries fully apply, without containers knowing of each other.

Images are self-contained: everything required to run an application needs to come with the image. This escapes the dependency hell of each application requiring a slightly different environment, and in general reduces the test matrix (the interface of a container to the OS kernel is smaller than the interface from the application to the OS and runtime environment). It also makes deployment very simple and fast.

Typically, a container serves a single task only. Composition and orchestration can be used to create more complex services. This granularity of containers is also ideal for scaling out environments; for instance, just add another container with a web server node, if needed. The application is started directly without going through an init process or starting up many daemons.

Docker images can easily be customized: at any time, changes made to a running container can be saved into a new image file. A more controlled, script-based way of building and customizing images is available and suitable for automated creation of images. Docker offers the concept of image registries and allows for versioning of images. Most of these tasks can be performed with a single Docker command.

Docker is a powerful software deployment vehicle as well as an efficient application hosting environment. It is an Open Source project, written in Go and per se not specific to any platform. In the following posts, we’ll walk through some of the above examples and capabilities on a real (z) system.