The Docker Story

Kiran Kumar
7 min readFeb 6, 2024

--

Docker Engine has two main parts: server and client.

The client, called Docker client, is a command line interface used to talk to the server.

The server is a background process that requires no user interaction, which is called a daemon, a term we will encounter repeatedly to reference the Docker server.

In addition to the Docker client and daemon, Docker Engine also includes so-called API specifications, which define how you can interact with the Docker Daemon.

These APIs are not only used by the Docker client to talk to the daemon but also specify how other applications can work with the daemon.

Docker Daemon:

The Docker daemon is responsible for managing all Docker objects, such as images, containers, and more.

However, we can’t directly tell the daemon what to do; we need a client to give us a human-usable interface to it.

Here the Docker command line interface is the default option, but there are others, like Docker Desktop, which gives us a Graphical User Interface to manage our containers.

  1. 1 https://docs.docker.com/engine/
  2. 2 https://docs.docker.com/get-started/overview/#docker-architecture

What are containers ?

In Docker, a container is a lightweight, standalone, and executable software package that includes everything needed to run a piece of software, including the code, runtime, system tools, libraries, and settings. Containers are a form of operating system virtualization that allow you to package an application and its dependencies into a single unit that can be easily transported between different environments.

Here’s a breakdown of the key concepts related to containers in Docker:

  1. Image: An image is a snapshot of a filesystem that includes the application code, runtime, system tools, libraries, and other dependencies needed to run an application. Images are the building blocks of containers. Docker images are typically created from a base image and customized using Dockerfiles, which are text files containing instructions to define how an image should be built.
  2. Container: A container is an instance of a Docker image that is running as a process on the host operating system. Containers are isolated from each other and from the host system, ensuring that applications run consistently across different environments. Containers share the host OS kernel but have their own isolated filesystem, network, and process space.
  3. Docker Engine: This is the core component of Docker that manages containers. It includes the Docker daemon (a background service) and the Docker CLI (Command Line Interface). The Docker daemon handles the building, running, and managing of containers, while the Docker CLI provides a user-friendly interface to interact with the Docker Engine.
  4. Dockerfile: A Dockerfile is a text file that contains a set of instructions for building a Docker image. It specifies the base image, environment variables, system configurations, application code, and other settings required to create a customized image.

Containers vs Virtual Machines

Both Virtual Machines and containers aim to run software side by side on the same physical machine safely, that is, without interfering with each other. In that sense, Virtual Machines achieve many of the same goals as containers. However, from a technical perspective, there is a big difference making their use cases different.

Running software side by side on the same physical machine safely is done using virtualization.

Virtualization means that resources like RAM, CPU, or Disk can be split up and look like separate resources to the software using them. For example, a hard disk of 100GB can be virtualized to look like four hard disks of 25GB. This way, different pieces of software can each use 25GB, yet they can’t interfere with the other parts. Both containers and VMs are virtualization technologies.

Key Difference: Docker and Virtual Machine

There are many analogies of Docker and virtual machines. Docker containers and virtual machines differ in many ways; let’s discuss one analogy using apartment vs. bungalow.

Certainly! Here’s a tabular comparison between Docker and containers, along with real-time IT examples for better understanding:

Photo by Rubaitul Azad on Unsplash
Docker vs container

Security of Virtualization

This better separation of VMs over containers makes them more secure and points us to the main drawback of containers, that there is always a possibility for attackers to get access to the host OS. This, in turn, can give access to all containers running on the same machine.

Since attackers breaking out of a container to the host operating system is the main risk of using containers, Docker and other container providers spend extensive resources on making their containers as secure as possible.

The risk of attackers accessing the host is limited when using an industry-standard container provider like Docker.

Nonetheless, it is worth considering VMs when security is paramount, for example, when working with sensitive data.

Containers are lightweight

While containers have a slight disadvantage in the amount of security they provide, there are several advantages of using containers over VMs. One significant advantage is their size in memory and on disk compared to VMs. In other words, containers require less RAM and less disk space. Containers are significantly smaller because they only need to include a small part of a full OS, sharing the rest of the OS with the Host OS and other containers.

Advantages of containers

The smaller size is at the base of many advantages of containers. It makes containers faster to start and stop. And also makes containers faster to distribute and to change or update. Because of their small size, there is a large ecosystem of pre-made containers with many popular software applications like programming languages, databases, or web servers pre-installed. In comparison, VMs can quickly become several GigaBytes in size, which means they are often built from scratch for every use case.

Advantages of Virtual Machines

Of course, slightly better security is not the only advantage of VMs. If your use case needs a Graphical User Interface, then for now, a VM is the best option; no container supports GUI applications, while VMs support both GUIs and command lines fully.

Docker In a real-time IT scenario

Consider a scenario where a development team is working on a web application using a microservices architecture:

Example Scenario: Microservices Application with Docker Containers**

In this example, a company is developing a complex web application using microservices to ensure modularity and scalability. Docker containers are used to manage and deploy each microservice independently.

1. Development : The development team creates separate Dockerfiles for each microservice, specifying the runtime, dependencies, and code. These Dockerfiles are used to build Docker images.

2. Image Building : Using Docker commands, the team builds Docker images from the Dockerfiles. Each image contains the specific microservice’s code and dependencies.

3. Containerization : Once the images are built, they are deployed as containers. Each microservice runs in its own container, isolated from other microservices and the host system.

4. Consistent Deployment : The application, consisting of multiple microservices running in separate containers, can be deployed on various environments (development, testing, production) while ensuring consistent behavior and minimizing compatibility issues.

5. Scalability : As user demand increases, the company can easily scale specific microservices by deploying additional containers. This ensures that only the required components are scaled, improving resource utilization.

6. Isolation : Since each microservice runs in its own container, failures or resource-intensive processes in one microservice do not affect others, enhancing reliability and stability.

By utilizing Docker containers, the company achieves efficient management, consistent deployment, and scalability for its microservices-based web application, all while maintaining isolation and reproducibility.

Docker Tips :

𝐃𝐨𝐜𝐤𝐞𝐫 𝐓𝐢𝐩 💡

𝐂𝐥𝐞𝐚𝐧 𝐔𝐩 𝐘𝐨𝐮𝐫 𝐃𝐨𝐜𝐤𝐞𝐫 𝐄𝐧𝐯𝐢𝐫𝐨𝐧𝐦𝐞𝐧𝐭 🚀

We can reclaim disk space by cleaning our docker environment using the 𝐩𝐫𝐮𝐧𝐞 command. It removes stopped and unused containers, unused images, and networks.

command: 𝐝𝐨𝐜𝐤𝐞𝐫 𝐬𝐲𝐬𝐭𝐞𝐦 𝐩𝐫𝐮𝐧𝐞

To remove all unused images not just dangling ones, run:

𝐝𝐨𝐜𝐤𝐞𝐫 𝐬𝐲𝐬𝐭𝐞𝐦 𝐩𝐫𝐮𝐧𝐞 -𝐚

We can also prune unused volumes as well by passing the — volumes flag:

𝐝𝐨𝐜𝐤𝐞𝐫 𝐬𝐲𝐬𝐭𝐞𝐦 𝐩𝐫𝐮𝐧𝐞 — 𝐯𝐨𝐥𝐮𝐦𝐞𝐬

above docker init pic credits sayed

--

--

Kiran Kumar

Technophile with 10 years experience in IT industry | Java Lead cum Architect