Saturday, 8 November 2025

Docker - The concept

Docker is an open platform for developing, shipping, and running applications. It's a tool that automates the deployment of applications in lightweight, portable packages called containers.




















Let’s break down Virtualization vs Containerization clearly 👇

⚙️ 1️⃣ Virtualization

Virtualization means running multiple operating systems (OSs) on a single physical machine using a hypervisor.

🔹 How it works:

  • Each Virtual Machine (VM) includes:

    • Its own full Operating System (e.g., Ubuntu, Windows)

    • App + dependencies

  • The hypervisor (like VMware, VirtualBox, or Hyper-V) divides physical hardware resources among the VMs.

🧱 Example:

Your laptop (Windows) can run:

  • Ubuntu VM

  • CentOS VM
    Each one behaves like a separate computer.

⚠️ Downside:

  • Each VM carries its own OS → heavy (takes GBs of space)

  • Slow startup time

  • More resource usage (RAM/CPU)

📦 2️⃣ Containerization

Containerization (like Docker) runs multiple apps on the same OS kernel, but keeps them isolated.

🔹 How it works:

  • Containers share the host OS kernel

  • Each container has:

    • App + dependencies only (no separate OS)

  • Managed by Docker Engine instead of a hypervisor

⚡ Advantages:

  • Lightweight → uses less memory & disk

  • Faster startup (in seconds)

  • Higher density → more containers per host

  • Portable → runs the same anywhere


1. What is a Container?

A container is like a small, lightweight virtual machine, but without the heavy overhead.
It bundles:

  • Your application code

  • Its dependencies (libraries, runtimes, configs)

  • A Docker container does not contain its own separate operating system (OS) kernel.However, it does contain all the necessary user-space tools, system libraries, and files that make it look and feel like a specific OS distribution from the application's perspective.  The user space is the collection of software above the kernel, including the shell, utilities (like ls, apt, ping), system libraries (like glibc), and everything else needed to run an application.

So your app runs exactly the same way on any computer — whether it's your laptop, a test server, or the cloud.

⚙️ 2. What Docker Does

Docker provides:

  • Docker Engine → runs and manages containers , It uses a client-server architecture where the Docker client (what you use to issue commands) communicates with the Docker daemon (the background service that manages the containers).

  • Docker Images → blueprints or templates for containers

  • Docker Hub → A repository/store to share and download images

  • Docker Container  →  A running instance of an image and it share the host's Linux kernel. This is the key to their lightweight nature. They don't have the overhead of booting a separate, full OS.

🪄 3. Example

Without Docker:

  • You install Java, Tomcat, and dependencies manually.
    With Docker:

  • You use a Docker image (like tomcat:9.0) and just run:

    docker run -d -p 8080:8080 tomcat:9.0

    ✅ Instantly, Tomcat runs inside a container — no setup headache.

🚀 4. Why Use Docker

  • Portability: Works the same on any system.

  • Speed: Starts in seconds (much faster than VMs).

  • Isolation: Each app runs separately.

  • Consistency: “It works on my machine” problems disappear.

  • DevOps friendly: Great for CI/CD pipelines.


Docker Architecture Flow






















The entire process begins with the Docker Client and is executed by the Docker Daemon, often with the help of the Docker Registry.

1. The Docker Client (You)

  • Role: The primary user interface. This is typically the Docker Command Line Interface (CLI) where you type commands like docker run, docker build, or docker pull.

  • Action: The Client takes your simple command and translates it into a REST API request that it sends to the Docker Daemon.

  • Communication:

    • Local Host: The Client and daemon can be present on the same server and it communicates with the Daemon using a UNIX socket (or an IPC pipe on Windows), which is very fast and secure.

    • Remote Host: The Client can be configured to connect to a Daemon on a different machine over a network interface (TCP/IP).

2. The Docker Daemon (The Engine)

  • Role: The "brain" of Docker. It is a persistent background process (dockerd) running on the Docker Host machine that does all the heavy lifting.

  • Action:

    • It listens for the REST API requests sent by the Client.

    • It manages all the Docker objects: Images, Containers, Networks, and Volumes.

  • Core Tasks:

    • Building Images: If you run docker build, the Daemon executes the instructions in your Dockerfile to create a new Image.

    • Pulling Images: If you run docker pull or docker run an image that doesn't exist locally, the Daemon contacts the Registry to download the Image.

    • Running Containers: When you run docker run, the Daemon uses the Image to create a live, isolated instance—a Container. It handles the necessary kernel features like namespaces and cgroups to ensure isolation.

3. The Docker Registry (The Library)

  • Role: A centralized storage location for Docker Images.

  • Action: The Daemon interacts with the Registry to store or retrieve Images.

    • Pull/Run: If the Daemon doesn't have an Image, it pulls it down from the Registry (like downloading a file from the internet). Docker Hub is the default public Registry.

    • Push: If you've created a custom image and want to share it, you use docker push to upload it to the Registry.

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Building a Safer PostgreSQL CI/CD Pipeline with GitHub Actions: Dev → PR Review → Test Promotion

In my previous post, we explored a simple push-to-main deployment strategy . While functional, that model is not considered an industry best...