Diving into Docker: A Beginner’s Guide to Containerization #Docker Series Part 1
What is Docker, comparison with Virtual Machines, key concepts of Docker
Containerization is a software development technique that involves packaging an application and its dependencies into a standardized and isolated unit called container. A container encapsulates the application code, runtime environment, system libraries, and configurations, ensuring that the application can run consistently across different computing environments.
The isolated environment of container allowing multiple application to run independently without interfering each other. This isolation also enhanced security, stability, and scalability, making containers well-suited for modern software development practices such as microservices architectures, DevOps, and continuous integration/continuous deployment (CI/CD) pipelines. The most popular containerization platform out there is Docker. Docker provide tools for creating, managing, and deploying containers.
This article is part of my Docker Series. Check out the other part I’ve discussed about:
- Creating custom Image of your application
- Optimizing your multi-container application using Docker Compose
- Integrating Containers into Your CI/CD Pipeline using Github Actions
Let’s jump in
What is Docker?
Docker is an open source platform that let you develop, shipping, and running application in container. Shipping refers to the process of packaging an application with its dependencies into a container image and then deploying that container image into a target environment such as a server or cloud platform. You can separate your application from its infrastructure and make the delivery process quickly.
The benefits of containerization:
- consistency: packaging an application and their dependency ensuring consistency across different environment. It eliminates the “it works on my machine” problem and simplify the deployment process
- portability: container portable across different platforms and environments. You can build your applications once and run it anywhere, whether it’s on your laptop, a testing server, or a production environment
- isolation: containers provide process and resource isolation. It enables multiple application to run in the same host without interference
- resource optimization: with containers you can run multiple isolated application in the same host, optimizing resource usage and reducing infrastructure costs
- efficiency: container is more lightweight compared to traditional virtual machines
- DevOps and CI/CD: containers enabling continuous integration and continuous deployment (CI/CD) pipelines. Developers can build, test, and deploy containerized application more rapidly and reliably, improved collaboration between development and operations team
- microservices architecture: containers are suitable for microservices architecture where applications are composed of small services. Each services can be containerized and deployed separately, allowing for easier developent, deployment, and scaling of individual service
Comparison with virtual machines (VMs) and traditional deployment methods
In traditional deployment, we deploy and running applications in a physical server. This traditional method encounters lot of limitations from cost related because it’s expensive to maintain physical server, scaling issue for specific application, long downtimes, and no isolation of resources.
In virtual machine, we use hypervisor to communicate between guest operating system and host operating system. The physical computer is called the host OS and the virtual machine is called the guest OS. You can configure and manage the guest operating system without affecting the host operating system. The hypersivor manage resource sharing so the virtual machine can run in isolation along with other VMs on the same hardware.
On the other hand, containers package an application with its dependencies so it can run in any device. Containers use container engine that acts as an agent to provide and manage resources that the application needs. Containers have smaller footprint than virtual machine because containers share the same host operating system’s kernel while virtual machines each have their operating system’s kernel. That’s why containers can start and stop faster, and use fewer resources.
Containers and virtual machines have similarity, they allow full isolation of application. But the level of isolation is different. Virtual machines typically have a higher degree of isolation because they emulate entire operating systems for each instance. This means that if one virtual machine is compromised, it’s generally more difficult for an attacker to access other virtual machines on the same host. In contrast, containers share the host operating system’s kernel, which can potentially introduce security risks if an attacker gains access to the host kernel.
Containers and virtual machines can be used together to combine the speed of containers and the security of virtual machines. Containers can be used to develop and deploy an application, and virtual machines can be used to provide the underlying infrastructure.
Key concept of Docker: Docker Engines, Image, Registry, Docker Compose
Docker Engines
Docker engine is one of the container engine. Docker engine comes in a package with Docker Desktop, but you can install it manually with binaries. Docker Engine consists of the Docker daemon (dockerd) and the Docker client (docker), which work together to manage containers, images, networks, and volumes.
Image
A container image is a standardized package that includes all of the files, binaries, libraries, and configurations to run a container. Two main concept you need to grasp of image are
- Image is immutable. Once you create an image you can’t modify it. You can only make a new image or add changes on top of it
- Container images are composed of layers. Each layer in a Docker image represents a filesystem different.
When you make changes to files in an existing image and then rebuild the image, Docker creates a new layer on top of the existing image. This new layer contains only the changes you made, while the underlying layers remain unchanged. This approach allows Docker to efficiently manage and store images by reusing common layers across multiple images.
Registry
An image registry is a centralized location for storing and sharing your container images. It can be either public or private. Docker Hub is a public registry that anyone can use and is the default registry. Key functionalities of registry are image storage, image distribution, access control, versioning of images, and web-based UI.
Docker compose
Docker Compose is a tool for defining and running multi-container applications. It makes the process of managing and controlling multi-container easier. Compose can work in all environment. Key benefits of compose are simplified control in a single YAML file, efficient collaboration, rapid application development using cache, and the support variable makes containers and compose portable across different environment.
Conclusion
Docker enables packaging, shipping, and running applications in containers, ensuring consistency across diverse environments. With lightweight, efficient containerization technology, Docker promotes portability, allowing applications to be developed once and deployed anywhere. Key concepts like Docker Engines, Images, Registry, and Docker Compose simplify container management, empowering developers to define and manage multi-container applications effortlessly. Docker’s versatility enhances efficiencies and agility, transforming software development practices.
Recommended Resource
- Docker official guides and tutorials to run your first container
- Docker official manual
- What are the benefits of using Docker Containers & when should they be used?
- Containers vs VMs (virtual machines): What are the differences?
- What’s the difference between containers and Virtual Machines?
In the Part 2, we will discuss about building a Docker Image. Stay tune!
