What is Docker Container?
As per Docker, Docker container is “a standardized unit of software.” In simple words, Docker container is a writeable image (Docker Image), so to understand containers, we need to understand what a Docker image is. Docker container image is an application package that includes all its libraries and dependencies in it so that we can run the container quickly and reliably using this image regardless of infrastructure. If you are able to install the Docker engine on the machine, it means you can run containers as well without any issue. We can run Ubuntu, CentOS, and even Windows Server Core as a Docker Container. We can create our own container image using the base image.
Why should we use Docker Containers?
Portable: Docker container is an industry-standard for the containerized application so that it can be run anywhere. If you have a containerized application that is running on Windows, but due to business requirements, you have to run that application on Linux, you can easily run it on Linux as well without modifying a single code.
Lightweight: Docker container uses the host OS kernel to communicate with hardware like storage, NIC, etc. that’s why Docker container does not need a full-blown OS for every application. It boots faster than VM as it is lightweight.
Greater efficiency: Docker containers help us to deploy, update and scale our application easily and more quickly.
Platform Independent: We can run Docker containers on Linux, Windows or any Public Cloud platforms such as Azure, AWS, GCP, DigitalOcean, etc. and even on raspberry pi.
Secure: Docker containers are secure as it provides great isolation among application running as a container. Each container has its own filesystem, namespace, and groups, so if any application is attacked by any intrusion or malware, it will only affect that single container.
Cost-effective: – Docker container is also cost-effective as we require fewer servers to run our applications and indirectly saving licensing costs of OS.
Docker Containers are Everywhere
Today’s Docker containers exist everywhere, starting from Linux OS to datacenters. With the huge success of Docker container in the Linux world, Microsoft also partnerships with Docker to bring containers and their functionality to Windows Server. Public cloud providers also provide Container as a Service like EKS by AWS, AKS by Azure and GKE by Google. We an even run Docker on Raspberry Pi. Serverless computing is also backed by Docker containers. To enhance security, organizations often use container image scanning tools to identify vulnerabilities and ensure compliance.
Docker Containers Vs. Virtual Machines
Docker Containers | Virtual Machines |
Containers virtualize Operating System. | VMs virtualize hardware. |
Containers provide app layer abstraction. | VMs run in a hypervisor environment. |
Containers share the same OS kernel on which containers
are running. |
VMs have their own OS inside them, which includes binaries,
libraries and application files. |
Containers utilize less space than VMs so that they can
handle more applications on fewer VMs or physical servers. |
VMs run on the full-blown OS, so these VMs take space in GBs |
Containers start too quickly. It can be started in a few
seconds. |
VMs boot slowly. It takes a few minutes to start. |
How does Docker Container Work?
As discussed earlier, each Docker container has its own filesystems, namespaces, and cgroups. These three features help us to understand working on Docker containers.
- Filesystems: – Docker containers use a stackable filesystem that means files and directories in different branches can be overlaid to make a single file system. It helps us to avoid duplicating data each time we deploy the container.
- Namespaces: – Each container has its own multiple namespaces, and each namespace has a different type of information about the OS. For example, the MNT namespace has information about mounted filesystems that containers can use; similarly, a USER namespace has information about container users and group IDs.
- Control groups: – Control groups are responsible for managing resource usage of containers such as CPU, memory, disk I/O and network. We can also restrict usage limits using Control groups.
We need a Docker image to run a container, and images can be stored in repositories. We have a public repository that is the hub.docker.comon which official images are freely available. We can pull or push images to this repository. We can also create a private repository on the hub.docker.comor implement a whole new private registry that is only available within the organization.
Docker Run Hello-World
The below command is used to create a simple hello-world container: –
When we run the above command on the terminal (Docker CLI), Docker CLI makes an API call to Docker daemon; Docker daemon first searches the ‘hello-world’ image locally on the host if Docker image is not present locally, it goes to hub.docker.com and searches there. If the Docker daemon finds the mentioned image on the hub, it downloaded the image locally, and once it is downloaded, the Docker daemon starts the container using that image. Below snapshot is the output of the above command: –
Some useful commands related to Docker Containers: –
1. docker container –help
The above command is used to get a list of commands that we can use with the container. Help is really helpful if you forget any command. Below is the snapshot of the above command: –
If we need more help with a further command like what will come after that command, we can again use help to get further help. Let’s understand it with an example. If you are not sure what will come after command ‘run’, then you can run the command as below to get more help:-
2. docker container run –help
here is the snapshot of the above command: –
There are a bunch of options that we can use with the Docker run command.
3. docker container ls
The above command is used to list all running containers. We can also use ‘docker ps’ to list all running containers.
We have to use -a flag to list all containers that are present on the system.
4. docker container inspect <container_id>or<container_name>
The above command will display the full details of the container in JSON format. Below is the sample output of the above command; you will get more details than shown below: –
Conclusion
Docker containers provide agility in deploying, updating and scaling any application by integrating it with CI/CD pipeline. We can even run the legacy applications as containers. Docker containers are lightweight, portable and secure. We can get a great level of flexibility using Docker containers and Virtual Machines together.
Recommended Articles
This is a guide to Docker Containers. Here we discuss How does Docker Container work and Why should we use it, along with some useful commands. You may also have a look at the following articles to learn more –