Docker 101


Docker is a runtime for containers

  • A container is a concept made from linux namespaces, cgroups, & pivot roots (courtesy of Jessie Frazelle)

Open Container Initiative

The Open Container Initiative is a lightweight, open governance structure, formed under the auspices of the Linux Foundation, for the express purpose of creating open industry standards around container formats and runtime. The OCI was launched on June 22nd 2015

Cloud Native Computing Foundation

The Cloud Native Computing Foundation will create and drive the adoption of a new set of common container technologies informed by technical merit and end user value, and inspired by Internet-scale computing.

OS-level virtualization

  • Hypervisor is to hardware-level virtualization what Docker is to OS-level virtualization
  • Decouples host OS from operating system inside container (lightweight VM)
  • Container = your application + base operating system
  • Containers may use any Linux base operating system. For non-Linux OS, use a hypervisor

Client/server architecture (courtesy: Techcrunch)


  • Server – Docker daemon running on physical or virtual machine (Docker host). Docker daemon is batteries included, but removable (meaning Docker daemon is modular so you can use different plugins at the networking or storage layer)
  • Client – Containers talk to a Docker client which in turn talks to Docker daemon regardless whether the daemon is local or remote (network). The Docker client uses CLI or remote API to communicate with the Docker engine (or daemon)

Docker Host OS

  • Docker requires any 64-bit version of Linux kernel (kernel must be 3.10 at minimum)
  • Docker host OS implies that configuration management tools are still relevant
  • New breed of Docker host OS: CoreOS, RancherOS, Snappy Ubuntu Core, Project Atomic

Docker as the new package management system

  • apt and yum may still be accessible through the Docker host OS (except with RancherOS) but I’m referring to Docker as the new package management system using the Docker workflow (that is, at the stage of building a Docker image). This idea is borrowed from Jason Hoffman and Bryan Cantrill

Docker container workflow

  1. Create a Docker image (pull base image from Docker private or public registry)
  2. Configure the Docker image (using Dockerfile or through CLI in your build machine)
  3. Save the configuration (run the Dockerfile or docker commit)
  4. Run the Docker image (a container is a running instance of a Docker image)

Docker container maintenance

  • If the Docker image needs to be updated, build a new Docker image
  • Stop the running old Docker container (and throw it away)
  • Pull the new Docker image (or load it if you saved it as a tar archive)
  • Run the new Docker image
  • This is the so-called immutable infrastructure

Docker storage driver

  • courtesy of Jérôme Petazzoni
  • If you do PaaS or other high-density environment
  • – AUFS (if available on your kernel)
  • – overlayfs (otherwise)
  • If you put big writable files on the CoW filesystem:
  • – BTRFS or Device Mapper (pick the one you know best)
  • Bottomline:

The best storage driver to run your production will be the one with which you and your team have the most extensive operational experience.

Docker networking (courtesy:


Subjectivity aside, leave a reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s