Beginners guide for Docker Terminology
What is Docker?
Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications.
Docker vs VM
1. OS Support and Architecture
Virtual machines have host OS and the guest OS inside each VM, whereas Docker container hosts on a single physical server with a host OS, which shares among them.
2. Security
Traditional applications are not properly isolated from each other within a VM, which can give scope for a malicious program to penetrate into and control others. Whereas, Docker containers run isolated from each other, with each of them possessing their own level of security remaining unharmed.
3. Portability
Virtual machines are isolated from their OS, and so, they are not ported across multiple platforms without incurring compatibility issues, whereas Docker containers packages are self-contained and can run applications in any environment, and since they don’t need a guest OS, they can be easily ported across different platforms.
4. Performance
Virtual machines are more resource-intensive than Docker containers as the virtual machines need to load the entire OS to start. The lightweight architecture of Docker containers is less resource-intensive than virtual machines.
Docker architecture
The Docker architecture uses a client-server model and comprises the Docker Client, Docker Host, Network and Storage components, and the Docker Registry / HubDocker Image
Docker Image
A Docker image contains application code, libraries, tools, dependencies, and other files needed to make an application run. The image can then be deployed to any Docker environment and executable as a container.
Dockerfile
A text document containing the commands to build a Docker image.
Docker Containers
A Docker container is a runtime instance of an image. From one image you can create multiple containers on multiple Docker platforms.
Docker Container Networking
Networks available on Docker host upon creation:
1-Bridge
2-Host
3-None
Note: The default docker network that is used by the container is the bridge network.
Docker Storage
Docker Storage can be classified into three categories
1-Local Storage for Container
2-Persistent Data Storage
3-Static Image Storage
Docker Volume
Docker volumes are native to Docker. The data is kept somewhere on storage attached to the host. The volume itself has a lifecycle that’s longer than the container’s, allowing it to persist until no longer needed. Volumes can be shared between containers.
Docker Compose
Docker Compose is a tool for defining and running multi-container Docker applications. It uses a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.
Docker Registry
Docker Registry is a stateless, highly scalable server-side application that stores and lets you distribute Docker images.
Container orchestration
It is a solution that consists of a set of tools and scripts that can help host containers in a production environment. It consists of multiple Docker hosts that can host containers. So even if one fails, the application is still accessible through the others
Docker Cheatsheet
Docker Security Best Practices
Thanks to Rohit Sehgal(@sec_r0) for Docker Zines
Reference
Thanks, everyone for reading
Support me if you like my work! Buy me a coffee