Beginners guide for Docker Terminology

Tushar Verma
4 min readJan 14, 2022

--

What is Docker?

Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications.

Docker vs VM

1. OS Support and Architecture

Virtual machines have host OS and the guest OS inside each VM, whereas Docker container hosts on a single physical server with a host OS, which shares among them.

2. Security

Traditional applications are not properly isolated from each other within a VM, which can give scope for a malicious program to penetrate into and control others. Whereas, Docker containers run isolated from each other, with each of them possessing their own level of security remaining unharmed.

3. Portability

Virtual machines are isolated from their OS, and so, they are not ported across multiple platforms without incurring compatibility issues, whereas Docker containers packages are self-contained and can run applications in any environment, and since they don’t need a guest OS, they can be easily ported across different platforms.

4. Performance

Virtual machines are more resource-intensive than Docker containers as the virtual machines need to load the entire OS to start. The lightweight architecture of Docker containers is less resource-intensive than virtual machines.

Docker architecture

The Docker architecture uses a client-server model and comprises the Docker Client, Docker Host, Network and Storage components, and the Docker Registry / HubDocker Image

Docker Image

A Docker image contains application code, libraries, tools, dependencies, and other files needed to make an application run. The image can then be deployed to any Docker environment and executable as a container.

Dockerfile

A text document containing the commands to build a Docker image.

Docker Containers

A Docker container is a runtime instance of an image. From one image you can create multiple containers on multiple Docker platforms.

Docker Container Networking

Networks available on Docker host upon creation:

1-Bridge
2-Host
3-None

Note: The default docker network that is used by the container is the bridge network.

Docker Storage

Docker Storage can be classified into three categories

1-Local Storage for Container
2-Persistent Data Storage
3-Static Image Storage

Docker Volume

Docker volumes are native to Docker. The data is kept somewhere on storage attached to the host. The volume itself has a lifecycle that’s longer than the container’s, allowing it to persist until no longer needed. Volumes can be shared between containers.

Docker Compose

Docker Compose is a tool for defining and running multi-container Docker applications. It uses a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.

Docker Registry

Docker Registry is a stateless, highly scalable server-side application that stores and lets you distribute Docker images.

Container orchestration

It is a solution that consists of a set of tools and scripts that can help host containers in a production environment. It consists of multiple Docker hosts that can host containers. So even if one fails, the application is still accessible through the others

Docker Cheatsheet

https://phoenixnap.com/kb/wp-content/uploads/2021/04/Docker-commands-cheat-sheet-by-PhoenixNAP-scaled.jpg

Docker Security Best Practices

Thanks to Rohit Sehgal(@sec_r0) for Docker Zines

Reference

Thanks, everyone for reading

Support me if you like my work! Buy me a coffee

Follow me on Twitter, LinkedIn, GitHub

--

--

Tushar Verma
Tushar Verma

Written by Tushar Verma

Security Engineer | Synack Red Team Member

No responses yet