What is Docker?
Docker is an open source containerization platform. Docker enables developers to package applications into containers—standardized executable components that combine application source code with all the operating system (OS) libraries and dependencies required to run the code in any environment.
While developers can create containers without Docker, Docker makes it easier, simpler, and safer to build, deploy, and manage containers. It’s essentially a toolkit that enables developers to build, deploy, run, update, and stop containers using simple commands and work-saving automation.
Docker also refers to Docker, Inc. (link resides outside IBM), the company that sells the commercial version of Docker, and to the Docker open source project (link resides outside IBM), to which Docker Inc. and many other organizations and individuals contribute.
Why use containers?
Containers are made possible by operating system (OS) process isolation and virtualization, which enable multiple application components to share the resources of a single instance of an OS kernel in much the same way that machine virtualization enables multiple virtual machines (VMs) to share the resources of a single hardware server.
Containers offer all the benefits of VMs, including application isolation, cost-effective scalability, and disposability. But the additional layer of abstraction (at the OS level) offers important additional advantages:
- Lighter weight: Unlike VMs, containers don’t carry the payload of an entire OS instance—they include only the OS processes and dependencies necessary to execute the code.
- Greater resource efficiency: With containers, you can run several times as many copies of an application on the same hardware as you can using VMs. This can reduce your cloud spending.
- Improved developer productivity: Compared to VMs, containers are faster and easier to deploy, provision, and restart. This makes them ideal for use in continuous integration and continuous delivery (CI/CD) pipelines and a better fit for development teams adopting Agile and DevOps practices.
Learn more about containerization and how containers compare to VMs in our video “Containerization Explained”:
Containerization Explained (08:03)
Why use Docker?
Docker is so popular today that ‘Docker’ and ‘containers’ are used interchangeably, but the first container-related technologies were available for years — even decades (link resides outside IBM) — before Docker was released to the public in 2013. Most notably, in 2008, LXC (for LinuX Containers) was implemented in the Linux kernel, fully enabling virtualization for a single instance of Linux.
The first versions of Docker leveraged LXC exclusively, but Docker soon developed its own custom containerization technology that enabled the following:
- Improved—and seamless—portability: While LXC containers often reference machine-specific configurations, Docker containers run without modification across any desktop, data center, and cloud environment.
- Even lighter weight and more granular updates: With LXC, multiple processes can be combined within a single container. With Docker containers, only one process can run in each container. This makes it possible to build an application that can continue running while one of its parts is taken down for an update or repair.
- Automated container creation: Docker can automatically build a container based on application source code.
- Container versioning: Docker can track versions of a container image, roll back to previous versions, and trace who built a version and how. It can even upload only the deltas between an existing version and a new one.
- Container reuse: Existing containers can be used as base images—essentially like templates for building new containers.
- Shared container libraries: Developers can access an open-source registry containing thousands of user-contributed containers.
For these reasons, Docker adoption quickly exploded and continues to surge. At this writing, Docker Inc. reports 105 billion container downloads (link resides outside IBM) — up from 50 billion just one year ago—and more than 750 enterprise Docker customers.
Docker tools and terms
Some of the tools and terminology you’ll encounter when using Docker include the following:
Every Docker container starts with a simple text file containing instructions for how to build the Docker container image. DockerFile automates the process of Docker image creation. It’s essentially a list of commands that Docker Engine will run in order to assemble the image.
Docker images contain executable application source code as well as all the tools, libraries, and dependencies that the application code needs to run as a container. When you run the Docker image, it becomes one instance (or multiple instances) of the container.
It’s possible to build a Docker image from scratch, but most developers pull them down from common repositories. Multiple Docker images can be created from a single base image, and they’ll share the commonalities of their stack.
Docker images are made up of layers, and each layer corresponds to a version of the image. Whenever a developer makes changes to the image, a new top layer is created, and this top layer replaces the previous top layer as the current version of the image. Previous layers are saved for rollbacks or to be re-used in other projects.
Each time a container is created from a Docker image, yet another new layer called the container layer is created. Changes made to the container—such as the addition or deletion of files—are saved to the container layer only and exist only while the container is running. This iterative image-creation process enables increased overall efficiency since multiple live container instances can run from just a single base image, and when they do so, they leverage a common stack.
Docker containers are the live, running instances of Docker images. While Docker images are read-only files, containers are live, ephemeral, executable content. Users can interact with them, and administrators can adjust their settings and conditions.
Docker Hub (link resides outside IBM) is the public repository of Docker images that calls itself the “world’s largest library and community for container images.” It holds over 100,000 container images sourced from commercial software vendors, open source projects, and individual developers. It includes images that have been produced by Docker, Inc., certified images belonging to the Docker Trusted Registry, and many thousands of other images.
All Docker Hub users can share their images at will. They can also download predefined base images to use as a starting point for any containerization project.
Docker deployment and orchestration
If you’re running only a few containers, it’s fairly simple to manage your application within Docker Engine itself. But if your deployment comprises thousands of containers and hundreds of services, it’s nearly impossible to manage without the help of these purpose-built tools.
If you’re building an application out of processes in multiple containers that all reside on the same host, you can use Docker Compose to manage the application’s architecture. Docker Compose creates a YAML file that specifies which services are included in the application, and can deploy and run containers with a single command. Using Docker Compose, you can also define persistent volumes for storage, specify base nodes, and document and configure service dependencies.
To monitor and manage container lifecycles in more complex environments, you’ll need to turn to a container orchestration tool. While Docker includes its own orchestration tool, called Docker Swarm, most developers choose Kubernetes instead.
See “Docker Swarm vs. Kubernetes: A Comparison” for a breakdown of the two options.
Kubernetes is an open source container orchestration platform descended from a project developed for internal use at Google. Kubernetes schedules and automates tasks integral to the management of container-based architectures, including container deployment, updates, service discovery, storage provisioning, load balancing, health monitoring, and more.
For a deeper dive on Kubernetes, see out video “Kubernetes Explained”:
Kubernetes Explained (10:59)
The open-source ecosystem of tools for Kubernetes—including Istio and Knative—enables organizations to deploy a high-productivity Platform-as-a-Service (PaaS) for containerized applications and a faster on-ramp to serverless computing.
In October of 2017, Docker announced that it would seamlessly integrate Kubernetes into the Docker Platform. Still, many people erroneously believe that Kubernetes and Docker are opposing technologies. In the video “Kubernetes vs. Docker: It's Not an Either/Or Question,” Sai Vennam goes through the misconceptions around the Kubernetes vs. Docker question and outlines the key advantages of Docker and Kubernetes when used together:
Kubernetes vs. Docker It's Not an Either Or Question (08:03)
Docker and IBM Cloud
Docker, Inc. and IBM Cloud have partnered to introduce an edition of Docker Enterprise that’s purpose-built to run on IBM Cloud. This Container-as-a-Service platform helps enterprises manage and secure their diverse applications across today’s complex IT infrastructures. It provides an unmanaged native Docker environment within IBM Cloud, giving access to all Docker platform basic and advanced tier features as well as IBM Cloud’s full catalog of services.
In addition, Docker containers are fully supported within the IBM Cloud Kubernetes Service, which offers a fully managed version of the popular container orchestration solution. The IBM Cloud Kubernetes Service enables DevOps practices to build greater speed and efficiency into their pipelines, can bind to advanced offerings like blockchain and Watson, and makes working with Docker containers easy, even at scale.
To learn more about building with containers on IBM Cloud, sign up for a free IBM Cloud account today.