Docker is a platform for developers and sysadmins to build, run, and share applications with containers. It allows developers to package up an application with all the parts it needs in a container, and then ship it out as one package.

Docker in a nutshell makes really easy and really straightforward to install and run a software/program on any given computer.

It is a computer program that performs operating-system-level virtualization, also known as "containerization".

Also it is an engine which is providing the execution environment to the containers.

Docker is more lightweight and fast than VM (Virtual machines) and boots up in seconds. Virtual machines include the application, necessary binaries and libraries, and an entire guest operating system - all of which can amount to tons of GBs.

• Docker Tutorial in Hindi
• Docker for beginners
• Docker blog

---

Docker uses a client-server architecture.

The client approaches the Docker daemon that further helps in building, running, and distributing Docker containers.

The Docker client and daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate using a REST API, over UNIX sockets or a network interface.

• The Docker client (docker) is the primary way that many Docker users interact with Docker.
• It uses command-line utility or other tools that use Docker API to communicate with the Docker daemon.

In Docker host, we have Docker daemon and Docker objects such as containers and images.

• Docker Image

  • A Docker image is a ready-to-run software package, containing everything needed to run an application: the code and any runtime it requires, application and system libraries, default values for any essential settings, and a very specific start up command as well.
  • An image is created with a single file containing all required configuration. It is a type of recipe/template that can be used for creating Docker containers.
  • Often, an image is based on another image, with some additional customization.
  • When you run docker pull cli command it reaches out to "docker-hub" and it downloads a single file called an image onto your local machine. This is a single file that gets stored on your hard drive as "Image Cache" and at some point in time you can use this image to create a container.

• Docker Container

  • A type of virtual machine created from the instructions found within the Docker image.
  • It is a running instance of a Docker image that consists of the entire package required to run an application. You can create, start, stop, move, or delete a container using the Docker API or CLI.
  • It is an isolated running process along with a subset of physical resources on your computer that are allocated to that process specifically. Basically, a container is an isolated place where an application can run without affecting the rest of the system and without the system affecting the application.
  • When you are running docker on your machine every single container is run inside of a virtual machine running Linux. So these processes are really being executed inside of a Linux world.
  • Docker containers are not tied to any specific infrastructure: they run on any computer, on any infrastructure, and in any cloud.
  • By design, a container is immutable: you cannot change the code of a container that is already running. If you have a containerized application and want to make changes, you need to build a new image that includes the change, then recreate the container to start from the updated image.

• Docker daemon (Docker server)

  • It is a service that runs on your host operating system. It is responsible for creating images, downloading images, running containers etc.
  • The Docker daemon (dockerd) listens requests for Docker API and manages Docker objects such as images, containers, networks, and volumes.

• Docker registry is a repository for Docker images which is used for creating Docker containers.
• Docker Hub is a public registry that stores Docker images which anyone can use, and Docker is configured to look for images on Docker Hub by default.
• When you use the docker pull or docker run commands, the required images are pulled from the Docker registry. When you use the docker push command, your image is pushed to your configured registry

• Docker takes advantage of several features of the Linux kernel to deliver its functionality.
• Kernel is a running software process that governs access between all the programs that are running on your computer and all the physical hardware that is connected to your computer as well. So the kernel is always kind of this intermediate layer that governs access between these programs in your actual hard-drive. The other important thing to understand here is that these running programs interact with the kernel through things called system calls.
• Docker uses two technology called namespaces and cgroups. These two features put together is used to isolate a single process and limit the amount of resources it can talk to and the amount of bandwidth essentially that it can make use of.

• Namespaces

  • Docker uses a technology called namespaces to provide the isolated workspace called the container.
  • Namespacing allows to isolate resources per a process (or a group of processes).

• Control groups

  • Docker uses a technology called cgroups to limit an application to a specific set of resources.
  • Control groups allow Docker Engine to share available hardware resources to containers and optionally enforce limits and constraints.