What is Docker?

‹ AWS Groups vs Roles vs Policies | Thrift vs Protocol Buffers vs Avro in Python ›

Docker is a long-lived daemon process with a thin CLI client which makes it easy to clone() new processes with their own PID namespaces, network interfaces, root filesystem, mounts, and hostname.

A docker image contains a filesystem tree (actually an aufs filesystem which allows one image to be implemented as a "layer" on top of another more "base" image).

A Dockerfile is a list of instructions for building a docker image.

A "running" docker container is a process, created with clone() with its own separate:

  • mnt namespace (root directory, mount) based on a docker image
  • PID namespace (the process is PID 1)
  • net namespace (ifconfig, route, iptables)
  • IPC namespace
  • hostname

A docker container lives on in a "stopped" state even after the process exits. You can start a new process within this container later.

Subscribe to All Posts - Wesley Tanaka