To understand the docker concept better, we need some prior knowledge of the virtualization concept. Read WHAT IS VIRTUALIZATION..?
Even this post will try to explain both the concepts.
Read the story to understand the concept behind docker:-
Once upon a time, there was a guy named 'Baya' who lived somewhere in Germany. One day he thought to run a process/program for his user-level application stuff. So he placed the process in a computer and executed it. Everything went fine. But one day the process got stuck without any reason (God knows) and it crashed. And the whole system went down with that process.
Then he decided to place an inner computer inside the main computer (Virtualization) to execute the process. If anything goes wrong with the process then it won't affect the outer computer. And it worked. The requirement of processes increased over time and he created multiple inner computers inside that system and placed multiple processes to run. Resources were getting low with increasing inner computers. At a point of time, the outer system went down because of insufficient resources. And everything got stuck.
 |
| Virtualization Vs. Containerization |
And here the Linux namespace plays a great role to overcome this situation. The namespace is a feature of Linux kernel which partitions kernel resources such that each set of processes can see a different set of resources. There is no need to create an inner system to virtualize the outer system resources. There are few namespaces:-
Mount(mnt):- It isolates file access to a given directory. The process running in this namespace can see the files that are allowed to see.
Process Id(PID):- It limits the other process that can be seen by the running process.
Network(net):- It limits the network interfaces for the running process.
Inter-Process-Communication(IPC):- It prevents processes to establish a range of shared memory between multiple processes.
UNIX Timesharing System(UTS):- It isolates the hostname and domain. It allows a single system to appear to have different hostname and domain to different processes.
User Id(UID):- It separates the user id from other user ids. Be root in the container but not on the host.
The process which isolates any process running inside it is called Container. Docker is a solution that manages all containers. And finally, Mr. Baya found a solution to his problem.
How it works?
Docker works in a similar way that defines a namespace for each process and runs that process under its namespace. If any process got crashed, it dead inside the container which won't affect other containers and the outside world.
How to make it work?
To run a program inside a container, you need to install the Docker binary from its repository. And that's it. Now you can run any process/program using docker by this command:-
docker run <program name>
If the program name is not available locally, it searches the program in the docker repository and pulls the image to local, then runs the program.
Watch this video to install docker binary and manage containers
Images:- Docker creates a file type of the running program is called images. There are lots of images available in the Docker repository. It can be easily transferable to anyone. This is one of the reasons to make the Docker popular.
Docker file:- It is used to build a docker image (like Makefile). Suppose you have your own written program (helloworld.py) that you want to run inside a docker container, then you need to make this program file into a docker image which will be possible using docker file.
