Docker – Basics

Docker is the container runtime and orchestration engine.

  • Enterprise Edition (EE) and Community Edition (CE)
  • Moby is the Open Source project of Docker — Moby consists of modular components.

When to use Docker

  • Simplifying Configuration – Put the configuration and environment settings in the code
  • Application Isolation
  • Server Consolidation
  • Dev/Production environment are the same
  • Debugging – Bugs in production can be replicated in Development easily

Docker Architecture

Docker is a client-server architecture.

  • Clients communicate with the Docker daemon (server) using REST APIS through UNIX sockets or Network Interfaces.
  • Docker daemon (dockerd) handles building, running, and distribute containers.
    • dockerd manages the following docker objects: Images, Containers, Networks, and Volumes.
  • Docker client (Docker) sends the user commands to dockerd.
  • Docker Registries store docker images.
    • Private Registry
    • Public Registry such as DockerHub

Docker Images

Docker image is a read-only template and contains instructions for creating a Docker container.

  • An Image can be based on other images – multiple layers -.
    • Each layer represents an instruction in the image’s Dockerfile.
    • Each layer is read-only, except the last one.
    • Each layer has only a set of differences from the layer before it.
    • Containers add new writable layers on top of the underlying layers.

Docker Containers

A container is a runnable instance of an image.

  • Containers can connect to networks and can attach persistent storages.
  • A new image can be created based on the container’s current state.
  • Containers are isolated from other containers and the host machine.
  • All changes are stored in the writable layer, and the writable layer is deleted when the container is deleted. The image remains unchanged.


  • Services can scale containers across multiple Docker daemons.
  • Services define and manage the desired state.
  • Service is load-balanced.

Docker Swarm

  • Multiple Docker daemons (Master and Workers) are working together.
  • The daemons all communicate using the Docker API
  • Supported in Docker 1.12 and higher

Docker Engine

Docker engine is base on open-standards by the Open Container Initiative (OCI) and modular in design.

  • Initial Release of Docker: Docker daemon + LXC (Lightweight Linux container)
  • LXC was replaced with libcontainer

Docker became more modular:

  • runc
    • Implementation of the OCI container-runtime-spec
    • CLI wrapper for libcontainer
    • Responsible to create containers
  • containerd
    • Manages Container lifecycle: start, stop, pause, delete
  • shim
    • Implementation of daemon-less Containers

Container Lifecycle

  • Running
  • Stopped
  • Restarted

Running Containers

docker container run -it --name <NAME> <IMAGE>:<TAG>

Creating a Container

  1. Executing a command using CLI
  2. Docker client uses the appropriate API payload and POSTs to the correct API endpoint
  3. Docker daemon receives requests
  4. Docker daemon calls ‘containerd‘ to start a new container
  5. containerd‘ creates an OCI bundle from the Docker image
  6. containerd‘ instructs ‘runc‘ to create a container using the OCI bundle
  7. ‘runc’ interfaces with the OS kernel to get the constructs needed to create a container (namespaces, cgroups, etc.)
  8. Container process starts as a child process
  9. runc‘ exits once the container starts
  10. Container is running

Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s