🐳Docker Architecture thread.
Docker uses a client-server architecture.
The Docker client talks to the Docker daemon (server), which menages different Docker objects:
- images
- containers
- networks
- volumes
Images (not containers) can be stored in Registries.
/thread
Docker uses a client-server architecture.
The Docker client talks to the Docker daemon (server), which menages different Docker objects:
- images
- containers
- networks
- volumes
Images (not containers) can be stored in Registries.
/thread
The Docker client and the daemon can run on the same system, or they can be connected remotely using HTTP protocol.
The connection is established using REST APIs, over UNIX sockets/network interfaces.
The connection is established using REST APIs, over UNIX sockets/network interfaces.
DOCKER DAEMON (SERVER)
The Docker daemon (dockerd) is a process, which runs in the background, that manages the docker objects (images, containers, networks, volumes).
It processes Docker API requests.
The Docker daemon (dockerd) is a process, which runs in the background, that manages the docker objects (images, containers, networks, volumes).
It processes Docker API requests.
DOCKER CLIENT
The main way of interacting with Docker.
When you use commands such as docker run, the client sends these commands to dockerd, which carries them out.
The docker command uses the Docker API.
One client can communicate with multiple daemons.
The main way of interacting with Docker.
When you use commands such as docker run, the client sends these commands to dockerd, which carries them out.
The docker command uses the Docker API.
One client can communicate with multiple daemons.
DOCKER IMAGES
Read-only binary templates that contain instructions and metadata for creating Docker containers.
You can use existing images, or create your custom one, starting from an existing one, or even from scratch.
Read-only binary templates that contain instructions and metadata for creating Docker containers.
You can use existing images, or create your custom one, starting from an existing one, or even from scratch.
Images can be created by defining a Dockerfile, which is a text file that contains commands used to create the image, one layer per instruction.
Docker uses a system of caching so a new layer is built only if it is changed.
It’s super effective!
Docker uses a system of caching so a new layer is built only if it is changed.
It’s super effective!
CONTAINERS
Runnable instances of an image.
Multiple containers can be instantiated from the same Image.
They can be created/started/stopped/deleted using the Docker API/CLI, and are isolated from other containers and the host machine using namespaces (Linux feature).
Runnable instances of an image.
Multiple containers can be instantiated from the same Image.
They can be created/started/stopped/deleted using the Docker API/CLI, and are isolated from other containers and the host machine using namespaces (Linux feature).
Containers can be attached to networks, or be connected with storage. This is important because they are ephemerals, so when they are removed, each state not stored is lost
NETWORKS
Containers can be connected to each other or to non-Docker services, using networks/drivers.
5 types of Networks:
- BRIDGE: allows containers connected to communicate, and it provides isolation from containers that are not connected to that bridge network.
Containers can be connected to each other or to non-Docker services, using networks/drivers.
5 types of Networks:
- BRIDGE: allows containers connected to communicate, and it provides isolation from containers that are not connected to that bridge network.
- HOST: removes network isolation between the container and Host
- OVERLAY: connects Docker daemons. Enables swarm services
- MACVLAN: Assigns a MAC address, used by the Docker daemon to access it. Useful for legacy applications.
- NONE: Disable networking.
- OVERLAY: connects Docker daemons. Enables swarm services
- MACVLAN: Assigns a MAC address, used by the Docker daemon to access it. Useful for legacy applications.
- NONE: Disable networking.
STORAGE:
Without persistent storage, containers are (almost) useless: all data is lost after removal
4 ways of persisting data:
- Data Volumes: Persistent storage on the host file system, with the ability to rename/list volumes, and list the container associated.
Without persistent storage, containers are (almost) useless: all data is lost after removal
4 ways of persisting data:
- Data Volumes: Persistent storage on the host file system, with the ability to rename/list volumes, and list the container associated.
- Volume Container: A container hosts a volume, mounting it for other containers. It's shareable between containers.
- Directory Mounts: Use a directory on the Host.
- Storage Plugins: Connect to external storage, mapping storage from the host to an external source.
- Directory Mounts: Use a directory on the Host.
- Storage Plugins: Connect to external storage, mapping storage from the host to an external source.
REGISTRY
A registry is a storage to hold, push and pull images of different versions, in a similar way like GitHub does for repositories
You can use an existing one, like Docker Hub or Amazon ECR, or host a private one if you need more security or for policy reasons
A registry is a storage to hold, push and pull images of different versions, in a similar way like GitHub does for repositories
You can use an existing one, like Docker Hub or Amazon ECR, or host a private one if you need more security or for policy reasons
Was this thread useful? share the first Tweet and follow @FrancescoCiull4
https://twitter.com/FrancescoCiull4/status/1475497709083758593
• • •
Missing some Tweet in this thread? You can try to
force a refresh
