- Docker - Home
- Docker - Overview
- Docker - Installing on Linux
- Docker - Installation
- Docker - Hub
- Docker - Images
- Docker - Containers
- Docker - Registries
- Docker - Compose
- Docker - Working With Containers
- Docker - Architecture
- Docker - Layers
- Docker - Container & Hosts
- Docker - Configuration
- Docker - Containers & Shells
- Docker - Dockerfile
- Docker - Building Files
- Docker - Public Repositories
- Docker - Managing Ports
- Docker - Web Server
- Docker - Commands
- Docker - Container Linking
- Docker - Data Storage
- Docker - Volumes
- Docker - Networking
- Docker - Security
- Docker - Toolbox
- Docker - Cloud
- Docker - Build Cloud
- Docker - Logging
- Docker - Continuous Integration
- Docker - Kubernetes Architecture
- Docker - Working of Kubernetes
- Docker - Generative AI
- Docker - Hosting
- Docker - Best Practices
- Docker - Setting Node.js
- Docker - Setting MongoDB
- Docker - Setting NGINX
- Docker - Setting ASP.Net
- Docker - Setting MySQL
- Docker - Setting Go
- Docker - Setting Rust
- Docker - Setting Apache
- Docker - Setting MariaDB
- Docker - Setting Jupyter
- Docker - Setting Portainer
- Docker - Setting Rstudio
- Docker - Setting Plex
- Docker Setting - Flame
- Docker Setting - PostgreSql
- Docker Setting - Mosquitto
- Docker Setting - Grafana
- Docker Setting - Nextcloud
- Docker Setting - Pawns
- Docker Setting - Ubuntu
- Docker Setting - RabbitMQ
- Docker - Setting Python
- Docker - Setting Java
- Docker - Setting Redis
- Docker - Setting Alpine
- Docker - Setting BusyBox
- Docker Setting - Traefik
- Docker Setting - WordPress
- Docker Useful Resources
- Docker - Quick Guide
- Docker - Useful Resources
- Docker - Discussion
Docker - Container & Hosts
Docker containers are lightweight, portable, self-sufficient units that pack the software and everything required to run it: code, runtime libraries, and settings. They work consistently in different environments; hence, one can guarantee that the software works the same way across non-prod and production environments.
On the other hand, a Docker host is a machine on which the Docker Engine is installed and runs. These might be physical servers, virtual machines, or even cloud-based instances.
In this chapter, lets understand in detail how Docker containers are different from Docker hosts.
What are Docker Containers?
Docker containers are lightweight, portable units of software packaging, which include not only the application code but also the runtime and libraries together with other settings needed for running and executing everywhere the same. They work as independent processes on any host operating system. Each container has to share the OS kernel but does have distinct environments from the rest.
This allows resources to be utilized effectively. Because of this isolation, different versions of software and their dependencies do not interfere with each other; hence, containers are pretty suitable for development, testing, and deployment. Docker containers enable easy integration and continuous deployment, which facilitates quick and reliable application delivery.
What are Docker Hosts?
A Docker host is a physical or virtual machine onto which the Docker Engine is installed; it creates an environment that runs Docker containers. It provides access to CPU, memory, storage, and networking, which containers utilize and run as an independent process to allow them to share the same OS kernel of the host.
It separates containers and manages resources, thus supporting the running of several containers efficiently and securely. Docker hosts help an organization manage, scale, and deploy containerized applications flexibly and with control across diverse environments.
Difference between Docker Containers and Hosts
Docker provides a powerful platform for the development, shipping, and running of applications inside containers. Although Docker container and Docker host are two significant ecosystem elements, they have quite different roles.
The following table highlights the major differences between Docker Containers and Docker Hosts −
| Feature | Docker Containers | Docker Hosts |
|---|---|---|
| Purpose |
Objects that are lightweight, portable, and self-contained; they consist of an application and all its dependencies. This means the software runs consistently across different environments. |
A physical or virtual machine that provides the Docker container with an essential environment by running a Docker Engine, known for offering fundamental resources such as a CPU, RAM, and storage space. |
| Operation | Run as an independent process on the host OS. All of them will run on the same kernel but have their independent environments. | Run multiple containers, managing resource allocation and isolation between them. |
| Resource Management | Share the underlying OS kernel with the host and use its resources efficiently, without all of the overhead of an entire OS instance. | Share available system resources between many containers and balance them efficiently. |
| Isolation | Provide isolation at the application level, ensuring that different applications and their dependencies don't interfere with each other. | Provide a secure environment where containers run, using the host OS to hold the isolation and control. |
| Deployment | Because of their 'lightweight' nature, they can be easily relocated across different Docker hosts and, therefore, portable and scalable across various environments - from development to production. | This is the base layer where containers are deployed, it provides the infrastructure necessary for the operation and orchestration of containers. |
How does Docker Containers and Hosts Interact with Each Other?
The interaction between Docker containers and hosts is a multi-dimensional activity that the Docker Engine orchestrates in creating, managing, and running containerized applications seamlessly. Now, let's dive into the details of this concept.
Image Management
Image Pulling − When a user requests to run a container from an image not locally available, the Docker Engine communicates with a container registry, like Docker Hub, to download the image. The image serves as a blueprint of the container.
Image Storage − Structured storage of the downloaded images then takes place on the host's filesystem, allowing Docker Engine to harvest and further utilize them effectively.
Building Images (Optional) − If you were to create a custom image, you would write a Dockerfile that describes how to build the image. This file would be processed by the Docker Engine, and executing every instruction will create an image one layer at a time.
Container Isolation and Creation
Namespace Isolation − The Docker engine uses kernel namespaces to provide an isolated view of the operating system per container. This means each has different process IDs, network interfaces, mount points, and so on; thus, one container won't mess with another or the host.
Control groups (cgroups) − cgroups are used to limit and manage the amount of resources a container can use, thus assuring resource fairness among containers and avoiding the problem of one container consuming all of the resources.
Union mount file systems − Docker itself uses a union mount file system, thereby giving an effective solution to handling layers in containers. This allows multiple containers to share common image layers while maintaining their writable layers for data persistence.
Networking
Bridge Networks − By default, Docker Engine establishes a virtual bridge network on the host - for example, docker0, and adds containers to this bridged network to communicate with one another and outside of them.
Port Mapping − You can also expose ports on a container and map them to ports on the host. In this way, services within that very container will then be accessible either from a host's network or from the internet.
Custom Networks − Docker supports network drivers like bridge, overlay, and macvlan to create custom topologies with particular isolation needs.
Storage
Volumes − Volumes are persistent storage that are independent of containers. They allow data to be shared between containers and persist after a container has been stopped or removed.
Bind Mounts − This is a way through which files and directories can be shared between the host and containers. It provides a high level of flexibility in storing but loses isolation.
Runtime Management
Run/Stop Containers − Docker Engine runs all the various stages of a container's lifecycle, like start, stop, restart, and pause, depending on needs. You can monitor container resource usage for things like CPU and memory, see logs for debugging purposes, and otherwise understand how your application behaves.
Security − The Docker engine enforces security measures to isolate containers, allowing them limited Access to host resources. Several flags and options are available, too, for management abilities and safety profiles for containers.
Commands to Interact with Docker Containers and Hosts
Here, we will highlight a few commands that can be used to interact with Docker Containers and Hosts −
Docker Run
The "docker run" command launches a new container from a specified image. You can customize the container's behavior using several options −
- -d (detach) − Runs the container in the background.
- -p (publish) − Maps ports between the container and the host.
- -v (volume) − Mounts volumes for data persistence.
- --name − Assigns a custom name to the container.
Example
$ docker run -d -p 80:80 nginx
It starts a detached Nginx web server container with port 80 exposed.
docker ps
The "docker ps" command lists all the running containers on your host. You can use it to monitor the status of your containers and get valuable information such as their names, IDs, or exposed ports.
Example
$ docker ps -a
It lists all containers (running and stopped).
docker exec
The "docker exec" command lets you execute commands inside a running container. It's like SSHing into a remote machine.
Example
$ docker exec -it my-container bash
It starts an interactive Bash shell inside the container named "my-container."
How do I access a service running inside a Docker container from my host machine?
The most common way of exposing a service within a Docker container is to map the container's port to a host machine port. You can use the -p or --publish option while running the container.
For example, docker run -p 8080:80 my-web-server would expose the web server running at port 80 inside the container on your local port 8080. Also, when your host is running Docker Desktop, you can use the particular DNS name "host.docker.internal" to reach the services on your host from inside your container.
Conclusion
In this chapter, we have discussed the ins and outs of Docker Containers and hosts. We have understood the essence of both, how they interact with each other, the fundamental differences between them, and the various commands that can be used to interact with Docker Containers as well as Hosts.