You're reading from The Ultimate Docker Container Book Build, test, ship, and run containers with Docker and Kubernetes

Product type Paperback

Published in Aug 2023

Publisher Packt

ISBN-13 9781804613986

Length 626 pages

Edition 3rd Edition

Tools

Docker

Concepts

DevOps

Author (1):

Dr. Gabriel N. Schenker

View More author details

Table of Contents (26) Chapters

Preface

1. Part 1:Introduction

2. Chapter 1: What Are Containers and Why Should I Use Them? FREE CHAPTER

3. Chapter 2: Setting Up a Working Environment

4. Part 2:Containerization Fundamentals

5. Chapter 3: Mastering Containers

6. Chapter 4: Creating and Managing Container Images

7. Chapter 5: Data Volumes and Configuration

8. Chapter 6: Debugging Code Running in Containers

9. Chapter 7: Testing Applications Running in Containers

10. Chapter 8: Increasing Productivity with Docker Tips and Tricks

11. Part 3:Orchestration Fundamentals

12. Chapter 9: Learning about Distributed Application Architecture

13. Chapter 10: Using Single-Host Networking

14. Chapter 11: Managing Containers with Docker Compose

15. Chapter 12: Shipping Logs and Monitoring Containers

16. Chapter 13: Introducing Container Orchestration

17. Chapter 14: Introducing Docker Swarm

18. Chapter 15: Deploying and Running a Distributed Application on Docker Swarm

19. Part 4:Docker, Kubernetes, and the Cloud

20. Chapter 16: Introducing Kubernetes

21. Chapter 17: Deploying, Updating, and Securing an Application with Kubernetes

22. Chapter 18: Running a Containerized Application in the Cloud

23. Chapter 19: Monitoring and Troubleshooting an Application Running in Production

24. Index

Why subscribe?

25. Other Books You May Enjoy

Container architecture

Now, let us discuss how a system that can run Docker containers is designed at a high level. The following diagram illustrates what a computer that Docker has been installed on looks like. Note that a computer that has Docker installed on it is often called a Docker host because it can run or host Docker containers:

Figure 1.3 – High-level architecture diagram of Docker Engine

In the preceding diagram, we can see three essential parts:

At the bottom, we have the Linux Operating System
In the middle, we have the Container Runtime
At the top, we have Docker Engine

Containers are only possible because the Linux OS supplies some primitives, such as namespaces, control groups, layer capabilities, and more, all of which are used in a specific way by the container runtime and Docker Engine. Linux kernel namespaces, such as process ID (pid) namespaces or network (net) namespaces, allow Docker to encapsulate or sandbox processes that run inside the container. Control groups make sure that containers do not suffer from noisy-neighbor syndrome, where a single application running in a container can consume most or all the available resources of the whole Docker host. Control groups allow Docker to limit the resources, such as CPU time or the amount of RAM, that each container is allocated. The container runtime on a Docker host consists of containerd and runc. runc is the low-level functionality of the container runtime such as container creation or management, while containerd, which is based on runc, provides higher-level functionality such as image management, networking capabilities, or extensibility via plugins. Both are open source and have been donated by Docker to the CNCF. The container runtime is responsible for the whole life cycle of a container. It pulls a container image (which is the template for a container) from a registry, if necessary, creates a container from that image, initializes and runs the container, and eventually stops and removes the container from the system when asked. Docker Engine provides additional functionality on top of the container runtime, such as network libraries or support for plugins. It also provides a REST interface over which all container operations can be automated. The Docker command-line interface that we will use often in this book is one of the consumers of this REST interface.