Smart Learning/Kubernetes Learning Journey/Docker

Docker Architecture

!Docker Architecture

TrackKubernetes Learning Journey
Current SectionDocker
Progress3 of 271

Docker Architecture

Docker Architecture

Docker Architecture

Docker follows a client-server architecture that consists of different components working together to manage containers efficiently. Below is an in-depth breakdown of Docker's architecture.

Key Components of Docker Architecture

Docker is built on three main components:

1. Docker Client

  • The command-line interface (CLI) or graphical interface that users interact with.
  • Sends commands (docker run, docker ps) to the Docker daemon.
  • Can communicate with a local or remote daemon.

2.Docker Daemon (dockerd)

  • The core component that runs in the background, managing containers, images, networks, and volumes.
  • Listens for Docker API requests from the Docker Client.
  • Interacts with the OS kernel to create and manage containers.

3. Docker Objects (Images, Containers, Networks, Volumes)

Docker works with different objects:

  • Images

    • Description: Read-only templates that contain the application and dependencies (e.g., nginx:latest)

  • Containers

    • Description: Running instances of images (lightweight, isolated environments)

  • Networks

    • Description: Virtual networks that connect containers

  • Volumes

    • Description: Persistent storage for containers

Communication Flow

  1. The Docker Client sends a request (docker run nginx) to the Docker Daemon.
  2. The Docker Daemon pulls the image from Docker Hub (if not already available).
  3. The Container Runtime (containerd) starts the container using Linux namespaces and cgroups.
  4. Docker assigns networking and storage to the container.
  5. The container runs until it’s stopped or removed.

Key Subsystems of Docker

Docker relies on several Linux kernel features for containerization:

  • Namespaces

    • Description: Isolate processes, networks, filesystems for containers.

  • Cgroups

    • Description: Control CPU, memory, and disk usage per container.

  • UnionFS

    • Description: Layered file system (AUFS, OverlayFS, Btrfs) for efficient image storage.

  • Container Runtime

    • Description: containerd and runc manage low-level container execution.

Docker Execution Flow

Step 1: Running a Container

docker run -d -p 8080:80 nginx

Step 2: Execution Process

  1. Client → Daemon Communication
    • The CLI sends a request to dockerd.
  2. Image Management
    • If nginx is not available, Docker pulls it from Docker Hub.
  3. Container Creation
    • Docker daemon creates a new container with its own namespaces.
  4. Networking Setup
    • The container is assigned an IP address (docker network ls).
  5. Execution
    • The container runs in an isolated environment.
  6. Monitoring
    • Use docker ps to check running containers.

Container Runtimes

Docker supports different container runtimes to execute containers:

  • containerd

    • Description: Default runtime for Docker, manages lifecycle operations.

  • runc

    • Description: Low-level OCI-compliant runtime for running containers.

  • CRI-O

    • Description: Lightweight runtime optimized for Kubernetes.

Storage in Docker

Docker uses different storage drivers for images and volumes:

1 Image Storage (UnionFS)

  • Uses layered filesystems for efficient storage.
  • Common storage drivers:
    • overlay2 (default for Linux)
    • aufs (deprecated)
    • btrfs
    • zfs

2 Persistent Storage (Volumes & Bind Mounts)

  • Volumes (Managed by Docker, stored under /var/lib/docker/volumes/)
  • Bind Mounts (Directly maps host directory to container)

Networking in Docker

Docker provides multiple networking options:

  • Bridge

    • Description: Default network, allows communication between containers.

  • Host

    • Description: Shares the host’s networking stack.

  • Overlay

    • Description: Used in Docker Swarm for multi-host networking.

  • Macvlan

    • Description: Assigns a unique MAC address to the container.

Example: Listing Networks

docker network ls

Orchestration & Scaling

Docker supports container orchestration for managing multiple containers:

  • Docker Swarm

    • Description: Built-in clustering and load balancing.

  • Kubernetes

    • Description: Advanced container orchestration platform.

Example: Running Docker Swarm

docker swarm init
docker service create --name web -p 80:80 nginx

Docker vs Virtual Machines (VMs)

  • Speed

    • Docker Containers: Lightweight, starts in seconds
    • Virtual Machines (VMs): Heavy, takes minutes

  • Isolation

    • Docker Containers: Shares OS kernel
    • Virtual Machines (VMs): Full OS per VM

  • Resource Usage

    • Docker Containers: Low (uses host OS)
    • Virtual Machines (VMs): High (requires full OS per VM)

  • Portability

    • Docker Containers: High (runs anywhere)
    • Virtual Machines (VMs): Limited to OS/hypervisor
Previous TopicDocker best practices
Next TopicDocker Containers and Namespaces