What Is Docker Container?
Docker is a lightweight virtualization technology and an open-source app container engine that can easily package apps into portable containers.
Why Do We Need Docker Containers?
Virtual machine (VM) technology reduces the dependency of enterprises on hardware resources. This technology virtualizes a physical device into multiple logical devices, which can run different operating systems. In addition, each application can run independently, without affecting each other. As such, the device's operational efficiency is significantly improved. However, applications can run on VMs only when operating systems are installed, consuming many system resources. In most cases, users only need to run simple applications. VM technology is complex and wastes resources. Furthermore, if applications on a VM need to be migrated, the entire VM needs to be migrated. Enterprises are in urgent need of a lightweight virtualization technology.
Container is a lightweight virtualization technology for creating isolated environments like VM technology. However, unlike VM technology that performs OS-level resource isolation, container technology performs process-level system isolation. As a mainstream tool for creating containers, Docker has been developing rapidly in recent years. It allows developers to encapsulate various applications and application dependency files required by enterprises into Docker images and then install and run the Docker images on any physical devices (Linux or Windows devices). Docker achieves virtualization, decouples applications from underlying devices, and allows applications to be flexibly deployed and migrated between physical devices. This frees O&M engineers from complex environment deployment operations, greatly improves work efficiency, and reduces potential risks during deployment.
Docker containers have the following features:
- Lightweight: Multiple Docker containers running on a host machine can share the operating system kernel of the host machine. Docker containers start quickly and require only a small number of computing and memory resources.
- Open: Docker containers are based on open standards and can run on all mainstream Linux and Microsoft Windows machines as well as any infrastructures including VMs, bare metal servers, and clouds.
- Secure and reliable: Docker not only isolates applications but also decouples applications from underlying infrastructures. Docker provides a high isolation level by default. If an application is faulty, only the container where the application resides is affected. The entire host machine is not affected.
What Are the Differences Between Docker Containers and VMs?
Docker container and VM technologies are implemented in different ways. The following figure shows the logical composition of VMs and Docker containers.
- VM: is a hypervisor-based platform that manages the operating system running on it. Each VM needs to have its own operating system, applications, and necessary dependency files.
- Docker container: uses the Docker engine for resource scheduling and isolation, which improves the resource utilization. This allows more container instances than VMs to run under the same hardware specifications. Each container has its own isolated user space.
Comparison between VMs and Docker containers
Compared with VMs, Docker containers provide a more lightweight virtualization mode and have the following advantages in terms of applications:
- Docker containers can start or stop within seconds, which is faster than VMs.
- Docker containers do not have high requirements on system resources. Thousands of Docker containers can run on the same host machine concurrently.
- Docker containers allow users to obtain and update application images by performing operations similar to Git operations.
- Docker containers can be automatically created and flexibly deployed using Dockerfiles, improving operational efficiency.
- Except for running applications, Docker containers do not consume extra system resources. This ensures application performance and minimizes the system overhead.
The following figure compares Docker containers and VMs.
Comparison between Docker containers and VMs
How Does a Docker Container Work?
Docker consists of the following objects:
- Image: A Docker image is a special file system. In addition to providing the program, registry, resource, and configuration files required for running containers, a Docker image also contains some configuration parameters needed for running. A Docker image does not contain any dynamic data, so the contents in it will not change after it is built. A Docker image can be used to create Docker containers. You can use an existing image on a device to install multiple same Docker containers.
- Container: is a runnable instance of an image. Docker uses containers to run applications. Each container is an isolated and secure platform, and can be considered as a lightweight Linux running environment.
- Image registry: stores Docker images. After creating an image, you can upload it to a public or private registry. To use the image on another host machine, you only need to download it from the registry.
The following figure shows the Docker running logic. Docker uses a client-server architecture. The Docker daemon functions as the server to receive requests from the Docker client, and builds, runs, and distributes Docker containers. The Docker daemon runs on a Docker host machine. You can connect a Docker client to directly exchange information with the Docker daemon.
Docker running logic
The following roles are involved in the Docker architecture:
- Docker client: refers to a client that communicates with the Docker daemon. After a Docker client sends requests (such as the docker build, docker pull, and docker run commands) to a Docker server or daemon, the Docker server or daemon completes the corresponding work and returns the result.
- Dotted line in orange: The Docker daemon executes the docker build command received from the Docker client to build an image based on Dockerfiles and stores the image on the local Docker host machine.
- Dotted line in blue: The Docker daemon executes the docker pull command received from the Docker client to pull images from the image registry on the cloud to the local Docker host machine or push local images to the remote image registry.
- Dotted line in black: The Docker daemon executes the docker run command received from the Docker client to install an image to a container and start the container.
- Docker host machine: refers to a physical or virtual machine that executes Docker daemons and containers.
- Docker daemon: receives and processes requests from Docker clients, listens for Docker API requests, and manages Docker objects such as images, containers, networks, and data volumes.
Based on the open edge computing capability of IoT gateways, Huawei EC-IoT Solution quickly adapts to the intelligent data processing requirements of various industries on an "edge intelligence + cloud-based management" platform. In this manner, this solution implements quick response to key services locally within milliseconds, completes local data aggregation and optimization, and proactively returns high-value data to the cloud.
The EC-IoT gateway is designed based on the concept of "platform-based hardware and application-based service". Terminal functions are defined using application software, enabling users to develop customized apps based on basic service interfaces and flexibly deploy the EC-IoT gateway to quickly adapt to IoT scenarios with complex and ever-changing service requirements. The EC-IoT gateway supports deployment of containers, where users can install service applications. In addition, the gateway provides various eSDK interfaces for containers and applications to invoke resources.
Huawei EC-IoT Solution
- Author： Cui Yunlong
- Updated on： 2021-09-30
- Views： 7926
- Average rating：