A container image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings. Available for both Linux and Windows based apps, containerized software will always run the same, regardless of the environment. Containers isolate software from its surroundings, for example differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure.
Docker containers running on a single machine share that machine's operating system kernel; they start instantly and use less compute and RAM. Images are constructed from filesystem layers and share common files. This minimizes disk usage and image downloads are much faster.
Docker containers are based on open standards and run on all major Linux distributions, Microsoft Windows, and on any infrastructure including VMs, bare-metal and in the cloud.
Docker containers isolate applications from one another and from the underlying infrastructure. Docker provides the strongest default isolation to limit app issues to a single container instead of the entire machine.
Containers and virtual machines have similar resource isolation and allocation benefits, but function differently because containers virtualize the operating system instead of hardware, containers are more portable and efficient.
Containers are an abstraction at the app layer that packages code and dependencies together. Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space. Containers take up less space than VMs (container images are typically tens of MBs in size), and start almost instantly.
Virtual machines (VMs) are an abstraction of physical hardware turning one server into many servers. The hypervisor allows multiple VMs to run on a single machine. Each VM includes a full copy of an operating system, one or more apps, necessary binaries and libraries - taking up tens of GBs. VMs can also be slow to boot.
Learn more about the architecture of containers, VMs, their similarities, differences and considerations for use in the eBook: Docker for the Virtualization Admin.Download E book
Containers and VMs used together provide a great deal of flexibility in deploying and managing apps.
The launch of Docker in 2013 jump started a revolution in app development - by bringing software containers to the masses. In just a few years, Docker has transformed the industry with a new lexicon, framework and standards in app development, packaging and management.
Starting with the pivot of dotCloud and turning an piece of dotCloud into a better Linux container technology - one that is portable, flexible, and easy to deploy. Docker open sourced the libcontainer and partnered with a worldwide community of contributors to further its development. By June 2015, just a couple short years later, Docker donated the specification and runtime code now known as runC, to the Open Container Initiative (OCI) to help establish standardization as the container ecosystem grows and matures.
Following this evolution, Docker continues to give back with the containerd project. Containerd is the core container runtime of the Docker engine daemon, an industry-standard container runtime with an emphasis on simplicity, robustness and portability, designed as an embeddable component for higher level systems. Docker engine is built on runC and containerd. This collaborative project enables portability for developers, container standardization through the OCI, a growing ecosystem of tools, and a free marketplace of images - pre-made apps that the community can share and build on.
containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for both Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision, low-level storage and network attachments.Learn More About containerd Docker Open Source