Original author(s) | Solomon Hykes |
---|---|
Developer(s) | Docker, Inc. |
Initial release | March 20, 2013 [1] |
Stable release | |
Repository | |
Written in | Go [3] |
Operating system | Linux, Windows, macOS |
Platform | x86-64, ARM, s390x, ppc64le |
Type | OS-level virtualization |
License | Apache-2.0 license |
Website | docker.com |
Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers . [4] The service has both free and premium tiers. The software that hosts the containers is called Docker Engine. [5] It was first released in 2013 and is developed by Docker, Inc. [6]
Docker is a tool that is used to automate the deployment of applications in lightweight containers so that applications can work efficiently in different environments in isolation.
Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels. [7] Because all of the containers share the services of a single operating system kernel, they use fewer resources than virtual machines. [5]
Docker can package an application and its dependencies in a virtual container that can run on any Linux, Windows, or macOS computer. This enables the application to run in a variety of locations, such as on-premises, in public (see decentralized computing, distributed computing, and cloud computing) or private cloud. [9] When running on Linux, Docker uses the resource isolation features of the Linux kernel (such as cgroups and kernel namespaces) and a union-capable file system (such as OverlayFS) [10] to allow containers to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines. [11] Docker on macOS uses a Linux virtual machine to run the containers. [12]
Because Docker containers are lightweight, a single server or virtual machine can run several containers simultaneously. [13] A 2018 analysis found that a typical Docker use case involves running eight containers per host, and that a quarter of analyzed organizations run 18 or more per host. [14] It can also be installed on a single board computer like the Raspberry Pi. [15]
The Linux kernel's support for namespaces mostly [16] isolates an application's view of the operating environment, including process trees, network, user IDs and mounted file systems, while the kernel's cgroups provide resource limiting for memory and CPU. [17] Since version 0.9, Docker includes its own component (called libcontainer) to use virtualization facilities provided directly by the Linux kernel, in addition to using abstracted virtualization interfaces via libvirt, LXC and systemd-nspawn. [18] [8] [9] [19]
Docker implements a high-level API to provide lightweight containers that run processes in isolation. [20]
The Docker software as a service offering consists of three components:
dockerd
, is a persistent process that manages Docker containers and handles container objects. The daemon listens for requests sent via the Docker Engine API. [21] [22] The Docker client program, called docker
, provides a command-line interface (CLI) that allows users to interact with Docker daemons. [21] [23] An illustrative example of a Dockerfile: [27]
ARGCODE_VERSION=latest FROMubuntu:${CODE_VERSION}COPY./examplefile.txt/examplefile.txt ENVMY_ENV_VARIABLE="example_value"RUNapt-getupdate # Mount a directory from the Docker volume# Note: This is usually specified in the 'docker run' command.VOLUME["/myvolume"]# Expose a port (22 for SSH)EXPOSE22
docker-compose
CLI utility allows users to run commands on multiple containers at once; for example, building images, scaling containers, running containers that were stopped, and more. [29] Commands related to image manipulation, or user-interactive options, are not relevant in Docker Compose because they address one container. [30] The docker-compose.yml file is used to define an application's services and includes various configuration options. For example, the build
option defines configuration options such as the Dockerfile path, the command
option allows one to override default Docker commands, and more. [31] The first public beta version of Docker Compose (version 0.0.1) was released on December 21, 2013. [32] The first production-ready version (1.0) was made available on October 16, 2014. [33] docker swarm
CLI [36] utility allows users to run Swarm containers, create discovery tokens, list nodes in the cluster, and more. [37] The docker node
CLI utility allows users to run various commands to manage nodes in a swarm, for example, listing the nodes in a swarm, updating nodes, and removing nodes from the swarm. [38] Docker manages swarms using the Raft consensus algorithm. According to Raft, for an update to be performed, the majority of Swarm nodes need to agree on the update. [39] [40] Docker Inc. was founded by Kamel Founadi, Solomon Hykes, and Sebastien Pahl [42] during the Y Combinator Summer 2010 startup incubator group and launched in 2011. [43] The startup was also one of the 12 startups in Founder's Den first cohort. [44] Hykes started the Docker project in France as an internal project within dotCloud, a platform-as-a-service company. [45]
Docker debuted to the public in Santa Clara at PyCon in 2013. [46] It was released as open-source in March 2013. [20] At the time, it used LXC as its default execution environment. One year later, with the release of version 0.9, Docker replaced LXC with its own component, libcontainer, which was written in the Go programming language. [18] [47]
In 2017, Docker created the Moby project for open research and development. [48]
OS-level virtualization is an operating system (OS) virtualization paradigm in which the kernel allows the existence of multiple isolated user space instances, called containers, zones, virtual private servers (OpenVZ), partitions, virtual environments (VEs), virtual kernels, or jails. Such instances may look like real computers from the point of view of programs running in them. A computer program running on an ordinary operating system can see all resources of that computer. However, programs running inside of a container can only see the container's contents and devices assigned to the container.
The following is a timeline of virtualization development. In computing, virtualization is the use of a computer to simulate another computer. Through virtualization, a host simulates a guest by exposing virtual hardware devices, which may be done through software or by allowing access to a physical device connected to the machine.
libvirt is an open-source API, daemon and management tool for managing platform virtualization. It can be used to manage KVM, Xen, VMware ESXi, QEMU and other virtualization technologies. These APIs are widely used in the orchestration layer of hypervisors in the development of a cloud-based solution.
Linux Containers (LXC) is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a control host using a single Linux kernel.
cgroups is a Linux kernel feature that limits, accounts for, and isolates the resource usage of a collection of processes.
Alpine Linux is a Linux distribution designed to be small, simple, and secure. It uses musl, BusyBox, and OpenRC instead of the more commonly used glibc, GNU Core Utilities, and systemd. This makes Alpine one of few Linux distributions not to be based on the GNU Core Utilities.
OpenNebula is an open source cloud computing platform for managing heterogeneous data center, public cloud and edge computing infrastructure resources. OpenNebula manages on-premises and remote virtual infrastructure to build private, public, or hybrid implementations of Infrastructure as a Service and multi-tenant Kubernetes deployments. The two primary uses of the OpenNebula platform are data center virtualization and cloud deployments based on the KVM hypervisor, LXD/LXC system containers, and AWS Firecracker microVMs. The platform is also capable of offering the cloud infrastructure necessary to operate a cloud on top of existing VMware infrastructure. In early June 2020, OpenNebula announced the release of a new Enterprise Edition for corporate users, along with a Community Edition. OpenNebula CE is free and open-source software, released under the Apache License version 2. OpenNebula CE comes with free access to patch releases containing critical bug fixes but with no access to the regular EE maintenance releases. Upgrades to the latest minor/major version is only available for CE users with non-commercial deployments or with significant open source contributions to the OpenNebula Community. OpenNebula EE is distributed under a closed-source license and requires a commercial Subscription.
QVD is an open-source virtual desktop infrastructure (VDI) product built on Linux. Its main purpose is to provide remote desktops to users.
OpenShift is a family of containerization software products developed by Red Hat. Its flagship product is the OpenShift Container Platform — a hybrid cloud platform as a service built around Linux containers orchestrated and managed by Kubernetes on a foundation of Red Hat Enterprise Linux. The family's other products provide this platform through different environments: OKD serves as the community-driven upstream, Several deployment methods are available including self-managed, cloud native under ROSA, ARO and RHOIC on AWS, Azure, and IBM Cloud respectively, OpenShift Online as software as a service, and OpenShift Dedicated as a managed service.
Google Compute Engine (GCE) is the Infrastructure as a Service (IaaS) component of Google Cloud Platform which is built on the global infrastructure that runs Google's search engine, Gmail, YouTube and other services. Google Compute Engine enables users to launch virtual machines (VMs) on demand. VMs can be launched from the standard images or custom images created by users. GCE users must authenticate based on OAuth 2.0 before launching the VMs. Google Compute Engine can be accessed via the Developer Console, RESTful API or command-line interface (CLI).
SmartOS is a free and open-source SVR4 hypervisor based on the UNIX operating system that combines OpenSolaris technology with bhyve and KVM virtualization. Its core kernel contributes to the illumos project. It features several technologies: Crossbow, DTrace, bhyve, KVM, ZFS, and Zones. Unlike other illumos distributions, SmartOS employs NetBSD pkgsrc package management. SmartOS is designed to be particularly suitable for building clouds and generating appliances. It was originally developed for and by Joyent, who announced in April 2022 that they had sold their business supporting and developing of Triton Datacenter and SmartOS to MNX Solutions. It is open-source and free for anyone to use.
lmctfy is an implementation of an operating system–level virtualization, which is based on the Linux kernel's cgroups functionality.
Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management. Originally designed by Google, the project is now maintained by a worldwide community of contributors, and the trademark is held by the Cloud Native Computing Foundation.
Proxmox Virtual Environment is a hyper-converged infrastructure open-source software. It is a hosted hypervisor that can run operating systems including Linux and Windows on x64 hardware. It is a Debian-based Linux distribution with a modified Ubuntu LTS kernel and allows deployment and management of virtual machines and containers. Two types of virtualization are supported: container-based with LXC, and full virtualization with KVM. It includes a web-based management interface. There is also a mobile application available for controlling PVE environments.
The Open Container Initiative (OCI) is a Linux Foundation project, started in June 2015 by Docker, CoreOS, and the maintainers of appc to design open standards for operating-system-level virtualization. At launch, OCI was focused on Linux containers and subsequent work has extended it to other operating systems.
Windows Subsystem for Linux (WSL) is a feature of Windows that allows developers to run a Linux environment without the need for a separate virtual machine or dual booting. There are two versions of WSL: WSL 1 and WSL 2. WSL 1 was first released on August 2, 2016, and acts as a compatibility layer for running Linux binary executables by implementing Linux system calls on the Windows kernel. It is available on Windows 10, Windows 10 LTSB/LTSC, Windows 11, Windows Server 2016, Windows Server 2019 and Windows Server 2022.
Buddy is a web-based and self-hosted continuous integration and delivery software for Git developers that can be used to build, test, and deploy web sites and applications with code from GitHub, Bitbucket, and GitLab. It employs Docker containers with pre-installed languages and frameworks for builds, alongside DevOps, monitoring and notification actions.
Anbox is a free and open-source compatibility layer that aims to allow mobile applications and mobile games developed for Android to run on Linux distributions. Canonical introduced Anbox Cloud, for running Android applications in a cloud environment.
Container Linux is a discontinued open-source lightweight operating system based on the Linux kernel and designed for providing infrastructure for clustered deployments while focusing on automation, ease of application deployment, security, reliability, and scalability. As an operating system, Container Linux provided only the minimal functionality required for deploying applications inside software containers, together with built-in mechanisms for service discovery and configuration sharing.
Proxmox Backup Server is an open-source backup software project supporting virtual machines, containers, and physical hosts. The Bare-metal server is based on the Debian Linux distribution, with some extended features, such as out-of-the-box ZFS support and Linux kernel 5.4 LTS. Proxmox Backup Server is licensed under the GNU Affero General Public License, version 3.
more "lightweight" real containers (via so called process-isolation), where the containerized processes are running directly on the host system — all processes on the host and in the containers are sharing the same Windows kernel. This is similar to how containers on Linux work.