Rahul Vadakkiniyil's Blog
Day 1 Journey into Kubernetes: 40-Day Learning Series of Kubernetes

Day 1 Journey into Kubernetes: 40-Day Learning Series of Kubernetes

Rahul Vadakkiniyil's photo
Rahul Vadakkiniyil
·

7 min read

Table of contents

What is a Container?

A container is a lightweight, standalone, executable package that includes everything needed to run software, such as the code, runtime, system tools, libraries, and settings. Containers allow you to package and isolate applications so they can run consistently across different computing environments, whether on a developer's local machine, on-premises data centers, or in the cloud.

Key Characteristics of Containers:

  • Isolation: Containers isolate applications from one another and the underlying system, ensuring that each container runs in its own environment. This prevents conflicts between applications and makes them highly portable.

  • Lightweight: Unlike virtual machines (VMs), which include a full operating system instance, containers share the host system's kernel and only include the essential components needed to run the application. This makes containers much smaller in size and faster to start up.

  • Portability: Because containers encapsulate all dependencies, they can run consistently in any environment that supports containers, whether it's a developer's laptop, a testing environment, or a production server.

  • Efficiency: Containers use system resources more efficiently than traditional VMs because they share the operating system kernel and don’t require the overhead of managing a full OS for each application.

What is Docker?

Docker is an open-source platform that automates the deployment, scaling, and management of applications using containerization. Docker makes it easy to create, deploy, and run applications by using containers. It provides developers with a standardized unit of software (the container) that includes everything the software needs to run, such as libraries, system tools, and code.

Key Components of Docker:

  • Docker Engine: The core of the Docker platform, Docker Engine is the runtime that allows you to build, run, and manage containers. It provides the environment for containers to run on your system.

  • Docker Hub: A cloud-based repository where Docker users can create, test, store, and distribute container images. Docker Hub hosts a large collection of official and user-generated container images.

  • Dockerfile: A text file that contains a series of commands for assembling a Docker image. The Dockerfile defines the environment and specifies all the dependencies that your application needs to run.

  • Docker Compose: A tool that allows you to define and run multi-container Docker applications. With Docker Compose, you can describe an application’s services, networks, and volumes in a single file, and then use a single command to start and run your entire stack.

Containers vs. Virtual Machines: A Comparative Analysis

Both containers and virtual machines (VMs) are technologies used to package and run applications in isolated environments. While they share some similarities, they are fundamentally different in how they achieve isolation, manage resources, and ensure efficiency. Understanding these differences is crucial for making informed decisions about which technology to use in specific scenarios.

1. Architecture

  • Virtual Machines (VMs):

    • VMs are built on a hypervisor, which is software that allows multiple operating systems to run on a single physical machine. Each VM includes a full copy of an operating system, along with the application and its dependencies.

    • Components:

      • Host OS: The operating system that runs on the physical hardware.

      • Hypervisor: A layer that manages VMs and allocates resources to them.

      • Guest OS: The operating system within each VM.

      • Applications: Software running on the guest OS.

    • Overhead: VMs are typically heavier because they require full operating systems, making them more resource-intensive and slower to boot.

  • Containers:

    • Containers run on the host operating system and share its kernel. Unlike VMs, containers do not require a full operating system; instead, they package only the application and its dependencies.

    • Components:

      • Host OS: The underlying operating system that runs containers.

      • Container Engine: Software like Docker or Kubernetes that manages containers.

      • Containers: Isolated environments that include the application and its dependencies, but share the host OS kernel.

    • Overhead: Containers are lightweight because they don’t include an entire OS, leading to faster startup times and more efficient resource usage.

2. Performance

  • Virtual Machines:

    • Resource Utilization: VMs are more resource-heavy because each VM runs a complete OS. This can lead to higher CPU, memory, and storage usage.

    • Boot Time: VMs generally take longer to start because of the need to boot an entire operating system.

  • Containers:

    • Resource Utilization: Containers are more efficient because they share the host OS’s kernel. This reduces the overhead and allows for more containers to run on a single host compared to VMs.

    • Boot Time: Containers start almost instantly, as there is no need to boot a separate OS, making them ideal for scenarios requiring rapid scaling.

3. Isolation and Security

  • Virtual Machines:

    • Isolation: VMs provide strong isolation because each VM runs a separate operating system. This makes VMs suitable for scenarios where complete isolation is required.

    • Security: VMs are generally considered more secure in certain contexts because the hypervisor provides a strong boundary between different VMs. However, vulnerabilities in the hypervisor itself can still be a concern.

  • Containers:

    • Isolation: Containers provide process-level isolation using namespaces and control groups (cgroups) in the host OS. While this isolation is sufficient for many use cases, it is not as strong as the isolation provided by VMs.

    • Security: Containers share the host OS kernel, which can be a security risk if a vulnerability is exploited. However, modern container runtimes and orchestrators offer various security features to mitigate these risks.

4. Portability

  • Virtual Machines:

    • VMs are portable across different hypervisors and cloud environments, but they require a compatible hypervisor. The size and complexity of VMs can also make them less portable than containers.

  • Containers:

    • Containers are highly portable because they package all necessary dependencies with the application. They can run consistently across different environments, provided the container runtime (e.g., Docker) is supported.

Docker Workflow

  1. Write Dockerfile: Define the application and its dependencies in a Dockerfile.

  2. Build Image: Create a Docker image from the Dockerfile using the docker build command.

  3. Run Container: Deploy the application by running a container from the Docker image using the docker run command.

  4. Manage Containers: Use Docker commands to manage running containers, scale the application, and update images.

Docker Architecture

Docker's architecture is based on a client-server model. It consists of several components that work together to manage containers effectively.

Docker Architecture diagram

1. Docker Client

  • The Docker client is the primary interface users interact with. It sends commands to the Docker daemon using the Docker API. Common Docker client commands include docker build, docker pull, docker run, and more.

2. Docker Daemon (Docker Engine)

  • The Docker daemon, also known as the Docker Engine, is the heart of Docker. It runs on the host machine and is responsible for:

    • Building Docker images.

    • Running and managing Docker containers.

    • Pulling and pushing images to/from a registry.

    • Networking between containers.

  • The daemon listens for Docker API requests and manages Docker objects like images, containers, networks, and volumes.

3. Docker Images

  • Docker images are read-only templates used to create containers. An image includes everything needed to run an application: code, runtime, libraries, and environment variables.

  • Images are built from a Dockerfile and stored in image registries (e.g., Docker Hub).

4. Docker Containers

  • Containers are the runtime instances of Docker images. They are lightweight, isolated environments that run the application defined in the image.

  • Containers share the host system’s kernel but run in their own isolated user space, ensuring that applications are separated from each other.

5. Docker Registry

  • A Docker registry is a storage and distribution system for Docker images. It allows users to store, share, and manage images.

  • Docker Hub is the default public registry provided by Docker, but you can also set up private registries.

  • The Docker client interacts with the registry to push and pull images.

Docker Commands

  • docker build: Build a Docker image.

  • docker run: Run a container from an image.

  • docker push: Push an image to a Docker registry.

  • docker pull: Pull an image from a Docker registry.

Reference:

Video : https://www.youtube.com/watch?v=ul96dslvVwY&list=PLl4APkPHzsUUOkOv3i62UidrLmSB8DcGC&index=2

KubernetesDevopsDockercontainers