The Docker containerization system utilizes a form of operating system (OS) virtualization to assemble components of a distributed application platform that can run on standard Linux OSes.
In software, a platform is any assembly of components that collectively support the deployment of software, usually through hosting. An OS is a platform in that regard, and so is a cloud-based system that hosts distributed applications. The Docker platform enables virtualization of workloads, as opposed to virtualization of OS that support workloads, in a very portable fashion, enabling distributed applications to span the boundaries of servers.
The core of the Docker platform is Docker Engine, which is a runtime system whose in-host daemon executes the contents of Docker containers. Docker Engine performs the role that a hypervisor would perform in a traditional virtual machine environment such as vSphere, although Docker Engine is not a hypervisor in that it is designed to work in conjunction with the OS.
A developer or DevOps professional communicates with Docker Engine through the Docker Client, which may be run on the same computer as Docker Engine (in the case of a development environment) or through a remote shell.
Any recent editions of Linux, Windows, or Mac OS-based computers can be made to facilitate containerized workloads by running Docker Machine. In the same sense that Oracle’s VirtualBox is a front-end for running virtual disk images on most any computer, Docker Machine can run containers on most any computer.
Docker achieves a standardized packaging system for containerized workloads through an automated deployment server mechanism called Docker Registry. Any server platform or cloud infrastructure can host Docker Registry, and the addition of an encryption component called Content Trust enables this scheme to become upgraded to Docker Trusted Registry. The main public registry for Docker containers, operated by Docker Inc., is Docker Hub. Here, ready-to-run open source workloads are made publicly available through containers that can be pulled, composed, and run from Docker Engine. Engine and Hub were the original two components of the first Docker platform [see Figure 1].
Scheduling and Orchestration
The first iteration of the Docker platform to enable microservices— applications whose functions are kept in individual containers, which communicate with one another via port-mapped DNS addresses — added a component called Docker Compose. The act of organizing multiple containers in a concerted, scheduled, maintained fashion is called orchestration, and Docker Compose is the platform’s first, and most basic, orchestrator. Compose enables multiple workloads to be hosted simultaneously through a single Docker Engine.
One of Docker Inc.’s fundamental principles is to treat platform components as “batteries included, but replaceable.” Basic orchestration on the Docker platform is achieved through a combination of Docker Compose to assemble workloads, and Docker Swarm to schedule and deploy them. On server networks, Docker Swarm can also gather server-based resources together, so that container workloads can be hosted across server boundaries. Both Compose and Swarm are command-line tools, and both can be run along with Docker Machine on any PC.
Swarm enables clusters of containers to share workloads with one another, although they communicate by means of IP address port mapping over a local subnet, where each container has a designated port address. In March 2015, Docker Inc. acquired SDN startup SocketPlane, giving platform users a more flexible networking alternative that utilizes true IPv4 addresses, by means of a network overlay.
Deployers of Docker containerization are free to utilize an alternate orchestrator instead, and there are some excellent choices: Kubernetes, Mesosphere, and Marathon among them. In October 2015, Docker Inc. acquired the Tutum container deployment platform, which may also serve as an alternate orchestrator. Still, the basic components of the Docker Platform are both free and open-source, enabling any and all developers to not only partake but contribute.
With version 1.7, Docker added the ability for third-party contributors to add plug-ins to the Docker platform, extending its usefulness for a variety of common and special use cases. One of the first such plug-ins, and arguably the most popular in the early years of Docker, has been ClusterHQ’s Flocker system. Flocker enables containers to serve as data volumes, and maintains stateful links between applications and their data even when application containers fail, or are discontinued and restarted. This enables a kind of live migration, where workloads can be transferred between servers without damaging or otherwise impacting work in progress.