Have you been aware of these changes in Docker in the past 6 years?

Docker and container technology are developing with each passing day. This paper attempts to sort out the current Docker ecosystem from a global perspective.

 

Docker has changed a lot since its launch, some of it quite dramatically. For technophiles, we love cool new features and improvements to old ones. However, for consumers in production environments, this kind of frequent change is not really appreciated. Either way, it’s important to clarify the many concepts in the Docker ecosystem and how they relate to each other, as well as the milestones of Docker’s birth so far (2018).

 

A hundred flowers blooming container technology

 

While Docker pushed container technology to the top, container technology didn’t start with Docker. In fact, container technology is not even new, because it has been around for years. Here’s a list of names you may not have heard of, but they are all applications of container technology:

 

• Chroot Jail

• FreeBSD Jails

• Linux VServer

• Solaris Containers

• OpenVZ

• Process Containers

• LXC

• Warden

• LMCTFY

• Docker

• RKT

 

Chroot Jail

 

This is the common use of the Chroot command. It has been around since 1979 and is considered one of the earliest containerization technologies. It can isolate the file system of a process.

 

The FreeBSD Jail

 

The Freebsd Jail implements operating system-level virtualization and is one of the pioneers of operating system-level virtualization technology.

 

Linux VServer

 

A dedicated virtual server implemented using system-level virtualization features added to the Linux kernel.

 

Solaris Containers

 

It is also operating system-level virtualization technology, designed for X86 and SPARC systems. Solaris containers are a combination of system resource control and providing boundary isolation through zones.

 

OpenVZ

 

OpenVZ is an operating system-level virtualization technology in Linux. It allows the creation of multiple securely isolated Linux containers, known as VPS.

 

Process Containers

 

The Process container was developed by Google engineers and is commonly referred to as Cgroups.

 

LXC

 

LXC, also known as Linux Container, is an operating system-level virtualization technology that allows multiple independent systems to run on the host using a single Linux kernel.

 

Warden

 

In the initial stages, Warden used the LXC as a container for runtime. It has since been replaced by CloudFoundy.

 

LMCTFY

 

LMCTY is short for Let me contain that for you. It is an open source version of Google’s container technology stack. Google engineers have been working with Docker’s Libertainer team, abstracting the core concepts of Libertainer and porting them to the project. The project’s progress is uncertain and will probably be replaced by libContainer.

 

Docker

 

Docker is a tool that packages applications and their dependencies into containers that can run on almost any server.

 

RKT

 

RKT, short for Rocket, is an application container engine focused on security and open standards. As we’ve seen, Docker isn’t the first containerization technology, but it’s certainly the best known. Docker was born in 2013 and has achieved rapid development. The following figure shows the components of the current Docker platform:

 

 

 

Docker stands on top of the system infrastructure and provides support for applications. It consists of an industry-standard container runtime component called Containerd, a native orchestration tool called Docker Swarm, and an open source version of Docker Community and Docker Enterprise, which provides commercial management services.

 

Ii. Important concepts related to Docker

 

Docker & LXC

 

The first execution environment for Docker was LXC, but from version 0.9 LXC was replaced by libContainer.

 

Docker & Libcontainer

 

Libcontainer encapsulates the basic functions provided by Linux for Docker, such as Cgroups, Namespaces, NetLink and NetFilter, as shown below:

 

 

2015 – Docker & RunC

 

In 2015, Docker released RunC, a lightweight cross-platform container runtime. This is basically a command-line gadget that allows you to run containers directly using libContainer instead of using Docker Engine. The goal of RunC is to make standard containers available anywhere.

 

Docker & OCI

 

OCI (The Open Containers Initiative) is a lightweight Open management architecture established in 2015 by Docker, CoreOS and other leading vendors in The container industry. It maintains projects such as RunC, as well as container runtime specifications and mirroring specifications. OCI aims to set standards around the container industry, such that containers created using Docker can run on any other container engine.

 

2016-Docker & Containerd

 

In 2016, Docker split Containerd and donated it to the community. Splitting this component into a separate project causes Docker to move container-management functions out of Docker’s core engine and into a separate daemon (Containerd).

 

Docker Components

 

After Containerd is disassembled, the relationship between Docker components is shown as follows:

 

 

Docker has evolved from a single piece of software to a set of components and projects that are independent of each other.

 

How does Docker run a container?

 

• Docker engine creates container images;

• Pass the container image to Containerd;

• Containerd calls containerd-shim;

• Containerd-shim uses RunC to run containers;

• Containerd-shim allows the run time (RunC in this case) to exit after starting the container;

• The biggest benefit of this model is that the Docker engine can be upgraded without interrupting the container.

 

2017- Containers go mainstream

 

2017 was the year containers went mainstream, which is why Docker supports so many platforms beyond Linux (Docker for Mac, Docker for Windows, Docker for AWS, GCP, etc.).

 

When container technology became popular, Docker realized it needed a new production model, which is why it started the Moby project.

 

Third, Moby Project

 

The Moby project opens a new chapter in enabling collaboration and production. It is an open source project aimed at advancing the containerization of software. The Moby project provides dozens of Lego-like components and a framework for assembling them into custom container-based systems.

 

The Docker production model starts like any other common single open source project:

 

 

To break a single project into different open components:

 

 

Then evolve to models that share these components as well as assemblies:

 

 

The result is a model that provides more collaboration between components and a generic set of components:

 

 

Let’s take a look at some of the components in the Moby project.

 

Containerd

 

Containerd is a core container runtime created by Docker based on industry standards. It acts as a Linux and Windows daemon and manages the entire container life cycle.

 

Linuxkit

 

Linuxkit, another component of the Moby project, is a tool for building secure, cross-platform, streamlined systems for containers. Currently, hyper-V and VMware hypervisors are supported. Supported cloud platforms include AWS and Azure.

 

Infrakit

 

Infrakit is also part of the Moby project. It is a toolkit for creating and managing declarative, immutable, and self-healing infrastructures. Infrakit aims to automate the setup and management of infrastructure to support distributed systems and higher-level container choreography systems.

 

Infrakit is useful for orchestrating tools like Docker Swarm and Kubernetes or for use cases that create auto-scaling clusters across public clouds like AWS.

 

Libnetwork

 

Libnetwork is a container network management project implemented in the Go language. Its goal is to define a container network model (CNM) and provide a consistent programming interface as well as network abstractions for applications. This satisfies the “composable” requirements of container networks.

 

Docker & Docker Swarm

 

Docker Swarm is a compilation tool built in Docker Engine. Since Docker1.12, Docker Swarm has been included in Docker Engine as a separate tool. We can use Docker Cli with Docker Swarm to create clusters and deploy and manage applications and services. The following figure describes the role of Docker Swarm in Docker system:

 

 

Docker＆Kubernetes

 

In the competition between Docker Swarm and Kubernetes, it is clearly Kubernetes that has the advantage. So Docker made a u-turn and started native support for integration with Kubernetes.

 

This was the big news in the container world in 2017. Docker users and developers can now choose to use Kubernetes or Swarm to organize containers. We can consider Docker married to Kubernetes:

 

 

The new Version of Docker that supports Kubernetes integration will allow users to deploy their Docker Compose application as Kubernetes native Pods and services. Kubernetes is a very powerful and increasingly popular local orchestration tool:

 

 

Hopefully you’re not confused by the many names and concepts in this article, let’s close with the following graph, which shows the trend of images pulled from Docker Hub from 2013 to 2017:

 

Note: All images in this article are from the Internet

 

reference

<An Overall View On Docker Ecosystem – Containers , Moby, Swarm, Linuxkit, containerd, Kubernetes>