Scaler
Academy
Data Science
Neovarsity
New
Skill Test
CoursesFree Masterclass
Search for Articles, Topics
Docker Tutorial
Docker Architecture - Detailed Explanation

Docker Architecture - Detailed Explanation

Learn via video courses
Topics Covered

Docker operates on a client-server architecture where the Docker client communicates with the Docker daemon. This interaction, essential for managing Docker containers, can occur locally and remotely, facilitated by REST API over UNIX sockets or networks.

introduction-to-docker-architecture

What is Docker Daemon?

It is a daemon process that runs on the host operating system. It is responsible for running containers to manage docker services. It manages the Docker objects such as images, containers, networking, and storage.

Docker Architecture

Docker is an integral part of DevOps, and its architecture is one of the reasons why it's so popular. The Docker architecture uses a client-server model that includes the Docker Client, Docker Host, Network and Storage components, and the Docker Registry / Hub. Let's take a closer look at each of these elements.

Docker Client

It uses commands and REST APIs to communicate with the Docker Daemon. When a client runs any docker command on the docker client terminal, the client terminal sends these docker commands to the Docker daemon for processing.

Let's take a look at the most commonly used docker client commands :

docker build :

The build command is used to construct an image from a Dockerfile. As a result, the operating system and all required packages are set up in the Docker image.

e.g.

docker pull :

This command allows you to push images into a docker image registry for sharing and downloading later.

e.g.

docker run :

The docker run command creates a writeable container layer on top of the specified image and then starts it using the specified command. In other words, the docker run command is equivalent to creating and running a container.

e.g.

Docker Host

It is the machine or the virtual machine on which the docker engine runs. The host is where all the components of the docker architecture are configured to run.

Docker Registry

It is a storage and distribution system for Docker images tagged with a name.

Pubic Registry :

A public Docker registry is a way to share custom docker images with everyone. By keeping your docker images publicly accessible, you can share your docker images with the world.

Private Registry :

A private Docker registry is a way to share custom docker images within your organization. By keeping a private and centralized source of truth for your organization's docker image, you can ensure that everyone is using the same images, which makes development and deployment much easier.

Docker Objects

A lot of different objects work together to run an application inside Docker. An application requires objects such as - Docker Images for the application code, Docker Containers to run the application, and Docker Registries to save and download Docker Images.

Let’s have a look at them as well.

Docker Images

It is a lightweight, executable package that consists of everything needed to run an application : code, libraries, third-party dependencies, environment variables, and configurations.

Docker Containers

It is the place where the docker runs an image. You can think of it in this way as well for simplicity : Images become containers when they run on Docker Engine.

Docker Networking

Networking is all about communication between processes, and Docker's networking system is no different.

Docker networking is used to establish communication between Docker containers and the outside world. This communication is established through the host machine where the Docker daemon is running, providing a convenient way for containers to connect and the outside world.

Docker supports different types of networks, each fit for certain use cases. Docker handles communication between containers by creating a default bridge network, so you often don’t have to deal with networking and can instead focus on creating and running containers. This default bridge network works in most cases, but it’s not the only option you have.

Different types of networks are supported by Docker, each being suitable for specific use cases. E.g., the process of communication between containers is managed by Docker through the creation of a default bridge network.

Docker allows you to create three different types of network drivers out-of-the-box : bridge, host, and none.

Bridge :

It's a docker architecture's network driver that is perfect for when you need your containers to be able to connect and communicate with each other while still running in isolation. The bridge network lets containers running in the same network communicate with each other, and Docker uses iptables to stop any access from outside of the bridge.

Host :

It's a docker architecture's network driver that allows containers to use the network provided by the host machine. This removes network isolation between the container and the host machine where Docker is running. If you don’t want to rely on Docker’s networking, you can instead use the host network.

None :

It's a docker architecture's network driver that lets you isolate containers from each other and the external network. This can be useful when you want to disable networking on a container.

Overlay :

It's a docker architecture's network driver that is for multi-host network communication, making it perfect for use with Docker Swarm or Kubernetes. With this driver, containers across different hosts can communicate with each other without needing to worry about the initial setup.

Macvlan :

It's a docker architecture's network driver that lets us connect Docker containers directly to the physical host network. It's the best option for legacy applications that need to be containerized and run on the cloud because they may need to be attached to a physical host network for various reasons like performance.

Docker Storage

Ideally, you should only be writing very little data to a container's writable layer. Instead, one should use Docker's storage objects to write data in a way that can be persisted. This will help keep your containers light and your data more manageable.

Data Volume :

Data Volumes is the preferred mechanism in docker for persisting data generated by and used by Docker containers.

Directory Mounts :

Directory Mounts is the term used for Docker when a data volume is allowed to be mounted onto a container at a chosen directory path.

Storage Plugins :

Storage plugins enable Engine deployments to be integrated with external storage systems such as Amazon EBS and enable data volumes to persist beyond the lifetime of a single Docker host.

Docker Registries

As mentioned earlier, A docker registry is a storage and distribution system for Docker images that are tagged and have a name.

Service Discovery

Service discovery is the term used for when requests from a service's external clients to an individual node are automatically routed. It's implemented in such a way that the client doesn't need to know how many nodes are participating in the service, their IP addresses, or ports.

Public Registries

A public Docker registry is a way to share custom docker images with everyone. By keeping your docker images publicly accessible, you can share your docker images with the world.

Conclusion

In this article, we’ve covered the what and how of Docker architecture in detail, starting with Docker’s commonly used CLI commands and then some advanced concepts such as Docker Network and its various types.

We ran through an important Docker Storage discussion and then discussed Service Discovery in Docker. We also covered various Docker Objects like images, containers, etc. We have explored docker architecture, and now let's continue to learn more about docker!