Saturday, July 26, 2025

Docker & the Operating System(OS) | Key Components.

Docker works by leveraging features of the host operating system (OS)... particularly the Linux kernel, to run applications in isolated environments called containers.

Unlike virtual machines (VMs), which require a full OS for each instance, containers share the host OS kernel but isolate the application processes.

Here's twtech breakdown of how Docker works on an OS:

 1. Docker and the OS: Key Components

Docker relies on several OS-level features to work:

a. Namespaces

  • Provide isolation for containers (e.g., process IDs, network interfaces, mount points, user IDs).
  • Each container sees its own isolated set of resources.

Types of namespaces used:

  • pid: process isolation
  • net: network isolation
  • mnt: filesystem mount points
  • uts: hostname/domain isolation
  • ipc: inter-process communication

b. Control Groups (cgroups)

  • Limit and prioritize resources (CPU, memory, disk I/O(input/output)) that a container can use.
  • Prevent a single container from consuming all system resources.

c. Union File System (UnionFS)

  • Provides layered file systems (used in Docker images).
  • Enables image reuse and efficient storage.

 2. How Docker Runs on Different Operating Systems

On Linux

  • Docker runs natively using the Linux kernel features (namespaces, cgroups).
  • Containers are fast and efficient because they directly use the host kernel.

 On Windows & macOS

  • These Operating Systems (Windows & macOS)don’t support Linux kernel features natively.
  • Docker runs a Linux virtual machine (e.g., using WSL2 on Windows or a lightweight VM on macOS).
  • Containers still behave similarly, but with added overhead due to the VM layer.

 3. Docker Engine Components

Docker runs as a client-server architecture:

Component

Role

Docker Client.

CLI (docker commands) that communicates with the daemon

Docker Daemon (dockerd).

Background service managing images, containers, etc.

Docker Images.

Read-only templates used to create containers

Docker Containers.

Running instances of images, isolated via kernel features

Docker Registry.

Stores and distributes images (e.g., Docker Hub)

 4. How a Container Is Created

  1. User runs: docker run nginx
  2. Docker client sends the command to the Docker daemon.
  3. Docker daemon:
    • Pulls the image (if not cached).
    • Creates a container using the image.
    • Sets up namespaces and cgroups.
    • Attaches filesystem layers.
    • Starts the process in the container.

 Visual Overview (Simplified)

# css

[ twtech-App ]

    ↓

[ Docker Container ]

    ↓

[ Docker Engine ]

    ↓

[ Host OS ]

    ↓

[ Hardware ]

 twtech-Summary

Docker works on an OS by:

  • Using kernel features like namespaces and cgroups(control groups) for isolation and resource control respectively.
  • Running directly on Linux, but through a VM on macOS and Windows.
  • Managing containers via a client-server model (Docker CLI → Docker daemon).
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Kubernetes Clusters | Upstream Vs Downstream.

  The terms "upstream" and "downstream" in the context of Kubernetes clusters often refer to the direction of code fl...