Docker

The Linux container runtime

Docker complements LXC with a high-level API which operates at the process level. It runs unix processes with strong guarantees of isolation and repeatability across servers.

Docker is a great building block for automating distributed systems: large-scale web deployments, database clusters, continuous deployment systems, private PaaS, service-oriented architectures, etc.

Let's get started

Heterogeneous payloads

Any combination of binaries, libraries, configuration files, scripts, virtualenvs, jars, gems, tarballs, you name it. No more juggling between domain-specific tools. Docker can deploy and run them all.

Any server

Docker can run on any x64 machine with a modern linux kernel - whether it's a laptop, a bare metal server or a VM. This makes it perfect for multi-cloud deployments.

Isolation

docker isolates processes from each other and from the underlying host, using lightweight containers.

Repeatability

Because containers are isolated in their own filesystem, they behave the same regardless of where, when, and alongside what they run.

John Willis @botchagalupe: IMHO docker is to paas what chef was to Iaas 4 years ago
John Feminella ‏@superninjarobot: So, @getdocker is pure excellence. If you've ever wished for arbitrary, PaaS-agnostic, lxc/aufs Linux containers, this is your jam!
David Romulan ‏@destructuring: I haven't had this much fun since AWS
Ricardo Gladwell ‏@rgladwell: wow @getdocker is either amazing or totally stupid

Notable features

  • Filesystem isolation: each process container runs in a completely separate root filesystem.
  • Resource isolation: system resources like cpu and memory can be allocated differently to each process container, using cgroups.
  • Network isolation: each process container runs in its own network namespace, with a virtual interface and IP address of its own.
  • Copy-on-write: root filesystems are created using copy-on-write, which makes deployment extremeley fast, memory-cheap and disk-cheap.
  • Logging: the standard streams (stdout/stderr/stdin) of each process container is collected and logged for real-time or batch retrieval.
  • Change management: changes to a container's filesystem can be committed into a new image and re-used to create more containers. No templating or manual configuration required.
  • Interactive shell: docker can allocate a pseudo-tty and attach to the standard input of any container, for example to run a throwaway interactive shell.

Under the hood

Under the hood, Docker is built on the following components:

  • The cgroup and namespacing capabilities of the Linux kernel;
  • AUFS, a powerful union filesystem with copy-on-write capabilities;
  • The Go programming language;
  • lxc, a set of convenience scripts to simplify the creation of linux containers.
Fill out my online form.

Twitter