Docker

The Linux container engine

Docker is an open-source engine which automates the deployment of applications as highly portable, self-sufficient containers.

Docker containers are both hardware-agnostic and platform-agnostic. This means that they can run anywhere, from your laptop to the largest EC2 compute instance and everything in between - and they don't require that you use a particular language, framework or packaging system. That makes them great building blocks for deploying and scaling web apps, databases and backend services without depending on a particular stack or provider.

Docker is an open-source implementation of the deployment engine which powers dotCloud, a popular Platform-as-a-Service. It benefits directly from the experience accumulated over several years of large-scale operation and support of hundreds of thousands of applications and databases.

Let's get started

Heterogeneous payloads

Any combination of binaries, libraries, configuration files, scripts, virtualenvs, jars, gems, tarballs, you name it. No more juggling between domain-specific tools. Docker can deploy and run them all.

Any server

Docker can run on any x64 machine with a modern linux kernel - whether it's a laptop, a bare metal server or a VM. This makes it perfect for multi-cloud deployments.

Isolation

docker isolates processes from each other and from the underlying host, using lightweight containers.

Repeatability

Because containers are isolated in their own filesystem, they behave the same regardless of where, when, and alongside what they run.

John Willis @botchagalupe: IMHO docker is to paas what chef was to Iaas 4 years ago
John Feminella ‏@superninjarobot: So, @getdocker is pure excellence. If you've ever wished for arbitrary, PaaS-agnostic, lxc/aufs Linux containers, this is your jam!
David Romulan ‏@destructuring: I haven't had this much fun since AWS
Ricardo Gladwell ‏@rgladwell: wow @getdocker is either amazing or totally stupid

Notable features

  • Filesystem isolation: each process container runs in a completely separate root filesystem.
  • Resource isolation: system resources like cpu and memory can be allocated differently to each process container, using cgroups.
  • Network isolation: each process container runs in its own network namespace, with a virtual interface and IP address of its own.
  • Copy-on-write: root filesystems are created using copy-on-write, which makes deployment extremeley fast, memory-cheap and disk-cheap.
  • Logging: the standard streams (stdout/stderr/stdin) of each process container is collected and logged for real-time or batch retrieval.
  • Change management: changes to a container's filesystem can be committed into a new image and re-used to create more containers. No templating or manual configuration required.
  • Interactive shell: docker can allocate a pseudo-tty and attach to the standard input of any container, for example to run a throwaway interactive shell.

Under the hood

Under the hood, Docker is built on the following components:

  • The cgroup and namespacing capabilities of the Linux kernel;
  • AUFS, a powerful union filesystem with copy-on-write capabilities;
  • The Go programming language;
  • lxc, a set of convenience scripts to simplify the creation of linux containers.
Fill out my online form.

Twitter