DEV Community


Understanding docker Containers and images

Prabu Subra
Full Stack Developer
Updated on ・2 min read

Containers — A technology to run one or more than one process on an independent and isolated environment.

What are process here?
Execution of programs(set of instructions). It could be applications, databases, message queues, etc…

What are resources needed to execute a process standalone?

I/O devices
Files Systems

In our day to day life, we use the containers without knowing. For example Parallel Space/Secondary space and Dual apps features in Android mobiles are using Linux Container technology.

In Linux kernel, we have options to create more than one parallel space and run a process inside of it, like jail, These are called as containers.

Linux kernel features behind containers:-

Using linux Kernel features like Namespace, Cgroup, chroot and UnionFS, host Linux kernel can split it's resources to run a process on isolated environment.

Namespaces → This feature isolates below terms from host and other containers.

Mount — isolate filesystem mount points.
UTS — isolate hostname and domain name.
IPC — isolate interprocess communication (IPC) resources.
PID — isolate the PID number space.
Network — isolate network interfaces.
User — isolate UID/GID number spaces.

Cgroups → limits resources like CPU, memory, network...

Chroot → change the root directory for specified process and its child processes.

UnionFS → layered File system.
1. Immutable layers
docker images are build as immutable layers.
2. Mutable layers
Data are persisted on this layer. it can be mounted to

local storage or external cloud store.
it helps for effective reuse of docker image and data management.

If containers share host operating systems, then

Why do we have operating system images(Container OS) on docker registries?
Containers are running on Host kernel, but OS utilities and libraries are not available, because of isolation(Namespace). Containers cannot access softwares installed on Host OS. so we have to configure required software for each docker container as docker image in Dockerfile.

What is actually is operating systems image(Container OS)?
These images are not full fledged Operating systems, just a bunch of utilities/libraries.

Therefore, To run a container, we just need to load few utilities not full operating systems.

Docker Container CLIs:-

Images — A blueprint or template, from which one or more than one containers can be created.

Most of the images are build based on Scratch image. It is like super parent image. Scratch doesn’t have any utility, it is empty image with zero size. image size is depends on its utilities, libraries and apps.

Docker image CLIs:-


Docker image is created from Dockerfile. it has a set of vocabularies to execute processes with its dependencies independently.

Eventually, using container technology software can be created/changed, packed, tested and shipped quicker with less hurdles than traditional ways. It simplifies software business. programmable Platform (PaaS) accelerate software development and deployment(SaaS).

Thanks for reading… This is my understanding after using docker for few months. Feel free to comment your suggestions !!!

Discussion (0)