Skip to main content

Docker Components and Architecture

Core Components

Docker's architecture consists of several key components that work together to create and manage containers.

1. Docker Engine

The Docker Engine is the core software that runs and manages containers. It consists of three main parts:

Docker Daemon (dockerd)

  • The Docker Daemon[^1] is a background process that manages all Docker operations.
  • It listens for Docker API requests and controls images, containers, networks, and volumes.
  • Runs as a system service and interacts with the Docker CLI.

REST API

  • The REST API[^2] allows other programs and tools to communicate with the Docker Daemon remotely.
  • It provides an interface for container orchestration, automation, and integration with other applications.

Docker CLI

  • The Command-Line Interface (CLI)[^3] is the tool used to interact with Docker.
  • Users run commands like docker run and docker build to manage containers and images.
  • It sends requests to the Docker Daemon via the REST API.

2. Docker Images

Docker Images[^4] are the blueprints for containers.

Read-Only Templates

  • A Docker image is a preconfigured package that contains everything needed to run an application.
  • It includes:
    • The application code
    • Required dependencies[^5]
    • System configurations

Layered Structure

  • Docker images use a layered structure[^6], meaning:
    • Each instruction in a Dockerfile creates a new layer.
    • Layers are cached for efficiency, reducing build time.
    • Multiple containers can share the same base layers, improving storage efficiency.

Image Registry

  • A Docker Registry is a centralized location where Docker images are stored.
  • Public registry: Docker Hub hosts thousands of prebuilt images.
  • Private registry: Organizations can host private images for security reasons.

3. Docker Containers

Containers[^7] are running instances of images.

Isolated Environment

  • Containers run applications in isolated environments[^8].
  • Each container has its own filesystem, network interface, and process space.
  • Containers do not interfere with each other, improving security.

Resource Management

  • Docker manages resource allocation[^9] to ensure efficient performance:
    • CPU limits prevent a single container from overloading the system.
    • Memory limits allocate a specific amount of RAM per container.
    • Storage quotas control how much disk space a container can use.

Lifecycle Management

  • Containers have multiple lifecycle stages[^10]:
    • docker createCreates a container but does not start it.
    • docker startStarts a container that has been created.
    • docker stopGracefully stops a running container.
    • docker restartRestarts a container without deleting it.
    • docker rmRemoves a container.

4. Docker Networks

Docker networks enable communication between containers.

Network Types

  1. Bridge (default)[^11] – Containers on the same host can communicate using a private network.
  2. Host[^12] – Containers share the host machine's network and do not have their own IP addresses.
  3. Overlay[^13] – Used in multi-host Docker Swarm setups to allow communication across multiple servers.
  4. Macvlan[^14] – Assigns each container a real IP address, making it act like a physical machine on the network.

Features

  • Container Isolation[^15] – Containers can be restricted from communicating with each other.
  • DNS Resolution[^16] – Containers can communicate using container names instead of IP addresses.
  • Port Mapping[^17] – Maps container ports to the host machine, allowing external access.

5. Docker Volumes

Volumes[^18] handle persistent storage for containers.

Data Management

  • Persistent Storage[^19] – Data inside a container is temporary unless stored in a Docker volume.
  • Data Sharing[^20] – Volumes allow multiple containers to share data without conflicts.
  • Backup & Restore[^21] – Volumes can be migrated or backed up separately from the container.

Volume Types

  1. Named Volumes[^22] – Stored in Docker's managed volume location and handled by Docker.
  2. Bind Mounts[^23] – Maps a directory from the host machine into the container.
  3. tmpfs Mounts[^24] – Stores data in memory only, making it fast but non-persistent.

How Components Work Together

The Container Creation Process

  1. Image Pull 
    docker pull nginx
  • Docker checks the local cache for the image.
  • If not found, it downloads the image from the registry.

2 Container Creation

docker create nginx
  • Docker creates a container from the image.
  • It sets up filesystems, environment variables, and networking.
  1. Container Start
docker start container_id
  • The container initializes and runs the main process.
  • Networks and storage volumes attach to the container.