How to Get Started with Docker (Part 1 of 2)

Last updated by UpGuard on July 24, 2019

scroll down

Build once, configure once and run anywhere. Sound familiar? Numerous companies have had a crack at this over the years. Sun was the first with Java and JVM: a platform-independent language and runtime environment that enables developers to build programs that are at once compiled and interpreted, allowing them to be run from anywhere a version of the JVM exists. Docker, the latest company to adopt the mantra, has a similar value proposition--except in this case we’re dealing with servers, not code.

Their technology deploys software applications with all the necessary parts in a container, thereby ensuring it will run on any Linux server, regardless of configuration and/or settings. Containers can be created, configured, and saved as templates for use on other hosts running the Docker engine. These templates can then be used to create more containers with the same OS, configuration, and binaries.

Docker Containers vs. VMs

Though both Docker containers and VMs use mechanisms for virtualization and abstraction, a fundamental difference lies in virtualization scope: VMs contain the full OS, while Docker containers share a single OS with the host machine. Since the support of multiple guest operating systems with a hypervisor is absent, Docker containers are especially lightweight and portable.

Take a look at the following graphic comparing VMs to Containers.  

Virtual Machines vs. Containers diagram

Diagram courtesy of Docker, Inc.Learn More ABOUT ETCD Scanning with UpGuard

Note that the VM must load the hypervisor layer (see above diagram) as well as one instance of the guest OS for each desired app instance. In contrast, containers do away with the resource-intensive hypervisor layer, and can support any number of app instances running on top of the host OS.

In this paper comparing container and virtual machine environments, IBM tested Docker and KVM against CPU, memory, network and I/O benchmarks. Unsurprisingly, Docker outperformed KVM in every case tested. So while VMs are appropriate in use cases requiring full-machine virtualization, Docker containers boot quicker and require less system resources, making them highly suitable for packaging and shipping apps to run anywhere.

The Docker Hub

A reoccuring theme in the Docker world is speed: in quicker development, faster performing apps, and easier shipping and deployment. Similar to Amazon’s AWS Marketplace, where one can find community-contributed Amazon Machine Images for launching server instances quickly, the Docker Hub features a repository of community-contributed components for creating and publishing custom Docker containers quickly.

Docker hub

Some official Docker repositories. Image courtesy of Docker, Inc.

For example, a developer building a MySQL-backed SaaS app can use the Oracle Linux and MySQL images in Docker Hub to quickly spin up a server with the necessary components. This eliminates the need to build and configure each OS or application component by hand. 

In short, Docker is ideal for building, shipping, and running portable cloud apps. If you’re anxious to get hands-on with Docker immediately, check out this interactive demo on the Docker site. And be sure to check back for Part 2 of this article, where we’ll take a closer look at Docker’s features, and find out how GuardRail can be used for monitoring container configurations, scanning differences and changes, and verifying test/production environments.

See What UpGuard Can Do For You

Related posts

Learn more about the latest issues in cybersecurity