I want to create a new Docker image to run our Java based web application in Tomcat.
But till now what I found is that most of the default images comes with inbuild OS (e.g. Ubuntu/Debian etc...).
So here are my question:
1. Can we create an image which will have JRE and Tomcat with our app and no OS?
Because, if I run this image in VM, then VM will have its own OS and again in container there is another OS.
So that's the use of having containers with OS?
The docker images for Ubuntu, Debian ... are not operating systems. They don't have a linux kernel. They are just images having file structure and tools similar to an Ubuntu, Debian OS distribution.
The container does not have it own kernel, it uses the host's kernel where the container is running. This is the fundamental differnece between a virtual machine and a container.
Related
From what I understand, the container includes all dependencies to run, but all containers running on the same platform whether it's a VM, or bare-metal will share the underlying kernel.
I believe I read somewhere that in order to run linux containers on windows, the Docker client spins up a linux based VM, and runs the container in that.
But now I see that docker for windows runs linux containers natively (ie, without hyper-v).
My question is: How can an image that was built to run on linux run on a system that has a windows kernel?
This is the original source that my question arose from:
https://www.hanselman.com/blog/DockerAndLinuxContainersOnWindowsWithOrWithoutHyperVVirtualMachines.aspx
With the latest version of Windows 10 (or 10 Server) and the beta of
Docker for Windows, there's native Linux Container support on Windows.
That means there's no Virtual Machine or Hyper-V involved (unless you
want), so Linux Containers run on Windows itself using Windows 10's
built in container support.
I saw some similar questions, but they explained how a linux container runs on a windows platform by utilising a vm/hyper-v
How docker desktop runs linux containers on Windows machine
Does "Docker On Windows" launch a linux virtual machine?
Perhaps I didn't understand their answers, but from what I understood, it still seems like the linux container is sitting on-top of the windows kernel.
this is the magic of LCOW (https://github.com/linuxkit/lcow)
you are right to run a container the base KERNEL should be same , since container is just an abstraction , so to run a linux container on windows there are two options
either use moby linux on hyperv and run containers there
use lcow to run light weight linux vm for each container. (lcow)
https://learn.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/linux-containers
with WSL in windows in future we might be able to get a third method don't know if already someone is working on it .
I just got started with docker. To my understanding, docker container runs a discrete process on the host machine and shares system resources of host machine too to that process, and as we know, codes building for Linux may not able to run on MacOS, and vice versa. My question is: can a docker image built on an OS platform can be deployed to another OS, like MacOS to Linux, or Ubuntu to CentOS?
If the question is NO, how come it only has one official mysql image on docker repositories, but not multiple like for Mac, for Ubuntu, for RHEL?
Docker on mac works by creating a linux virtual machine. So a docker image built on Mac is in fact built on a linux virtual machine and can be freely exchanged with most other docker systems - including most docker on windows.
There is a windows version of dockers that is not linux based. Those images are not interchangeable.
In fact, the docker built from any linux-based image can be run (w/o VM as an additional layer) on any linux distribution that has the same OS kernel.
It means docker built from e.g. SuSE image can be then run on Fedora/Ubuntu/Debian/etc... w/o any restrictions.
Short form - yes it can, but i think it will depend on the setup - notably user/group in - docker-compose file.
Recently i had some issues with work docker-compose files being setup without a user specified, these work ok when building on a mac as had an app user, but when run on my linux machine the user defaulted to root and thus the build was not successful. So it depends on the quality of the config.
Docker images are platform agnostic. The first thing a Dockerfile declares is what base image it pulls from, and that should determine the operating system under which the containers will run.
Using the MySQL 8 Dockerfile as an example:
https://github.com/docker-library/mysql/blob/223f0be1213bbd8647b841243a3114e8b34022f4/8.0/Dockerfile
FROM debian:stretch-slim
This means the image, and thus any containers started from it, will be based on Debian Linux...even if the host machine is MacOS.
I am aware of this question (Can Windows Containers be hosted on linux?), but it doesn't really answer my question.
I am new to Docker, but my question is such - if I take any windows application, put it inside a Docker container, can it run now on Linux and vice versa?
Confluent claims that it can run only on linux, but my colleague installed it on Windows using Docker. So if you can install it with Docker, then the whole application would surely be regarded as cross platform?
I think I am missing some important point here.
Docker is not a VM, it's a way to run applications on a shared kernel that isolate those applications from each other. Windows binaries don't run on a Linux kernel, and vice versa (ignoring the Linux runtime for Windows for the time being). So if you build a container with your Windows application, it will only run if you did so on Dockers Windows runtime and windows base image. It's won't run on a Linux host.
What docker does provide is an embedded VM running Linux (originally this was VirtualBox, but current versions are HyperV). By running Docker for Windows, by default, this VM was used and you would only be running Linux containers, so your windows application would not even run inside the container. To run the Windows binaries, you need to toggle Docker for Windows to use the Windows runtime, and presently that's a toggle, you can't run both Linux and Windows runtimes concurrently on the same host.
There also is no Windows VM packaged with Docker's Linux install. You would need to install your own copy of Windows (and get the licensing which is why Docker doesn't ship this) inside a VM on a Linux host and run your containers inside that VM if you need Windows support.
Is it possible that I run docker without any host OS. I mean run it natively. It would be a performance boost that way I believe if possible.
Suppose I have a tool which runs on linux kernel. I create a docker container with some extra dependencies. Now I share that container with other person who has linux to run that container.
But I want to run that container without host OS. as it will be double layer of OS with container.
Docker itself is not a VM, so there is no double layer of OS. Docker is a tool to run applications with settings that isolate them from other applications running on the same OS kernel. Docker does include a VM with Docker for Windows and Docker for Mac to run the Linux kernel so you can run Linux containers. There is an option to run native Windows containers with Server 2016, but if you are looking for minimal and efficiency, I would suggest looking elsewhere.
The closest things to what you are looking for are:
Unikernels: these are applications compiled into a kernel with everything else removed, designed to run inside of a VM for a very specialized task, often security related. These are still early in their development stage, but Docker does use some of their technology inside their project.
LinuxKit (part of the Moby Project): this is how Docker creates their VMs for Docker for Windows and Docker for Mac. It is a container based Linux operating system that you can custom compile with only the containers you want to run. Most of the focus of this is still designed for VMs, but bare metal is an option.
Scratch base image: if you statically compile your application to remove all of the library dependencies, you can have a container without any shell or other OS tools. This is often seen in Go binaries shipped as Docker containers to do a single task with a very small attack surface. As a Docker container, it still requires the underlying Linux OS to run the binary.
Have been trying to learn Docker and one thing that puzzles me is how a different flavour of Linux (to the host OS) actually runs in the Docker container.
If we assume my Docker host is running RedHat and I start a container from an Ubuntu image then are the following true?:
logically speaking, if the Ubuntu image footprint is around 550MB then will the Docker Daemon actually download (from an image registry) 550MB worth of Ubuntu image in order to create the Container?
is the instance of Ubuntu running in the container essentially no different than if I had downloaded and installed the same version manually?
I'm aware that the Docker container shares the same kernel used by the host OS and that one of the fundamental points of Docker was its efficiency gains of the container using the underlying OS. So Im a bit confused about what actually happens when you start a Container created from a different Linux version than the host.
I think this previous post may help you understand it a little more - Docker container isolation, does it care about underlying Linux OS?.
The crux of the matter is that if the Host OS is RedHat then it is the RedHat kernel which will be used by whatever build of Linux you run in your Docker container ie. Ubuntu in your example.
This comes down to understanding what the difference is between a Linux OS and a Linux Image. You will not be running a full Ubuntu OS inside the Docker Container but an image of Ubuntu.
For the purpose of your question think:-
OS = kernel + filesystem/libraries
Image = filesystem/libraries
The Ubuntu image running inside your Docker container is just the Ubuntu filesystem/libraries - it will not contain the Ubuntu kernel. This partly explains the efficiencies you get from a Docker container which is leveraging the Kernel (among other things) of the underlying Host.
The Ubuntu image running inside the Docker container runs in what is called the user space for that container. This image can make kernel system calls to the RedHat host OS kernel (as part of transferring control from user space to kernel space for some user operations). Since the core kernel is common technology, the system calls are expected to be compatible even when the call is made from an Ubuntu user space code to a Redhat kernel code. This compatibility make it possible to share the kernel across containers which may all have different base OS images.