March 12, 2017

Docker Layered Environment

A Layered Environment

A docker image is built up of layers. Each layer represents a portion of the images' filesystem that either adds to or replaces (overlays) the layer below it. For instance you might start with a Debian base image, add the Emacs editor, and the nginx reverse proxy server. Each of these is a distinct layer.

Finally, to instantiate a container, the image is loaded into memory and a writable layer is added. This is where changes during runtime are kept.

The topology consists of the following components:
  • Kernel
    • this is the kernel of the host operating system
    • shared across all containers on host
  • Bootfs
    • boot filesystem (with bootloader and kernel)
    • same across different Linux distributions
  • Base image
    • binaries/libraries
    • functionality needed by the container, not in the host OS kernel
  • Rootfs
    • root filesystem (with required directories: /bin, /boot, /dev, /lib, …)
    • differences across Linux distributions
  • Image(s)
    • application run on top of the base image
    • zero or more read-only layers
  • Container
    • writeable layer
    • changed container data exists here
A container object is started by loading the image object layers into memory and adding a writable top layer.

A container provides a way to create a run-time environment on top of the underlying host kernel.

Note: The run-time environment includes a set of binaries and libraries needed by the specific application (default executable) running in the container and a writeable layer where changes are stored.


No comments:

Post a Comment