6

As a newbie,I have read the official Docker documentation, and have followed many explanations here, tutorials, videos on this, but have not yet got a clear answer to my question. If a docker container must use the underlying host OS kernel, then how can they claim "build, ship and run anywhere"? I mean, linux-based containers can run only on linux-based host OS machines, and similarly with windows containers. Is this correct, or have I completely missed it? I am not sure there is such a thing as "linux-based containers" and "windows-based containers".

I can see when someone claims that java apps can run on any OS, but dont see how the same claim can be made for docker containers.

Satya Rao
  • 149
  • 2
  • 3

3 Answers3

4

Containers isolate applications from each other on the same machine, but you're right, they all use the underlying OS. If you need different OS to run different applications on the same machine, you need to use virtual machines instead. Containers are good because you get everything you need to run an application in a single package, and there's less waste of resources because you're not throwing a whole big OS in there as well.

Note that for development purposes it's not unusual to run containers inside a virtual machine, so for instance you can run a linux vm on your pc/mac, and easily move the containers you develop there into real linux-based production.

Check out the snappy FAQ explanation here: https://docs.docker.com/engine/faq/#how-much-does-engine-cost

George M Reinstate Monica
  • 361
  • 2
  • 10
3

Short answer: Correct. All containers share the same linux kernel. If you depend on a kernel specific features, Docker is not for you. Beside that, there are also Windows based images and theoretically you can bring any host kernel as long as it fulfills the requirements of these guys: https://www.opencontainers.org/

CFrei
  • 3,552
  • 1
  • 15
  • 29
  • 1
    So, if I have an application that say uses IIS server, can it be "containerized" as a docker container? Where would you run this container? How would a Docker Engine enable such a container to run if it itself runs on a linux host/VM? – Satya Rao May 10 '17 at 18:30
  • 1
    MS did that for you already: https://hub.docker.com/r/microsoft/iis/ . Runs for now only on Windows. – CFrei May 10 '17 at 18:34
  • If you come from the linux world, Docker is basically just using very nicely chroot, namespaces, cgroups, virtual network cards and a few other forgotten features that were available in the linux kernel since years, just not very easy to handle as a "normal developer". – CFrei May 10 '17 at 18:36
  • Thanks for taking time to clear up some confusion. So, in the above MS container link, e.g. they say create a Dockerfile and then run "docker build ...". etc. Where exactly is the "docker" application running? On a Windows host? Or on some linux(which flavor/version?) VM that gets created on a windows host? If "docker" is running on a linux VM, then it somehow seems to be able to bypass the linux OS (in the VM) and access the underlying windows OS? Again, I am assuming "docker" is a linux application, and is not a windows port running on a windows host. – Satya Rao May 10 '17 at 18:50
2

Don't yet have the karma/streetcred/rep to comment, so I'm writing an answer instead.

First, I don't get why this question is so heavily downvoted, because it's legit and something the docker docs do not straightforwardly answer.

Anyways.

Thanks for taking time to clear up some confusion. So, in the above MS container link, e.g. they say create a Dockerfile and then run "docker build ...". etc. Where exactly is the "docker" application running? On a Windows host? Or on some linux(which flavor/version?) VM that gets created on a windows host? If "docker" is running on a linux VM, then it somehow seems to be able to bypass the linux OS (in the VM) and access the underlying windows OS? Again, I am assuming "docker" is a linux application, and is not a windows port running on a windows host.

In this case, Docker would be a native Windows application (or Windows port), running IIS as a native Windows application.

Think of it like this: the Docker application virtualizes the file system, so that every piece of software that gets installed ends up on this virtual file system. The kernel is not virtualized; so, as other answers said, if you want to transfer a Linux dev environment to a Windows machine, you would need to

run a linux vm on your pc/mac

and then run docker on that vm.

See How is Docker different from a normal virtual machine? for the megathread on Docker de-confusion.

See also http://blog.vizuri.com/docker-for-windows-vs.-docker-on-windows-server which explains the most confusing part of running Docker on Windows. As detailed in the article, you could use Docker on Windows to run Windows containers on Windows, or you could use Docker for Windows to run Linux containers in a Docker-managed Linux vm on windows. The same would be true of Mac ; or indeed, any two incompatible kernels.

fractalic
  • 387
  • 2
  • 10