What is Docker?

Docker Engine is a software service run by our operating system that enables us to create virtual "containers".  Within cloud computing, it is known as a "Platform as a Service", or PaaS.

We use containers to quickly deploy software in secure, isolated environments.  Containers are considered a "Software as a Service", or SaaS.  Docker can interface directly with the Linux kernel and use the drivers that power our hardware.  This allows most software to be deployed by Docker, regardless of the hardware used during development.

Containers are fundamentally different than a virtual machine, but they perform a similar function.  Virtual machines use a "hypervisor" to emulate hardware that can them run its own operating system under the supervision of your host operating system. There is a great deal of computational resources and power overhead when emulating a virtual computer system.

Containers share their host computer's kernel through the container engine and can directly access hardware.  This improves efficiency by allowing the containers to only emulate the most basic operating system to support their software.  This is accomplished through a read-only 'container image' that builds in all the required software so that it can be used as a template.

Containers can be controlled like a system service, allowing us to easily start, stop or restart them.  Application data like configuration and database files are stored within a persistent volume attached to our container.  Updating software is easy because everything used by the application is stored within the container image.

While creating a container, we can open access to ports that allow us to communicate with the container, as well as allow containers to communicate with each other.  Containers commonly use ports to offer access to a web application interface or transmit information within databases.

Docker on Linux shares the Linux kernel, allowing access to the hardware through your servers drivers, but it runs as an independent process that cannot access other containers or the host.  It only has access to files and hardware we configure it to have access to.  Many applications require at least one folder for persistent application configuration files and databases.

You can run a docker container from the terminal with one command. 

sudo docker run --it --rm -d -p 80:80 --name nginx -v /srv/nginx/:/config scr.io/linuxserver/nginx:latest

You can directly mount host directories, create virtual volumes within docker, or create a temporary filesystem that exists in memory but is deleted whenever the container is restarted.

Docker compose, thanks to yaml, can also increase the readability of your docker setup process.

Docker compose is a docker engine tool that allows you to define and create new containers, as well as virtual networks connecting multiple containers at once.  This makes it very easy to quickly pop-up containers, as well as increases security by allowing critical components like databases to be run behind the scenes so only the container has access to it.

services:
  nginx:
    image: lscr.io/linuxserver/nginx:latest
    container_name: nginx
    volumes:
      - /srv/nginx/:/config
    ports:
      - 80:80

Portainer allows for the easy creation of dockee compose stacks through an intuitive interface.