Most introductions to Docker compare it to VMs. Docker however seems to be like a standard setup program. Setup programs have existed for nearly as long as computers have existed. I have been working with computers for half a century. I of course am not familiar with all current technology but I have not heard of software being deployed as a VM.
The WikiPedia used to say that Docker is used to deploy software. Currently it says Docker is used to deliver software. Either way, they seem to be using different terminology to describe a setup program.
The docker.com home page is vague about what Docker is. It does say:
Accelerate how you build, share, and run modern applications.
That could describe a setup program. Under Build it says Package applications. Under Run it says Deploy your applications. Those also describe what a setup program does.
My understanding is that containerd in the Docker Engine is the specific part of Docker that most of the magic of executing containers happens. It seems to be a Black Box; I do not find an explanation of how it executes software built for a different execution environment without using a VM. The Docker Engine seems to provide a relatively standard tool for executing applications, thereby providing a relatively standard setup tool.
Docker does process virtualization, by using the host’s kernel, cgroups to limit the ressources it can use, capabilities to limit the permissions on kernel functions, and namespaces for isolated usage + some storage and network magic. Docker heavily depend on a Linux Kernel (and probably libraries)
Docker Desktop always runs in a VM, regardless whether it runs on Windows, MacOS or Linux to provide (almost) the same experience across the operating systems. Its target audience are developers. It is not designed to run productive workloads 24/7.
Docker-CE on the other hand is only available for its natural habitat: Linux (see architecture/os support matrix). If you want to use docker in production, this is the version you want to use.
Docker is one of many container engines. Docker can be used to create OCI compliant container images, which typically consist of a main application, all the dependencies it requires and a minimum set of binaries and libraries that make up a minimal os. Images are used for packaging (=build the image) and delivery (=push the image to a container image registry, pull the image from there). Containers are run-time instances based on an image (~deploy).
While WSL1 uses Hyper-V and regular vms, WSL2 (preferred!) uses the Windows feature “virtualization platform” (a lightweight virtualization layer) to run a utility vm that provides the Linux kernel for all WSL2 distributions (=each is an isolated environment running inside that vm). The Docker Desktop backend is also just a distribution that runs on it.
Good, thank you. That is interesting. I assume that explains, at least somewhat, what they (the various introductions/ tutorials) mean when they say containers are lightweight compared to VMs. So are containers in Windows lightweight due to a Windows feature?
Here is where it gets complicated. Perhaps this should be a separate discussion. When you say virtualization platform do you mean Virtual Machine Platform or do you mean Windows Hypervisor Platform? “Virtual Machine Platform” in Win 10 (2004) is Hyper-V? - Super User tries to explain things (it would be interesting to know how much of that is relevant to Docker). The details probably are not important for developers learning Docker except I think it helps to know (if it is true) that in Windows containers are lightweight because of a feature provided by Microsoft in Windows.
I do not doubt that Docker is powerful and useful and probably the main feature of Docker is that it makes complicated stuff relatively easy but I think the introductions and tutorials for beginners are misleading about how Docker does that. The first image in Docker Tutorial for Beginners: Basics, Architecture, Containers seems incorrect to me. All the tutorials and introductions for beginners seem to be inaccurate about what it is that Docker does that makes it as powerful and useful as it is.
To get back to my original post, I think that describing Docker as an advanced and complicated setup (deployment) system that uses complicated system features to simplify deployment in a comparatively common way makes things more clear.
Docker is lightweight, because it virtualizes processes and their runtime environment. The overhead to run a containerized process is close to nothing compared to running a native process on the host. A container does not boot (it does not start its own kernel or start any system services), instead it only starts the main process (and sometimes sub-processes).
In comparison, a vm emulates a full computer, which has its own bios, virtual harddisk, boots a kernel and starts system services, like a bare metal machine does. Of course this has a bigger overhead in terms of needed cpu time, ram and harddisk consumption.
Docker being lightweight has nothing todo whether Docker Desktop is used or not. Docker requires Linux to work, so Docker Desktop uses utility vm’s (in case of Windows a WSL distribution) to provide this dependency. Most blog posts/trainings pre-date Docker Desktop and don’t address it, which is fine because it doesn’t change the core concepts. That Docker Desktop for Windows uses a lightweight virtualization on Windows is just a pure coincidence.
In my German Windows installation the feature is called “VM Plattform” (this is on Win11 22H2 and I am sure it used to have a longer name), so it must be the “Virtual Machine Platform”. It definitely is not “Windows Hyervisor Platform” (which provides a hyper-v compatibility layer for third party vm solutions).
I can highly recommend this free self-paced docker training: Introduction to Containers. It should give you a solid understanding of concepts and how things are done in Docker. Since the training was developed over many years, it might be that Docker Desktop is not specific mentioned (which again is fine, as it doesn’t change the core conecpts)