What is a Container?

A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another.

A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries, and settings.

Ok, let me make it easy!

A container is a bundle of:

  • Application
  • Application libraries required to run your application
  • The minimum system dependencies

Container Layers Screenshot

Containers vs Virtual Machines

Containers and virtual machines are both technologies used to isolate applications and their dependencies, but they have some key differences:

1. Resource Utilization

  • Containers share the host operating system kernel, making them lighter and faster than VMs.
  • VMs have a full-fledged OS and hypervisor, making them more resource-intensive.

2. Portability

  • Containers are designed to be portable and can run on any system with a compatible host OS.
  • VMs are less portable as they need a compatible hypervisor.

3. Security

  • VMs provide a higher level of isolation and security as each has its own OS.
  • Containers share the host OS kernel, which provides less isolation.

4. Management

  • Containers are easier to manage as they are designed to be lightweight and fast-moving.

Why Are Containers Lightweight?

Containers are lightweight because they use containerization technology, allowing them to share the host OS kernel while still providing isolation for the app and its dependencies.

This means:

  • Smaller size compared to full VMs
  • Minimal components needed to run the app
  • Faster startup and deployment times

Let’s Understand This with an Example:

Below is the screenshot of the official Ubuntu base image used for containers.

It's just ~22 MB! 😮

In contrast, an official Ubuntu VM image is close to ~2.3 GB.

That’s almost 100 times larger!

Ubuntu Image

Files and Folders in Container Base Images

  • /bin: contains binary executables (e.g., ls, cp, ps)
  • /sbin: contains system binaries (e.g., init, shutdown)
  • /etc: system config files
  • /lib: shared libraries used by binaries
  • /usr: user apps, libraries, docs
  • /var: logs, spool, temp data
  • /root: home directory of root user

Files and Folders Containers Use from Host OS

  • Host file system via bind mounts
  • Networking stack to connect containers
  • System calls handled by host kernel
  • Namespaces for isolation
  • Control groups (cgroups) to limit resource usage

Even though containers use host resources, they’re isolated from the host and other containers.

Note: VM image sizes can be optimized, but for comparison, we're using the defaults.

TL;DR

  • Containers are smaller and more efficient because they don’t bundle an entire OS.
  • VMs are heavier and less portable, but offer greater isolation.
  • Containers only include what’s necessary for your app to run.

What is Docker?

Docker is a containerization platform that lets you:

  • Build container images
  • Run containers from those images
  • Push/pull containers to/from registries (e.g., DockerHub, Quay.io)

In simple terms:

Containerization is a concept — Docker is the implementation.

Docker Architecture

Docker Architecture

The image above clearly shows that:

  • Docker Daemon is the brain of Docker.
  • If the Docker Daemon dies… well, Docker is brain dead 😄 (sarcasm intended).