Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / SUSE Linux Enterprise Server-Dokumentation / Container Guide / Docker Open Source Engine Overview
Applies to SUSE Linux Enterprise Server 15 SP2

3 Docker Open Source Engine Overview

The Docker Open Source Engine is a lightweight virtualization solution to run multiple virtual Linux environments (containers) simultaneously on top of a single Linux kernel, without a hypervisor. Containers are isolated using Kernel cgroups (Control groups) and Namespaces.

Full virtualization solutions, such as Xen, KVM, or libvirt, are based on simulating a complete hardware environment and running multiple operating system instances inside these virtual machines. The Docker Open Source Engine provides operating-system-level virtualization: a single Linux kernel controls multiple isolated containers.

The Docker Open Source Engine allows developers and system administrators to manage the complete life cycle of images. The Docker Open Source Engine makes it easy to build, ship, and run images containing applications.

Docker Open Source Engine has the following advantages:

  • Isolation of applications through containers.

  • Near-native performance, as the Docker Open Source Engine manages allocation of resources in real time.

  • Control network interfaces and resources available inside containers through cgroups.

  • Versioning of images.

  • Building new images based on existing ones.

  • Container orchestration.

Docker Open Source Engine has the following limitations:

  • Containers run on the host system's kernel and cannot use a different kernel.

  • Only supports Linux applications and not other operating systems.

  • Docker Open Source Engine is not a full virtualization stack like Xen, KVM, or libvirt.

  • Security depends on the host system. Refer to the official security documentation for more details.

3.1 Docker Open Source Engine Architecture

Docker Open Source Engine uses a client/server architecture. You can use the CLI client to communicate with the daemon. The daemon performs operations with containers and manages images locally or in registry. The CLI client can run on the same server as the host daemon or on a different machine. The CLI client communicates with the daemon by using network sockets. The architecture is shown in Figure 3.1, “The Docker Open Source Engine Architecture”.

The Docker Open Source Engine Architecture
Figure 3.1: The Docker Open Source Engine Architecture