A Terminology #
- Container
A container is a running instance based on a particular container image. Each container can be distinguished by a unique container ID.
- Control groups
Control groups, also called
cgroups
, are a Linux kernel feature that allows aggregating or partitioning tasks (processes) and all their children into hierarchically-organized groups, to manage their resource limits.- Container image
A container image is an unchangeable, static file that includes executable code so it can run an isolated process on IT infrastructure. The image is comprised of system libraries, system tools, and other platform settings a program needs to run on a containerization platform. A container image is compiled from file system layers built on top of a parent or base image.
- Base image
A base image is an image that does not have a parent image. In a Dockerfile, a base image is identified by the
FROM scratch
directive.- Parent image
The image that serves as the basis for another container image. In other words, if an image is not a base image, it is derived from a parent image.
- Namespaces
Docker Open Source Engine uses Linux namespaces for its containers, which isolates resources reserved for particular containers.
- Orchestration
In a production environment, you typically need a cluster with many containers on each cluster node. The containers must cooperate and you need a framework that enables you to automatically manage the containers. The act of automatic container management is called container orchestration and is typically handled by Kubernetes.
- Registry
A registry is storage for already-created images. It typically contains several repositories. There are two types of registries:
public registry: Any (usually registered) user can download and use images. A typical example of a public registry is Docker Hub.
private registry: Access is restricted to particular users, or from a particular private network.
- Repository
A repository is storage for images in a registry.