home development system design Linux databases Docker kubernetes about me contact
Docker

Docker is the most popular container service, and a de facto standard today. I like to think of a Docker container as a stripped down version of Linux that has only a minimum of code to run a particular service. The rest is taken care of by its Linux host. The two work together in a way that keeps the container isolated from the host except for needed system services, and containers are isolated from each other and communicate through configured network channels.

Programming for Docker is really Linux systems programming, in which I have decades of experience.

Cloud services such as AWS and Google are great, because they offload all the administrative work, and are reasonably priced. (I was surprised to learn that Amazon makes more money selling web services than books and merchandise.) Putting Docker images on cloud services is a natural fit.

The Docker Hub site has thousands of pre-built containers that can have custom code added by developers. Chances of having a Docker container for a particular public project or product are good, and that's the usual place to start.

Code may be written in any language that runs on Linux, but the three most popular seem to be Node, Python and Go. Python is a very popular scripting language, and has a huge library of packages for just about any functionality imaginable.

Python's weakness for containers is its size. It's an interpreted language, so the container must also have the runtime (which isn't that big), and must also have any other resources to run it, like shared libraries. It's also relatively slow, and uses more memory than Go for the same functionality.

Node shares the same issues with Python, but is much worse for resources. Its runtime is much bigger than Python, which is around 14 kilobytes. On my Linux laptop, Node is 76 megabytes plus supporting libraries.

Go doesn't need much. There is a pre-built Go container on Docker Hub that's used to compile from within Docker, and only the resulting executable is copied into the Docker image. There still has to be an operating system underneath, as with Python, and many people use a container with minimal Alpine Linux. I go even further though, and use distroless Linux, which is truly stripped down, and doesn't even have a shell. This makes for the smallest container possible, and adds extra security.

Container size is a big deal, because cloud services that typically host Docker charge by usage, and spinning up hundreds, thousands or even millions of containers can add up fast. Say you've paid for a virtual system with two gigabytes of memory, and you're running containers that use 500 megabytes each. That means you can only run four containers at once before buying more resources. If your container uses 50 megabytes, you can run 40 containers. It's a contrived example, but you get the idea.

I've barely covered Docker here, but this should give you an idea about how I approach it. Let me know if I can help you.