What’s the Difference Between Docker Images and Containers?
Docker images and containers are application deployment technologies. Traditionally, to run any application, you had to install the version that matched your machine’s operating system. However, now you can create a single software package, or container, that runs on all types of devices and operating systems. Docker is a software platform that packages software into containers. Docker images are read-only templates that contain instructions for creating a container. A Docker image is a snapshot or blueprint of the libraries and dependencies required inside a container for an application to run.
Why are Docker images and containers used?
Containers allow developers to package software to run on any target system. Previously, you had to package software specifically for different target systems. For example, if you wanted an application to run on macOS and Windows, you had to change the application design and package it for the different systems.
Containerization allows a software application to run as microservices across distributed, cross-platform hardware architectures. Because containers are highly portable, these software applications run on almost any machine with speedy deployment. For example, an enterprise application may have hundreds of microservices. They could run as containers across multiple machines and virtual machines (VMs) in a dedicated data center and the cloud.
How they work: Docker images vs. Docker containers
Docker is a containerization platform that you can use to package software in containers and run them on target machines. Docker containers run on any machine or virtual machine where the Docker engine is installed. And they run without knowledge of the underlying system architecture. The Docker engine only runs on the Linux operating system. A Docker container is a container made using the Docker containerization platform; there are also other less popular containerization platforms.
How Docker containers work
A Docker container is a runtime environment with all the necessary components—like code, dependencies, and libraries—needed to run the application code without using host machine dependencies. This container runtime runs on the engine on a server, machine, or cloud instance. The engine runs multiple containers depending on the underlying resources available.
To deploy and scale a set of containers to communicate effectively across different machines or virtual machines, you need a container orchestration platform like Kubernetes. This helps whether your machines are on premises or in the cloud. Kubernetes manages multiple machines, known as a cluster, within the context of container operations.
How Docker images work
A Docker image, or container image, is a standalone, executable file used to create a container. This container image contains all the libraries, dependencies, and files that the container needs to run. A Docker image is shareable and portable, so you can deploy the same image in multiple locations at once—much like a software binary file.
You can store images in registries to keep track of complex software architectures, projects, business segments, and user group access. For instance, the public Docker Hub registry contains images such as operating systems, programming language frameworks, databases, and code editors.
Key commands: Docker images vs. Docker containers
You use commands with parameters to manipulate Docker containers. The standard command format is docker [options] [command] [arguments].
Container commands
The following table contains frequently used container commands. There are several more listed in the Docker documentation.
Command |
Explanation |
docker ps -a |
Lists all containers. The -a flag shows both running and non-running containers. To display only running containers, this flag can be omitted. |
docker rename [container] [new_name] |
Renames the given container to new_name. |
docker start [container] |
Runs the given container. |
docker stop [container] |
Stops the given container. |
docker wait [container] |
Makes the given container wait until other running containers stop. |
Image commands
There are less image commands compared to container commands.
Docker build -t image_name . |
Builds a Docker image tagged image_name from the files in the current directory. |
docker create [image] |
Creates a non-running container from the given image. |
docker run [image] |
Creates and runs a container based on the given image. |
Creating Docker containers from Docker images
To create a container from a specific Docker image, start up the engine on a machine. Then, use the basic Docker run command.
Here’s an example command:
docker run -it MyImage bash
This command creates a container from an image file named MyImage. The -it creates a pseudo-terminal within the running container. And by specifying bash as a command, a bash terminal opens within the container.
Key differences: Docker images vs. Docker containers
A Docker container is a self-contained, runnable software application or service. On the other hand, a Docker image is the template loaded onto the container to run it, like a set of instructions.
You store images for sharing and reuse, but you create and destroy containers over an application’s lifecycle. We give more differences next.
Source
You create a Docker image from a Dockerfile, a human-readable text file similar to a configuration file. The Dockerfile contains all the instructions to build the image. You have to place the Dockerfile along with all associated libraries and dependencies in a folder to build the image.
In contrast, you create Docker containers directly from the Docker image file.
Composition
The Docker image file is composed of image layers to keep the file size small. Each layer represents a change made to the image. The layers are read-only and can be shared among multiple containers.
The Docker container, being an image instance, also contains layers. However, it has an additional writable layer, known as the container layer, on top. The container layer allows read-write access. It also enables any changes made within the container to be isolated from other containers based on the same image.
Mutability
Docker images are immutable, which means they can’t be modified once created. If changes need to be made to an image, you must create a new image with the desired modifications.
In contrast, containers are mutable and allow modifications during runtime. Changes made within a container are isolated to that particular container and don’t affect its associated image. Some examples of changes are when you write new files, install software, or modify configurations.
When to use: Docker images vs. Docker containers
You can use Docker images and containers in combination with each other when you create and deploy software.
You use containers to build applications once and run them anywhere. You can quickly start, stop, and restart containers as needed. So, it’s easy to scale up or down based on the application's demand.
That being said, management is easier when you use both images and containers. For example, here’s how you can use them together:
- Scale your application horizontally by running multiple instances of containers based on the same image.
- Automate continuous integration and deployment (CI/CD) pipelines by using different images for development, testing, and production environments.
- Tag and manage different versions of your images. This helps you roll back or deploy specific versions as needed.
Summary of differences: Docker images vs. Docker containers
Docker image |
Docker container |
|
What is it? |
A reusable, shareable file used to create containers. |
A runtime instance; a self-contained software. |
Created from |
Software code, dependencies, libraries, and a Dockerfile. |
An image. |
Composition |
Read-only layers. |
Read-only layers with an additional read-write layer on top. |
Mutability |
Immutable. If there are changes, you have to build a new file. |
Mutable; you can change it at runtime as required. |
When to use |
To store application configuration details as a template. |
To run the application. |
How AWS can help with your container and image requirements?
Amazon Web Services (AWS) has many offerings that give you a secure place to store and manage your container images.
We offer orchestration that manages when and where your containers run and flexible compute engines that power your containers. AWS can help manage your containers and their deployments for you, so you don't have to worry about the underlying infrastructure. For more information, go to Containers on AWS.
Amazon Elastic Container Registry (Amazon ECR) is a fully managed container registry offering high-performance hosting. So, you can reliably deploy application images and artifacts anywhere. Developers building container-based applications can now discover and download Docker Official Images directly from Amazon ECR Public.
Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service. It makes it simpler for you to deploy, manage, and scale containerized applications. Amazon ECS uses Docker images in task definitions to launch containers.
Get started with Docker on AWS by creating an account today.