Container Registiry

Containers are a type of operating system (OS)–level virtualization that provides an isolated,
resource-controlled environment to run applications. A container is basically a type of sandbox
around a normal application OS process and is generally considered to be much more isolated
than an uncontainerized process, but not as strong as a virtual machine (VM).

Container images define how applications are packaged and only contain the application and
its dependencies such as libraries, configurations, runtimes, and tools, making a container
more lightweight than a VM. The container image and runtime are standardized through the
Open Container Initiative (OCI), which makes containers highly portable and universal, and It
makes development and deployment easier.

Docker is a platform for building, running, and shipping applications.

With docker we can easily package up our application with everything it needs and run it
anywhere on any machine with docker.

Want to run the app on different machine :-

>> simply tell Docker to bring up the app, and docker will automatically download and run all
the dependencies inside an isolated environment called a container.

>>This isolated environment allows multiple apps to use different versions of some software
side by side. All these apps can run on the same machine side by side without messing with
each other (ISOLATION).

>>When we are done with the app we can remove it with it’s dependencies in one go.

>> docker virtualize the application layer of an OS, but uses the host kernel

Whereas VM virtualize both kernel and app layers of an OS.

 VM VS CONTAINER
Container Virtual machine

An isolated environment for running an An abstraction of a machine (physical

app.
Are lightweight: they use host kernel.
(megabyte images).
Start and run quickly.(seconds)
Need less hard resources.
They share OS kernel
Compatibility:
on a linux machine we can only run linux
containers.
On a windows 10 machine : we can run both
linux and windows containers because win10
is shipped with custom built linux kernel, but
versions below win10 can only run win
container.
On a mac machine : it doesn’t have a
container app so docker on mac uses a
lightweight linux vm to run linux containers.
machine).
Problems :
 each vm needs a full copy of guest OS.
(licence, batch, and monitor).
 Slow to boot. (because the entire OS
has to be loaded).
 Resource intensive.(cpu/memory/disk
space) limited number of VMs.
 VMs images are couple of gigabytes
large.
Compatibility: VM of any OS can run on any
OS host.

Docker architecture :
 It uses a Client-server architecture.
 The Client component that talks to server is called REST API.
 The server is called docker engine and sets on the background and takes care of building
an running containers.

Docker development workflow :

 1. We take an app an dockerize it( we make a small change so that it can be run by
docker).
2. We add a docker file to the app, a docker file is a plain text file that include instruction
that docker uses to package up the app into an image, this image contain everything the
app needs to run.

Image contents:

A cut-down OS.

A runtime environment.

App files.

Third party libraries.

Environment variables.

3. a docker file is created and given to docker for packaging the app into an image.

>> Once we have the image we can push it to a docker registry(docker hub) which is a storage
for docker images that anyone(that run docker) can pull the image and use it to start a
container.

>> So with docker we no longer need to maintain long complex release documents that have
to be precisely followed. all the instructions for building an image of an application is written
in a docker file, and with it we can package the app into an image, and run the image virtually
anywhere.

Container Registry
Container Registry is a single place for your team to manage Docker images, perform
vulnerability analysis, and decide who can access what with fine-grained access control.

Azure Container Registry

is a private registry service for building, storing, and managing container images and related
artifacts. By creating an Azure container registry instance with the Azure portal. You can use
Docker commands to push a container image into the registry, and finally pull and run the
image from your registry.
Kubernetes :
Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a
cluster of hosts.

Kubernetes Architecture and How it Works?

Containers encapsulate an application in a form that’s portable and easy to deploy.

The Kubernetes architecture is designed to run containerized applications. A Kubernetes
cluster consists of at least one control plane and at least one worker node (typically a physical
or virtual server). The control plane has two main responsibilities. It exposes the Kubernetes
API through the API server and manages the nodes that make up the cluster. The control plane
makes decisions about cluster management and detects and responds to cluster events.

The smallest unit of execution for an application running in Kubernetes is the Kubernetes Pod,
which consists of one or more containers. Kubernetes Pods run on worker nodes.

Azure Kubernetes Service (AKS) :

Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by
offloading the operational overhead to Azure. As a hosted Kubernetes service, Azure handles
critical tasks, like health monitoring and maintenance. Since Kubernetes masters are managed
by Azure, you only manage and maintain the agent nodes. Thus, AKS is free; you only pay for
the agent nodes within your clusters, not for the masters.

When you deploy an AKS cluster, the Kubernetes master and all nodes are deployed and
configured for you.