Docker Engine

Docker Engine vs. Docker Machine

Docker Engine was initially developed for Linux systems, but with version updates extended to operate natively on both Windows and Apple OSes. Docker Machine is a tool to install and manage Docker Engine on several virtual hosts or older versions of Apple and Windows OSes. Commands input through Docker Machine, installed on the local system, will not only create virtual hosts, but also install Docker and configure its clients.

While Docker Engine now runs natively on Windows and Apple, Docker Machine can still be used to manage virtual hosts on both OSes and Linux, or on company networks, in data centers or on cloud providers such as Amazon Web Services, Microsoft Azure and Digital Ocean.

Docker Engine and swarm mode

Starting with version 1.12, Docker Engine incorporates Docker Swarm directly into the engine, which renamed the orchestration service to swarm mode. Version 1.12 and higher make swarm mode the default clustering and orchestration service, but not the only one Docker supports.

A swarm is a cluster of connected Docker Engine hosts onto which an admin can deploy application services. Docker Engine enables instantiation of both manager and worker nodes from a single disk image at runtime instead of deployment. Because Docker Engine runs on a declarative model, swarm mode will maintain and return to the declared desired state in the event of an outage or scaling event.

Docker Engine plug-ins and storage volumes

Docker Engine can use a range of plug-ins, made available as images hosted in either a private registry, a public source such as GitHub, or on Docker Hub. An admin can manage the entire lifecycle of a plug-in from installation to deletion with Docker Engine. Plug-ins create items such as data volumes, which are directories that exist in a container.

Docker Engine creates a data volume with a container image concurrently, and can include data copied from a parent image. These volumes are both sharable and reusable between containers and are not deleted with the deletion of the container. Users are responsible for their data volumes, as Docker Engine does not delete or collect alienated data volumes.

There are three types of volumes: host volumes live in the filesystem; named volumes are managed by Docker on the disk whereon the volume is created and named; and anonymous volumes are similar to named volumes but difficult to reference per anonymity.

Docker networking

Docker Engine includes three network models: bridge refers to the docker0 network, which is the default; none adds containers to a container-specific network stack, but can be detached from the container and left running; and host adds containers to the host's network stack with no isolation between host machine and container.

Docker Engine provides default network drivers for users to create unique bridge networks controlling container communication. Docker Inc. recommends that users define their own bridge networks for security purposes.

Containers can connect to multiple networks -- or none -- and can connect and disconnect from networks without disrupting container operation.

Docker Engine networking and swarm mode can work together to create overlay networks on manager nodes without an external key-value store, which is necessary for clusters that aren't managed by swarm mode. This overlay network is only available to the worker nodes that require it for a service, and will extend automatically to any new nodes running the service. Overlay networks are possible without using swarm mode, but require a valid key-value store service; this method is not recommended for most users.

Network driver plug-ins can also be created, if any of Docker's three standard network types don't suit the user's needs. These plug-ins feature the same restrictions and rules as other plug-ins and use the plug-in API.