Docker components and how they interact.

When we talk about containers a big name that comes into picture is docker. Docker is a leading container platform and provides all the functionalities required in the life cycle of a container. In this article, we will talk about docker components and how they work together.

Docker components and how they interact.

Docker consists of the following components.

Docker Daemon:

Docker Daemon runs as dockerd and is a continuous running process. This daemon helps you in connecting docker-cli to containers itself. Docker talks to containerd using gRPC protocol.

You can see by typing below command in your Linux machine. 

ps aux | grep docker
/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

You can see the output contains dockerd and also tells that it is using containerd.

Containerd:

Containerd daemon runs and expose gRPC API to interact with it. It handles all the low-level container management tasks, storage, image distribution, network attachment, etc. If you wanna see this you can type below command.

ps aux| grep container
0:01 /usr/bin/containerd

This shows you that containerd daemon is running and no containerd-shim is running.

Containerd-ctr:

A lightweight CLI to directly communicate with containerd. You can control containerd using this cli tool.

runc:

It is used for actually running containers. This binary deal with the low-level things like cgroups and namespaces that are required to create a container.

Whenever you run any container this process will come into the picture. To see this in action. Run the below commands in two different terminals. 

watch 'ps aux| grep runc'

And then this

docker run image_name

You will see a process will appear, create the container and then exit.

containerd-shim:

Once runc launches containers it exits. This means there is no long-running process for this container. The flow is containerd asked containerd-shim to launch container which calls runc to create container and then exits leaving a few of the things like file descriptors so that container can pass essential signals to containerd-shim.

If your container is running you can see containerd-shim is running like below

root     16097  1.0  0.0  10612  4912 ?        Sl   22:03   0:00 containerd-shim -namespace moby -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/moby/61fd4688eae0b6b938aa07d609f55150cf0231af2d6043cd01d29cee5ee63d14 -address /run/containerd/containerd.sock -containerd-binary /usr/bin/containerd -runtime-root /var/run/docker/runtime-runc

So here is a glance of how docker components talk to each other.

Docker instruct containerd to launch a container, containerd tell containerd-shim to launch a container, containerd uses runc to launch the container and then keep the signals line open with it while runc exits.

Recommended books for devops and linux admin

This was how docker components interact with each other. To know more about Docker and Kubernetes keep following my blog. A lot of such articles will be coming soon.

Please share and subscribe.

Please join our facebook and linkedin groups.

The life cycle of a container
Gaurav Yadav

Gaurav is cloud infrastructure engineer and a full stack web developer and blogger. Sportsperson by heart and loves football. Scale is something he loves to work for and always keen to learn new tech. Experienced with CI/CD, distributed cloud infrastructure, build systems and lot of SRE Stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.