Docker under the Hood — 2. Container from Scratch, and Image Storage
In the previous article of this series, we discussed the contents of a docker image — the root filesystem, and the configuration. We also tried to download the mini root filesystem of an alpine Linux, and we inspected some of the configurations of a docker image (if you haven’t done so, please read the previous article first).
Also, since the docker image follows the OCI image spec, and in recent versions, docker daemon isn’t a huge monolith anymore, but rather, it calls containerd, then runc; so, theoretically, we don’t really need to “docker pull” then “docker run” to create a container from the image, but rather, we can use containerd, or even runc, to create a container without the docker platform at all.
A quick recap: in docker (from version 1.11), the execution of containers is handled by a container runtime which is called containerd. (For more details see the first article of this series. If you haven’t done so, it’s highly recommended.)
More precisely, the Docker daemon prepares the image according to OCI image spec, creates a “filesystem bundle” that is unpacked on the disk, and makes an API call to containerd, to start the bundle.
So, let’s do that.
