{
	"id": "5d98923b-3ce3-4ec7-8d53-e8f8ed4756e3",
	"created_at": "2026-04-06T00:08:29.023819Z",
	"updated_at": "2026-04-10T03:21:32.923593Z",
	"deleted_at": null,
	"sha1_hash": "1ab6d397ff6970b480a403cafd76a92bb33aa268",
	"title": "What is Docker?",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 444698,
	"plain_text": "What is Docker?\r\nBy Docker Inc\r\nPublished: 2026-02-11 · Archived: 2026-04-05 23:43:53 UTC\r\nDocker is an open platform for developing, shipping, and running applications. Docker enables you to separate\r\nyour applications from your infrastructure so you can deliver software quickly. With Docker, you can manage\r\nyour infrastructure in the same ways you manage your applications. By taking advantage of Docker's\r\nmethodologies for shipping, testing, and deploying code, you can significantly reduce the delay between writing\r\ncode and running it in production.\r\nDocker provides the ability to package and run an application in a loosely isolated environment called a container.\r\nThe isolation and security let you run many containers simultaneously on a given host. Containers are lightweight\r\nand contain everything needed to run the application, so you don't need to rely on what's installed on the host. You\r\ncan share containers while you work, and be sure that everyone you share with gets the same container that works\r\nin the same way.\r\nDocker provides tooling and a platform to manage the lifecycle of your containers:\r\nDevelop your application and its supporting components using containers.\r\nThe container becomes the unit for distributing and testing your application.\r\nWhen you're ready, deploy your application into your production environment, as a container or an\r\norchestrated service. This works the same whether your production environment is a local data center, a\r\ncloud provider, or a hybrid of the two.\r\nFast, consistent delivery of your applications\r\nDocker streamlines the development lifecycle by allowing developers to work in standardized environments using\r\nlocal containers which provide your applications and services. Containers are great for continuous integration and\r\ncontinuous delivery (CI/CD) workflows.\r\nConsider the following example scenario:\r\nYour developers write code locally and share their work with their colleagues using Docker containers.\r\nThey use Docker to push their applications into a test environment and run automated and manual tests.\r\nWhen developers find bugs, they can fix them in the development environment and redeploy them to the\r\ntest environment for testing and validation.\r\nWhen testing is complete, getting the fix to the customer is as simple as pushing the updated image to the\r\nproduction environment.\r\nResponsive deployment and scaling\r\nhttps://docs.docker.com/get-started/overview/\r\nPage 1 of 4\n\nDocker's container-based platform allows for highly portable workloads. Docker containers can run on a\r\ndeveloper's local laptop, on physical or virtual machines in a data center, on cloud providers, or in a mixture of\r\nenvironments.\r\nDocker's portability and lightweight nature also make it easy to dynamically manage workloads, scaling up or\r\ntearing down applications and services as business needs dictate, in near real time.\r\nRunning more workloads on the same hardware\r\nDocker is lightweight and fast. It provides a viable, cost-effective alternative to hypervisor-based virtual machines,\r\nso you can use more of your server capacity to achieve your business goals. Docker is perfect for high density\r\nenvironments and for small and medium deployments where you need to do more with fewer resources.\r\nDocker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy\r\nlifting of building, running, and distributing your Docker containers. The Docker client and daemon can run on the\r\nsame system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon\r\ncommunicate using a REST API, over UNIX sockets or a network interface. Another Docker client is Docker\r\nCompose, that lets you work with applications consisting of a set of containers.\r\nThe Docker daemon\r\nThe Docker daemon ( dockerd ) listens for Docker API requests and manages Docker objects such as images,\r\ncontainers, networks, and volumes. A daemon can also communicate with other daemons to manage Docker\r\nservices.\r\nThe Docker client\r\nThe Docker client ( docker ) is the primary way that many Docker users interact with Docker. When you use\r\ncommands such as docker run , the client sends these commands to dockerd , which carries them out. The\r\ndocker command uses the Docker API. The Docker client can communicate with more than one daemon.\r\nhttps://docs.docker.com/get-started/overview/\r\nPage 2 of 4\n\nDocker Desktop\r\nDocker Desktop is an easy-to-install application for your Mac, Windows, or Linux environment that enables you\r\nto build and share containerized applications and microservices. Docker Desktop includes the Docker daemon\r\n( dockerd ), the Docker client ( docker ), Docker Compose, Docker Content Trust, Kubernetes, and Credential\r\nHelper. For more information, see Docker Desktop.\r\nDocker registries\r\nA Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker looks\r\nfor images on Docker Hub by default. You can even run your own private registry.\r\nWhen you use the docker pull or docker run commands, Docker pulls the required images from your\r\nconfigured registry. When you use the docker push command, Docker pushes your image to your configured\r\nregistry.\r\nDocker objects\r\nWhen you use Docker, you are creating and using images, containers, networks, volumes, plugins, and other\r\nobjects. This section is a brief overview of some of those objects.\r\nImages\r\nAn image is a read-only template with instructions for creating a Docker container. Often, an image is based on\r\nanother image, with some additional customization. For example, you may build an image that is based on the\r\nUbuntu image but includes the Apache web server and your application, as well as the configuration details\r\nneeded to make your application run.\r\nYou might create your own images or you might only use those created by others and published in a registry. To\r\nbuild your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the\r\nimage and run it. Each instruction in a Dockerfile creates a layer in the image. When you change the Dockerfile\r\nand rebuild the image, only those layers which have changed are rebuilt. This is part of what makes images so\r\nlightweight, small, and fast, when compared to other virtualization technologies.\r\nContainers\r\nA container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the\r\nDocker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a\r\nnew image based on its current state.\r\nBy default, a container is relatively well isolated from other containers and its host machine. You can control how\r\nisolated a container's network, storage, or other underlying subsystems are from other containers or from the host\r\nmachine.\r\nA container is defined by its image as well as any configuration options you provide to it when you create or start\r\nit. When a container is removed, any changes to its state that aren't stored in persistent storage disappear.\r\nhttps://docs.docker.com/get-started/overview/\r\nPage 3 of 4\n\nExample docker run command\r\nThe following command runs an ubuntu container, attaches interactively to your local command-line session,\r\nand runs /bin/bash .\r\nWhen you run this command, the following happens (assuming you are using the default registry configuration):\r\n1. If you don't have the ubuntu image locally, Docker pulls it from your configured registry, as though you\r\nhad run docker pull ubuntu manually.\r\n2. Docker creates a new container, as though you had run a docker container create command manually.\r\n3. Docker allocates a read-write filesystem to the container, as its final layer. This allows a running container\r\nto create or modify files and directories in its local filesystem.\r\n4. Docker creates a network interface to connect the container to the default network, since you didn't specify\r\nany networking options. This includes assigning an IP address to the container. By default, containers can\r\nconnect to external networks using the host machine's network connection.\r\n5. Docker starts the container and executes /bin/bash . Because the container is running interactively and\r\nattached to your terminal (due to the -i and -t flags), you can provide input using your keyboard while\r\nDocker logs the output to your terminal.\r\n6. When you run exit to terminate the /bin/bash command, the container stops but isn't removed. You\r\ncan start it again or remove it.\r\nDocker is written in the Go programming language and takes advantage of several features of the Linux kernel to\r\ndeliver its functionality. Docker uses a technology called namespaces to provide the isolated workspace called\r\nthe container. When you run a container, Docker creates a set of namespaces for that container.\r\nThese namespaces provide a layer of isolation. Each aspect of a container runs in a separate namespace and its\r\naccess is limited to that namespace.\r\nInstall Docker\r\nGet started with Docker\r\nSource: https://docs.docker.com/get-started/overview/\r\nhttps://docs.docker.com/get-started/overview/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://docs.docker.com/get-started/overview/"
	],
	"report_names": [
		"overview"
	],
	"threat_actors": [],
	"ts_created_at": 1775434109,
	"ts_updated_at": 1775791292,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/1ab6d397ff6970b480a403cafd76a92bb33aa268.pdf",
		"text": "https://archive.orkl.eu/1ab6d397ff6970b480a403cafd76a92bb33aa268.txt",
		"img": "https://archive.orkl.eu/1ab6d397ff6970b480a403cafd76a92bb33aa268.jpg"
	}
}