Docker and Containers: Basic elements and taxonomy

I’m currently working on a Docker and Containerized applications related document and it happens that I just created the following explanatory figure.

Since I got a few people asking about several related topics in Docker, it might be useful to publish this short blog post helping out folks starting with Docker.


This diagram is just about the basics in Docker. There are many other aspects related to more complex applications, like in a microservices oriented application where you usually will need orchestrators and schedulers for your microservices and tasks. I’m not covering those in this simple post.

The following are the basic definitions for the items showed in the diagram. For further definitions, an extensive Docker Glossary is provided by Docker here:

Docker image: Docker images are the basis of containers. An Image is an ordered collection of root filesystem changes and the corresponding execution parameters for use within a container runtime. An image typically contains a union of layered filesystems stacked on top of each other. An image does not have state and it never changes.

Container: A container is a runtime instance of a Docker image. A Docker container consists of: A Docker image, an execution environment and a standard set of instructions. The concept is borrowed from Shipping Containers, which define a standard to ship goods globally. Docker defines a standard to ship software.

Usually, a container will “contain” something singular from a functional point of view, like a service, a microservice or a more monolithic application process. It is a 1:1 relationship. For instance, each microservice process would “be” a single container, too.

Repository: A repository is a set of Docker images. A repository can be shared by pushing it to a registry server. The different images in the repository can be labeled using tags.

Registry: A Registry is a hosted service containing repositories of images which responds to the Registry API. The default registry (from Docker as an organization) can be accessed using a browser at Docker Hub or using the docker search command.

Docker Hub: The Docker Hub is a centralized resource for working with Docker and its components. It provides the following services: Docker image hosting, User authentication, Automated image builds plus work-flow tools such as build triggers and web hooks, Integration with GitHub and Bitbucket.

Docker Trusted Registry: Docker Trusted Registry (DTR) is the enterprise-grade image storage solution from Docker. You install it behind your firewall so that you can securely store and manage the Docker images you use in your applications. Docker Trusted Registry is a suc-product included as part of the Docker Datacenter product. See Docker Datacenter pricing.


Related blog posts

When to use containers and when to use VMs (or both as containers usually run within VMs!)

Comments (1)

  1. John Wildes says:

    Thanks Cesar! Great post

Skip to main content