In Docker, what's the difference between a container and an image? [duplicate]

Images are frozen immutable snapshots of live containers. Containers are running (or stopped) instances of some image.

Start with the base image called 'ubuntu'. Let's run bash interactively within the ubuntu image and create a file. We'll use the -i and -t flags to give us an interactive bash shell.

$ docker run -i -t ubuntu  /bin/bash
root@48cff2e9be75:/# ls
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
root@48cff2e9be75:/# cat > foo
This is a really important file!!!!
root@48cff2e9be75:/# exit

Don't expect that file to stick around when you exit and restart the image. You're restarting from exactly the same defined state as you started in before, not where you left off.

$ docker run -i -t ubuntu  /bin/bash
root@abf181be4379:/# ls
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
root@abf181be4379:/# exit

But, the container, now no longer running, has state and can be saved (committed) to an image.

$ docker ps -a
CONTAINER ID        IMAGE               COMMAND                CREATED              STATUS                          PORTS                      NAMES
abf181be4379        ubuntu:14.04        /bin/bash              17 seconds ago       Exited (0) 12 seconds ago                                  elegant_ardinghelli    
48cff2e9be75        ubuntu:14.04        /bin/bash              About a minute ago   Exited (0) 50 seconds ago                                  determined_pare        
...

Let's create an image from container ID 48cff2e9be75 where we created our file:

$ docker commit 48cff2e9be75 ubuntu-foo
d0e4ae9a911d0243e95556e229c8e0873b623eeed4c7816268db090dfdd149c2

Now, we have a new image with our really important file:

$ docker run ubuntu-foo /bin/cat foo
This is a really important file!!!!

Try the command docker images. You should see your new image ubuntu-foo listed along with the ubuntu standard image we started with.


An image is an ordered collection of root filesystem changes and the corresponding execution parameters for use within a container runtime. Images are read-only.

  • https://docs.docker.com/glossary/?term=image

A container is an active (or inactive if exited) stateful instantiation of an image.

  • https://docs.docker.com/glossary/?term=container

Using an object-oriented programming analogy, the difference between a Docker image and a Docker container is the same as that of the difference between a class and an object. An object is the runtime instance of a class. Similarly, a container is the runtime instance of an image.

An object gets created only once when it is instantiated. Similarly, a container can be running or stopped. Containers are created out of an image, though this might not always be the case. The following example creates an Apache server image, runs the image, lists the images and then lists the containers:

  1. Create a Dockerfile with the following contents:

    FROM httpd:2.4
    
  2. Install Apache server

    sudo docker build -t my-apache2 .
    
  3. Run the image

    sudo docker run -it --rm --name my-running-app my-apache2
    
  4. List Docker images

    sudo docker images
    
  5. List the running Docker containers

    docker ps
    
  6. List all containers

    docker ps -a
    
  7. List latest created containers

    docker ps -l