How are docker and packer different? And which one should I prefer when provisioning images?

Docker is a system for building, distributing and running Docker containers. Containers can be run on Linux and Windows.

Packer is an automated build system to manage the creation of images for containers and virtual machines. It outputs an image that you can then take and run on the platform you require.

For v1.1 this includes - Alicloud ECS, Amazon EC2, Azure, CloudStack, DigitalOcean, Docker, Google Cloud, Hyper-V, LXC, LXD, 1&1, OpenStack, Oracle OCI, Parallels, ProfitBricks, QEMU, Triton, VirtualBox, VMware

Docker's Dockerfile

Docker uses a Dockerfile to manage builds which has a specific set of instructions and rules about how you build a container.

Images are built in layers. Each FROM RUN ADD COPY commands modify the layers included in a Docker image. These layers can be cached which helps speed up builds. Each layer can also be addressed individually which helps with disk usage and download usage when multiple images share layers.

Dockerfiles have a bit of a learning curve, It's best to look at some of the official Docker images for practices to follow.

Packer's Docker builder

Packer does not require a Dockerfile to build a container image. It has a JSON config file which starts from a specified base image (like FROM). Packer then allows you to run standard system config tools called "Provisioners" on top of that image. Things like Ansible, Chef, Salt, shell scripts etc. This image will then be exported as a single layer, so you lose the layer caching/addressing benefits compared to a Dockerfile build.

Packer allows some modifications to the build container environment, like running as --privileged or mounting a volume at build time, that Docker builds will not allow.

Times you might want to use Packer are if you want to build images for multiple platforms and use the same setup. It also makes it easy to use existing build scripts if there is a provisioner for it.


Expanding on the Which one is easier/quickest to provision/maintain and why? What are the pros and cons of having a docker file?`

From personal experience learning and using both, I found: (YMMV)

  • docker configuration was easier to learn than packer
  • docker configuration was harder to coerce into doing what I wanted than packer
  • speed difference in creating the image was negligible, after development
  • docker was faster during development, because of the caching
  • the docker daemon consumed some system resources even when not using docker
  • there are a handful of processes running as the daemon

I did my development on Windows, though I was targeting LINUX servers for running the images. That isn't an issue during development, except for a foible of running Docker on Windows.

  • The docker daemon reserves various TCP port ranges for itself
  • The ranges might change every time you reboot your system or restart the daemon
  • The only error message is to the effect: can't use that port! but not why it can't

BTW, The workaround is to:

  • turn off Hypervisor
  • reboot
  • reserve the public ports you want your host system to see
  • turn on hypervisor
  • reboot

Running packer on Windows, however, the issue I found is that the provisioner I wanted to use, ansible, doesn't run on Windows.

Sigh.

So I end up having to run packer on a LINUX system after all.

Just because I was feeling perverse, I wrote a Dockerfile so I could run both packer and ansible from my Windows station in a docker container using that image.


Docker builds images using a Dockerfile. These can be run (Docker containers).

Packer also builds images. But you don't need a Dockerfile. And you get the option of using Provisioners such as Ansible which lets you create vastly more customisable images. It isn't used for running these images.

Tags:

Docker

Dockerfile

Packer

Docker Compose

Recent Posts