Containers in {product-title} are based on Docker-formatted container images. An image is a binary that includes all of the requirements for running a single container, as well as metadata describing its needs and capabilities.
You can think of it as a packaging technology. Containers only have access to resources defined in the image unless you give the container additional access when creating it. By deploying the same image in multiple containers across multiple hosts and load balancing between them, {product-title} can provide redundancy and horizontal scaling for a service packaged into an image.
You can use the Docker CLI directly to build images, but {product-title} also supplies builder images that assist with creating new images by adding your code or configuration to existing images.
Because applications develop over time, a single image name can actually
refer to many different versions of the "same" image. Each different
image is referred to uniquely by its hash (a long hexadecimal number
e.g. fd44297e2ddb050ec4f…) which is usually shortened to 12
characters (e.g. fd44297e2ddb).
Rather than version numbers, the Docker service allows applying tags (such as
v1, v2.1, GA, or the default latest) in addition to the image name to
further specify the image desired, so you may see the same image referred to as
centos (implying the latest tag), centos:centos7, or fd44297e2ddb.
A container registry is a service for storing and retrieving Docker-formatted
container images. A registry contains a collection of one or more image
repositories. Each image repository contains one or more tagged images. Docker
provides its own registry, the Docker Hub, and you can also use private or third-party registries. Red Hat provides a
registry at registry.access.redhat.com for subscribers. {product-title} can
also supply its own internal registry for managing custom container images.