How are docker and packer different? And which one should I prefer when provisioning images?

Docker is a system for building, distributing and running Docker containers. Containers can be run on Linux and Windows.

Packer is an automated build system to manage the creation of images for containers and virtual machines. It outputs an image that you can then take and run on the platform you require.

For v1.1 this includes - Alicloud ECS, Amazon EC2, Azure, CloudStack, DigitalOcean, Docker, Google Cloud, Hyper-V, LXC, LXD, 1&1, OpenStack, Oracle OCI, Parallels, ProfitBricks, QEMU, Triton, VirtualBox, VMware

Dockers Dockerfile

Docker uses a Dockerfile to manage builds which has a specific set of instructions and rules about how you build a container.

Images are built in layers. Each FROM RUN ADD COPY commands modify the layers included in a Docker image. These layers can be cached which helps speed up builds. Each layer can also be addressed individually which helps with disk usage and download usage when multiple images share layers.

Dockerfiles have a bit of a learning curve, It's best to look at some of the official Docker images for practices to follow.

Packers Docker builder

Packer does not require a Dockerfile to build a container image. It has a JSON config file which starts from a specified base image (like FROM). Packer then allows you to run standard system config tools called "Provisioners" on top of that image. Things like Ansible, Chef, Salt, shell scripts etc. This image will then be exported as a single layer, so you lose the layer caching/addressing benefits compared to a Dockerfile build.

Packer allows some modifications to the build container environment, like running as --privileged or mounting a volume at build time, that Docker builds will not allow.

Times you might want to use Packer are if you want to build images for multiple platforms and use the same setup. It also makes it easy to use existing build scripts if there is a provisioner for it.