A Botnet is a collection of hosts (bots) under a common command and control infrastructure [Wikipedia: Botnet].
A host has to be compromised in order to install a bot on it. That can be done by exploiting known bugs and using standard tools like trojan horses or worms. Some bots are known to look for already installed backdoors and take over foreign bots.
Botnets can be used for Distributed Denial of Service attacks, for vulnerability scanning of other systems, for spamming, and for any other such actions taking advantage of both the anonymity of the attacker and the mass of bots. Established botnets will often be leased at a high price for profit.