Containers: What are they and why do you need them?
Virtual machines revolutionised pretty much the industry at the time of their inception. Today another huge revolution is happening in the IT: containers. Many are speaking of it, but as any buzz-word, it can be difficult to understand its true form.
Physical vs Virtual
Before understanding containers, you should first be comfortable with Virtualization: the technology used to create virtual machines. In the past we had many physical servers each sitting around 20% of their capacity with usually one or two applications. When virtualization entered the field, it was possible to install more than one operating system and more than one application on the same machine, consolidating the workload. You could easily convert two or three (or even more) physical machines into the same number of virtual machines and make them run on only one server, thus cutting expenses and consolidating workloads. But all of that came with a price: each virtual machine creates an abstract version of physical components (CPU, RAM, Storage, etc.), this process consumes resources and produces overhead. That happens because the hypervisor has to recreate the whole physical stack and isolate the resources and present them to the different virtual machines.
Containers: like VM, but less overhead
As the title says, that’s what containers really are. No turnkey, no buzzwords. Containers are literally operating systems/applications sitting inside boxes and placed on the top of an existing kernel. What does that mean? That the focus is the same of virtualization, but a container doesn’t abstract hardware, thus reducing overhead. Containers, also share the kernel with their host, and on top of that they can also share libraries (not in every case). All of this enables single machines to run many more containers than virtual machines, achieving higher density. However, everything comes with a price: security isn’t as strict as virtual machines since containers share resources among themselves and with the host.
There are two main types of container:
- Operating system: the operating system is contained. These containers spawn multiple processes. Prominent examples are BSD Jails, LXC, LXD and Virtuozzo.
- Application: only the application and the strict needed to make it work is contained. Only one process is usually spawned. The most prominent example is Docker.
What about Windows?
Although this is principally a *nix blog, I couldn’t really avoid this paragraph since the post is mostly theoretical. Windows containers do exist. Although you can run Docker on Windows, that’s not what we’re talking about. We’re talking about native solutions. Microsoft has two:
- Hyper-V Containers
- Windows Server Containers
Part of Microsoft Windows Server 2016, these two solution are similar to the *nix ones and as a matter of fact they aim to achieve the same thing, though on different platforms. If you are interested you can find more here.
You now know what containers are and what they are capable of. You understand that they are no turnkey and don’t magically scale up. It is up to the solution architects to select the best solution for each case. Continue the reading with: Docker what is it and how to get started and LXC: Getting started.