Running an application efficiently on a new machine can be tricky. Every environment is different, often leading to compatibility issues. Your software might be tested just with certain versions of system software and supporting libraries. If a different version of Java or PHP is installed, you might get subtle bugs that would never show up in your testing environment.
But what if you could completely isolate an application from everything but the underlying operating system, give it its own environment, and use exactly that environment no matter where you install it? That would eliminate the huge majority of configuration headaches. This is what containerization offers.
A container is a self-contained environment that you can install, as a unit, on any server that meets some basic requirements. It's similar to a virtual machine in some ways, but much more lightweight. There is not a significant boot time to get it running. The developer creates and distributes a container image, which you can run any number of times on one machine. Each copy is its own self-contained world, sharing only the operating system kernel with the others. You can start and kill instances as needed with very little overhead. Rather than having to go through configuration headaches for each machine, you just need one configuration per supported operating system.
SEE ALSO: Containers Vs. Config Management
A container image is significantly smaller than a virtual machine image, with less duplication of files, and kernel-level data structures only have to appear once in memory, so a physical machine can run more simultaneous containers than it could virtual machines. Deployed in a cloud environment, containers provide an extremely high level of scalability.
Where necessary, each deployed instance of a container can have its own environment variables, passed as parameters at launch time. For instance, a launch parameter could distinguish a test instance from a public one.
The container image includes its entire runtime environment.
This can include:
Its own process. It's like a logged-in user, running independently of any other user or container processes.
Its own file system. It doesn't see any files except its own, and no other user-level processes see its files.
Its own interpreter for whatever language the process needs.
Its own network space, local IP address, and HTTP server.
Its own runtime libraries, so they won't conflict with pre-installed libraries or with any other software running on the machine.
The concept stems from Linux Containers, first developed in 2008. Today many competing container frameworks are available, each with its own development, deployment, and communication tools.
SEE ALSO: Running Containers In Production
Containers simplify the development process.
The developers create a container image with the latest build of their software and test it until they think it works. Then they hand the same image to the QA testers; whatever bugs turn up at that step will be replicable, since the test environment is identical to the development one. Finally, the image goes to the production machine, perhaps with an environmental variable flipped to turn off testing features. Few surprises should turn up in the release, since it's all the same container image. In a traditional development environment, little differences in the runtime environment always cause some unexpected results.
A host that runs only containers can carry significantly less overhead than a normal operating-system distribution. Each container holds all the software it needs, so the host needs only its kernel and the container platform. Distributions of Windows Server and Linux are available for this purpose.
Containers don't make virtual machines obsolete for delivering server-side applications. Some situations need full control of the VM, and a separate VM offers a higher level of isolation where security is a top priority.
The combination of cloud services with containers is one of the hottest trends in software development and employment, and it will only continue to grow.
Get the latest posts delivered right to your inbox.