What is containerization and how does it work?

Containerization is an increasingly popular concept in the software development world. Much lighter than traditional virtual machines, this technique allows applications and their dependencies to be grouped and managed in separate containers that are isolated from each other. You have to think of containerization as a system of layers. First, the OS, then the necessary functionality.

Like virtualization, containerization aims to isolate applications in a dedicated environment. However, its vision is more atomic and aims to reduce the scope of services as much as possible by isolating them from each other, whereas virtualization would tend to consider an ecosystem as a whole.

Unlike virtualization, containerization has the advantage of not requiring the installation and configuration of a new virtualized system. [...]

Here is a diagram illustrating the difference between a container and a virtual machine:

Containerization: Containers VS Virtual Machines (VM)

(The host operating system is the primary operating system on which a guest system, called the guest operating system, is running. The host operating system provides resources such as memory, processor and storage to the guest system. The guest system, on the other hand, runs in a virtual machine on the host system and can be used to run different applications and systems than the host system).

Here is a comparison of the differences between virtual machines and containers:

Virtual Machine (VM) Container (Docker image)
Heavy Slight
Limited performance Native performance
One virtual machine = One OS All containers are powered by the host OS
Virtualization at the hardware level OS Virtualization
Starting time in minutes Start-up time in milliseconds
Requires a lot of memory Requires less memory
Fully insulated Maybe less sure

Docker images: the basis of containerization

Docker, which is one of the most widely used containerization tools today, bases its operation on the principle of image. It should be seen as an application that would be built layer by layer like an onion. The first layer represents the operating system and contains the bare minimum to function. To this are added additional functionalities, in superimposed layers, the new one taking advantage of the previous ones.

These layers are frozen in an immutable image and can be modified or extended to add new functionality. This structure can be modified by adding new layers, but not by modifying existing layers.

But what is a container anyway?

A container is an instance of a Docker image. This means that it is a running image.

Benefits of Docker for developers

Developers like Docker for the following benefits:

  • Portability: Docker applications can be deployed on any platform that runs Docker, which facilitates the configuration of development environments and testing. This is a significant time saver when integrating a new collaborator, especially since each team member has an iso-functional environment.
  • Isolation: Docker containers are isolated from each other, which avoids dependency conflicts and installation errors. (e.g.: an application, a database, a monitoring tool, ...)
  • Automation: Deployment and configuration processes can be automated using Dockerfile instructions and scripts, which speeds up development.

Benefits of Docker for infrastructure operators

Infrastructure operators value Docker for the following benefits:

  • Resources: Docker containers are lighter than virtual machines, which means they require fewer system resources to run.
  • Scalability: Docker applications can be deployed across multiple nodes to manage workloads, enabling simple and efficient horizontal scalability.
  • Maintenance: Docker images can be updated and deployed seamlessly, making it easy to maintain applications.

Containers do not only have advantages!

Containerization has a few drawbacks inherent in the way it works. Managing many containers is generally more complex than managing a single virtual machine. This is especially true for network and storage resources.

If you use too many containers on your operating system, they can consume a lot of resources and thus overload it. We can also add that containers are themselves limited by the host OS. This can potentially lead to limitations on applications.

Containers with embedded applications that have vulnerabilities can fall victim to attacks. This is also a risk if containers are misconfigured.

rmq: there are many configuration possibilities that allow to limit the risks for the host system as well as for the containers (allocated resources, users running the applications, ...)

Two different use cases for containerization: deployment and production

Containerization is an ideal solution for providing development environments anytime, anywhere and on any machine, because of its lightness and the fact that it is possible to embed all software, settings and configurations. It allows the developer to work on any machine without worrying about configuration or different versions of programming software.

For deployment, it is also popular thanks to its great flexibility. Indeed, thanks to container orchestration tools, such as Kubernetes or Swarm (native, less advanced), it is quite possible to adjust, almost in real time, the resources allocated on a server for example.

This saves energy, storage space and reduces complexity.

How to use Docker for your next application

To use Docker for your next application, you will need the following:

  • A computer with Docker installed: You can download and install Docker on your computer using the official Docker website.
  • A Docker image: You can download a pre-built Docker image (from the Docker hub) or create your own using a Dockerfile.
  • A Docker container: You can run a Docker image to create a container that runs your application.

Finally, here is a small list of resources for containerization:

  1. Docker: This is the best known and most used containerization tool. It allows to create, deploy and manage containers easily. It is also compatible with many operating systems and platforms.
  2. Kubernetes: This is an open-source system for container orchestration. It allows you to automatically manage the scale, availability and deployments of containers across multiple nodes.
  3. Apache Mesos: This is an open-source resource scheduling system that allows you to manage containers as well as other types of tasks on a cluster.
  4. LXC (Linux Containers): It is a set of open-source tools for the creation and management of Linux containers.
  5. LXD (Linux Containers Daemon): This is an open-source tool for managing Linux containers that offers a more user-friendly interface than LXC.
  6. Singularity : It is an open-source tool for containerization specially designed for HPC (High-Performance Computing) environments.

Share this article!