What you need to know about containerization
Just as in shipping physical cargoes where a load in a container can share transport on a train or ship with other similar loads while remaining separate, so in computing a containerized application is able to share machine space with many others whilst remaining separate in its own "box".
You might be wondering how this differs from full virtualization? A virtual machine provides a complete environment running an operating system and applications totally separate from the OS of the host server. A containerized application on the other hand is fully self-contained in terms of a business application, but is designed to work with the operating system kernel of the host. This provides a lighter weight alternative to full virtualization, allowing the application to be run on any physical machine that shares the same operating system, but otherwise behaving as though it’s independent.
Containers are sandboxed so that they can’t interact with each other in order to preserve the integrity of data and keep them secure. The big advantage that containerization offers is the ability to run many more applications on a single server than you could with full virtual machines. A container can be booted much faster and imposes much lower overhead on the host system.
In recent years containerization has gained in popularity mainly thanks to the open source Docker environment. Docker applications are able to run independent of the infrastructure on physical machines or in the cloud.
Container Technology
Although containers on Solaris and other systems have been around for a long time, the roots of modern containerization lie in the Linux Containers (LXC) format which provides an interface for Linux kernel features. Containers share the Linux kernel of the host machine which means that all containers on the same system operate using the same kernel.
Using this technology means that containerization can only work in Linux environments and run Linux applications. Virtual machine systems, like VMware, by contrast allow applications to run on Windows or any other supported operating system.
Docker remains the market leader, largely thanks to the Docker Hub a repository of container images for databases, programming languages, applications and more. This is a publicly available resource and has tens of thousands of images available, making setting up Docker systems a straightforward process.
Each container is built up of layers which are used to build the required functionality. This means that when downloading an image only those layers which aren’t available locally need to be transferred, contributing further to the container’s light footprint.
Although Docker has perhaps done most to popularize containers since its launch in 2013, it isn’t the only option available. Canonical, the company behind Ubuntu Linux, has produced an LXD containerization for the Ubuntu OS which is also integrated with OpenStack.
CoreOS also produce Rocket, an alternative to Docker that’s designed to be more lightweight. Rocket runs as a command line toolkit, allowing users to run containers based on the App Container Specification (appc). This is something that CoreOS has developed to provide a set of open and simple specifications for a portable container format. Rocket also supports Docker images, making it more attractive to developers.
Containerization for Windows
Microsoft too is embracing containerization technology and has partnered with Docker to provide container systems on Windows Server and the Microsoft Azure platform. This doesn’t mean that you can run Linux-based Docker containers on Windows systems, but rather that technologies are added to Windows Server to allow containerized native Windows Server and .Net applications to run.
As of 2016 Microsoft launched Nano Server, this is a cut down version of Windows Server designed specifically for running containers and taking up much less space than a full copy of the operating system.
Security Concerns
Running a number of application containers on the same server and sharing the same OS kernel has raised security concerns, particularly in the early days of the technology. In response to these concerns CoreOS and Ubuntu have both developed secure container technology.
Since its launch Docker has also focused on improving its security. It now supports isolation APIs and it has incorporated a signing and verification workflow to make certain that containers are not tampered with.
The rise of containerization is also producing a shift away from security at the network level towards securing the containers themselves.
Containers and Business
For business users the big advantage of using containers is that they offer a consistent environment all the way from development to production. There‘s no risk of introducing errors when software is moved to a different machine as the same container is used by developers, testers and in production.
Moving to new hardware or to a different cloud platform is also easier, since if the software is in a container it should run in exactly the same way wherever it is. Because a container is also much smaller than a full virtual machine it’s easier to share.
The Future
The key to the popularity of containerization is that it offers the resilience and isolation of a virtual machine but a lighter footprint and lower licensing and maintenance costs. For this reason it’s likely that containers will overtake virtualization. In the short term this is likely to see an overlap where containers are run on virtual machines as enterprises transition to a fully containerized environment.
Docker will probably remain the leading container platform for some time to come. Partly this is due to its head start, and the advantage of off-the-shelf container images available from the Docker Hub. The adoption of Docker images by Rocket actually strengthens Docker’s position since it underlines the importance of the Docker image format.
There’s little doubt that the advantages of containerization mean that it’s here to stay. Because it frees applications from the hardware it makes transitioning to the cloud and even moving between public cloud providers a much easier process. Any business considering investing in new infrastructure or applications can’t afford to ignore the benefits offered by a containerized environment.
Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.
Photo Credit: Andrey Lebedev / Shutterstock.com