Containers
-
This Self contained package that contains everything that binary/application need to run.
Only 1 Application can run inside container and all its dependent libraries.
Each container has its own: Network interface, IP address, file system, All containers share the kernel of the host.
All containers share the kernel of the host.
Isolation(achieved using kernel namespace, cgroups) processes running on single host. Isolated from other processes
Issues without containers?
1. App-1 have dependency on shared library(libcv1). App-2 have dependency on shared library(libcv2). Both cannot run on 1 box.
2. All programs to share same versions of shared libraries which makes application tightly coupled.
Advantages of Containers 1. lightweight Use less memory: Simple web application running inside container takes 100MB space.
2. Secure: Reduces the chance that malicious code present in one container impacting other containers or invade the host system.
3. Portable: abstraction from the host operating system makes containerized applications portable ie able to run on any OS,VM.
Container vs VM
| Container | VM | |
|---|---|---|
| size | smaller | Bigger wrt container |
| capability | smaller | Bigger wrt container |
| What | Pacakaged s/w | Copy of OS |