What Is Containerization?

Jul 31, 2022 5 min read

What is a Container?

A Container is a storage unit that holds your code and all its dependencies to run on a program quickly and reliably. It’s a sand boxed environment which restricts the code in the container to talk to the process within that container (unless explicitly defined). These containers are hardware agnostic and runs identical in various environments regardless of the infrastructure.

How does this work?

Containerization is possible through a feature in Linux kernel called CGROUPS abbreviated for Control Groups. CGROUPS limits and isolates the resource usage of a collection of process (ex: CPU, RAM, Disk I/O, Networks, Etc.,)

The three ways we can run applications are through:

  • Bare Metal
  • Virtual Machine
  • Container

Bare Metal

It is a traditional way of running softwares, where an application is tightly coupled to the operating system. Setting up this environment is as simple as:

  • Setting up the operating system for development/production
  • Install the technology stacks (NodeJS, Databases, Etc.,)
  • Run your application on top of this stack.

This is efficient in terms of resource usage and gives you excellent performance. However, it is not scalable as it is tightly coupled to the operating system and hardware. Any major change to the operating system or hardware could break your application.

Issues that we face in this type of environment:

“My software works fine in my computer but it isn’t working in the QA / Production”

That’s because local development environment is different from production. If you develop on a MacOS (or Windows) and deploy the application to a Linux environment, the chances are that certain parts of the application may not behave the same as in your development environment. It’s due to the change in infrastructure, hardware and networking.

“My server got hacked and I lost my data because of a vulnerability that allowed root access to the server”

If your application gets hacked due a vulnerability in a third party package, hacker now has access to your server and can steal your data on the server or worst, he could purge all your data. This is a risk that no Business can afford.

There are plenty of issues that a developer can run into using Bare Metal hardware for running applications. This isn’t a safer option if you are on production and running multiple application on a single host.

Virtual Machine

Here, A virtual appliance is deployed on a hardware. A Virtual Appliance is a virtual machine image file that consists a pre-configured operating system with a software solution. This virtual machine image file could be transferred from one system to another. This reduces the deployment time and you can be sure that your software works as intended on different platforms. There are advantages to this type of deployment, but its disadvantages outweigh the advantages.

System resource usage is one of the critical aspects of a server. Virtual Machine based applications are resource intensive due to the fact that there is a guest operating system that runs on top the primary operating system through Virtualization. If we have to run one more instance of this application, then we would end up having 3 operating systems running on a machine at the same time. I.e. Your main operating system runs two other operating systems to run two instances of an application. Your system resources usage could be full at this point. This isn’t efficient and cost effective.

If budget is not a concern, then this type of environment is optimal, as you can run applications on separate virtual machines with isolation & enhanced security.

Container based Applications

A container is a user space that runs on top of Linux kernel. This confined user space is a sand boxed environment that can run different types of applications, databases or different operating system. They are similar to virtual machines but instead of running a new operating system with its own kernel they make use of existing Kernel and creates a user space to run applications. This can be called as operating system level virtualization. But unlike full virtualization using tools such as VMWare and Virtual Box, Containerization is resource friendly, scalable and out performs virtual machines. Docker is a well known example for Containerization software.

Are you working on a NodeJS project with MongoDB? Spin up a container dedicated to NodeJS and MongoDB configuration. Is your project based on python and elastic search? Spin up a container and setup a python-based development environment with elastic search. I run multiple Linux operating systems such as CentOS, OpenSUSE, Kali, Debian and alpine… To test out different operating systems and build docker containers for my projects. This way you can ensure not to break your primary operating system during testing.

Cool features such as taking snapshots, version control them and exporting them as a portable file so that you can restore it into a different system makes it a viable technology we can’t resist.

Containers are secure by default if you run them as non-root user and enabling security features such as SE-Linux and App-Armour. Since containers are modular it is easier to scale them and or to replicate them for other projects. It has never been easier to use these techniques for software development.

Conclusion

No technology is perfect and same goes for Containerization. The main draw backs with Containers are:

  • They don’t run at Bare Metal speeds.
  • Graphical application does not work well.
  • Persistent storage is complicated
  • Not supported for all software applications available in the market

Yet this is one of the booming technology developers are excited for in the future.

Tags

VIRTUALIZATION DOCKER DEPLOYMENT DEVOPS