The Container Revolution. What is Docker?
What is a container ?
A container is a set of isolated processes and resources. It is an abstraction at the application level that bundles code and dependencies together. More than one container can run on the same machine and share the OS kernel with others, each of them running as isolated processes. Practicaly, a Docker container can be used to wrap an application.
Images and containers are the core concepts of Docker. A Docker Image contains everything you need to run the software (code, drivers, runtime, libraries, scripts etc.). A Docker Container is a running instance of a Docker Image which runs on the kernel of the host OS.
One of the biggest advantages of using Docker is that you can pack your application and deliver it with its configuration so it can be used out of the box. To deploy the application, it’s image must be run. After the container is started, the application can be accessed directly.
Containers are a solution to the problem of how to get programs to run smoothly when the environment is changed. In software development problems arise when the supporting environment is not identical.
Differences between a container and Virtual Machines:
- Docker containers share the same system resources as the operating system. Hardware-level resources are not separated so the containers are not independent machines.
- An operating system does not have to be installed inside
- Docker containers are lightweight because they mostly include application-level dependencies. With a full virtualized system you get more isolation but this requires much more resources. Docker provides less isolation but the containers require fewer resources so you can run thousands of containers on a host.
- A Docker container takes seconds to start whereas a full virtualized system takes minutes.
Benefits of Docker Containers
- Ensure consistency between the online and offline environments.
- The deployment process of web apps is greatly simplified
- Security is improved because of the sandbox mechanism. Since the app runs in the container and is isolated, the OS cannot be damaged. Also, if there is an attack and the web application freezes, only the container needs to be restarted.
- An application can be split into modules, each module with a separate container. This is known as the microservices approach. Changes can be done to one module without the need to rebuild an entire application. Because the containers are lightweight, microservices can be instantiated when we need them and will be available almost instant.
- Docker Containers are on every platform: Linux, Windows, Cloud, Serverless etc.