What are Containers?
Containers are used by shipping industries to isolate different cargos which can container different products or similar products. Each of these containers can be delivered to different destination without any dependency on delivery of any other container. This is traditional use of the term container.
In software development, keeping in sync with the traditional meaning of the term, containers are a unit of the software package which can run independently efficiently and reliably. The unit of the software is packaged into an immutable container which cannot then be altered without rebuilding from the original source code. So, it also makes it more secure.
Container applications are abstracted from the environment where they run. This is the reason that they can be easily deployed on any infrastructure public or private cloud, private data centers or even on a personal computer.
Why do we need Containers?
Environment dependency was a big issue in traditional software design, development and deployment. Problem started happening when development and other environments were not exactly identical. For example, if a web application was developed and tested on environments running Java 11 and then the same is required to be deployed on environment running Java 8, there is no surety that the application will work flawlessly on the new environment running Java 8. This may happen in case development was done on Java 8 and deployment done on environment with Java 11. Upgrading a production environment with such dependencies required full analysis of all applications and upgrading all Java 8 applications to be compatible with Java 11. Sometime this may be done quickly, sometime it may be a complete re-writing of the application.
Apart from software dependencies, various hardware design, network and security policies also caused issues while running the same applications on different environments.
So, how containerized applications solve the above issues? Let’s discuss the same.
Containers are software packages that contains the entire runtime environment for the application. It includes all dependencies, configuration files, pre-requisite libraries and binaries and the application bundled together into one software package. In doing so, the infrastructure and OS differences are abstracted away.
Difference between Virtual Machines and Containers
In many cases, containers are confused with virtual machines. But there is a big difference between the two which can be explained with help of the architecture of both.
Applications on Virtual Machines
Virtual machines are built on top of the physical hardware and host operating system with virtualization of physical hardware with a hypervisor which is installed on the host OS. Multiple VMs can be created with Guest OS but the number of such VMs are limited to the physical hardware resources. Hypervisors are computer software, firmware or hardware that abstracts operating systems from the underlying physical hardware. It allows to create multiple VM running Guest OS on top the the host OS.
Containerized Applications
Containers also allows to package the application with all required binaries and provides isolated environment for the application to run. This is similar to a VM. But, the similarities in real sense are not similarities but completely different. VM virtualizes the physical hardware and is thus limited by the physical hardware limitation. Containers on the other hand does not virtualize the hardware but instead runs by virtualizing and sharing the host OS kernel and is such not highly dependent on the hardware size and limitations. Multiple applications can run on the same host OS sharing the same OS kernel.
We can take an example to explain both of these. For example, we have two different applications to be hosted on isolated environments. If we use virtual machines then we will need two virtual machines i.e. a hypervisor with two different operating systems running which are sharing the physical hardware with host operating system on which the hypervisor is installed.
In contrast, if we are using containerized applications the we need a container runtime engine running on top of the host operating system and running two different applications. These applications will be using the required kernel files of the host OS. But the access to the host OS is read-only. Each container has its own mount for writing which gets lost if the container is destroyed.
If we check the diagrams, we can see that the number of layers between application and physical hardware is less in container architecture.
A container application in general is only few megabytes in size, whereas VMs host their own operating system and as such have size to several gigabytes. This makes VM bulkier and more resource heavy than containers.
VMs are slower to boot and takes several seconds in best case scenario to completely boot. This is because they have their own OS kernel which takes time to boot. Containers on the other hand does not have their own OS kernel and as such can be in running condition almost instantly. The container runtime engines are also very optimized to ensure optimum use of the underlying physical hardware.
Due to these reasons containers are lightweight, uses less resources, starts much faster than Virtual Machines.
Benefits of Containers
We have seen in the earlier section how containers are different from VMs and a few benefits of containers compared to VMs. A few more benefits are provided below.
Containers are ideal for a real microservices architecture. In this case, there are multiple containers with specific task assigned to each one of them. All of it make the whole application. For example, a web based application which stores data into a database can be divided into three containers. One which will be running the application frontend, another running the application integration layer which will be a server side application hosting the web services and another container hosting the database to store the data. All these containers communicate via a separate network which allows to communicate with each other. Applications which are developed in this way are much easier to build and maintain as each modules can be developed independently without disturbing the other.
Containers can virtually run anywhere. This greatly eases the development and deployment across different operating systems.
Containers virtualizes hardware resources like CPU, RAM, Storage and network at the OS level. This gives developers a sandboxed view of the OS which is logically isolated from other applications.
Containers are silo applications which cannot connect to another container unless connection between two containers are created explicitly. So, there is no conflicting dependencies or resource retention. Resource limits for each containers can be explicitly set. The network isolation also provides an additional level of security for the administrators.
Container Runtimes
Before going to explain the term ‘Container Runtime’ lets understand what the term runtime means. Runtime refers to the lifecycle phase of a program when it is running. Specific usage of a programming language to execute a program is also known as runtime. Container runtime on the other hand is responsible for running a container but not the program to be executed inside a container. So, when we need to run containers we will need container runtime.There are many container runtimes, some of then are as follows:
- runc: A lightweight universal container runtime. It has a command line interface for spawning and running containers.
- lxc: It is a low level linux container runtime.
- Docker: This is a container management service. Here user interacts with docker engine who the sends the request to containerd. Containerd then internally call runc which is the container runtime used here. Containerd is the container daemon which controls runc.
- CRI-O: This was developed as a lightweight container runtime for Kubernetes.
- RKT: This is also a low level container runtime.
Based on the robustness, features and support Docker is the popular one here. In our upcoming post we will delve deep into different container concept explaining various topics with real-world examples.
No responses yet