Why Containers
Why Containers
Isolated
Process isolation
Resource management
Packaged
Runtime environment
Distributable package
Automated
Reproducible tasks
Fast deployments
Internals
Namespaces
- Used for resource isolation
- Isolation of resource usage to limit visibility
- Types are PID, network, mount
c(ontrol)groups
- Used to limit resource usage for proceses
- Limits and measures access to…
- …CPU, memory, network, IO
Docker
Packaged
- Includes dependencies
- Distributable
Immutable
- Incremental changes not supported
- Changes require rollout
Automated
Stateless
- By default, no persistence
Is Docker still relevant?
With regard to…
Orchestration
Container runtime
Image build
- Yes
- Other image builders are still niche players
- Examples:
buildah
, img
, kaniko
(list not exhaustive)