Why Containers

Isolated

Process isolation

Resource management

Packaged

Runtime environment

Distributable package

Automated

Reproducible tasks

Fast deployments

Internals

Namespaces

Used for resource isolation
Isolation of resource usage to limit visibility
Types are PID, network, mount

c(ontrol)groups

Used to limit resource usage for proceses
Limits and measures access to…
…CPU, memory, network, IO

Docker

Packaged

Includes dependencies
Distributable

Immutable

Incremental changes not supported
Changes require rollout

Automated

Image builds
Deployments

Stateless

By default, no persistence

Is Docker still relevant?

With regard to…

Orchestration

No, Kubernetes has won

Container runtime

Often, but containerd is growing quickly

Image build

Yes
Other image builders are still niche players
Examples: buildah, img, kaniko (list not exhaustive)

Nicholas Dille

Why Containers

Why Containers

Isolated

Packaged

Automated

Internals

Namespaces

c(ontrol)groups

Docker

Packaged

Immutable

Automated

Stateless

Is Docker still relevant?

Orchestration

Container runtime

Image build