Container concepts
Container concepts
Process Isolation
Processes cannot see the host OS
Processes cannot see into other containers
Kernel is responsible
Isolation
Resource management
Containers are immutable
Configuration changes require recreation
–
Containers versus virtual machines
Different levels of virtualization
Virtual machines isolate operating systems
Containers isolate processes
Containers are just another option!
–
Advantages
Development
Reproducible environment
Packaged runtime environment
Deployable for testing
Operations
Lightweight isolation
Density
Dependency management
Nomenclature
Container
Isolated process(es)
Runtime environment
Image
Root FS to create containers from
Immutable
Registry
Place to store images
–
Container
Isolated processes
Shared, read-only image
Dedicated, writable volume
Network
–
Why Containers
Isolated
Process isolation
Resource management
Packaged
Runtime environment
Distributable package
Automated
Reproducible tasks
Fast deployments