In the world we live in computer technology is expanding at an unprecedented rate and doesn’t seem to slow down. Concepts old and new, from labs and from theoretical world are making into mainstream consumer computing.
One such concept borrowed from the mainframe world is containers and it has taken the tech world by storm. In this article we explore containers.
To understand the concept of containers let us start with concept of virtualization. Virtualization in terms of computer technology is the ability to create virtual instance of a resource which might be hardware, device, operating system and so on. This ends up covering a very large class of items that include virtualization of hardware in form of hypervisor (virtual machines) such as oracle virtualbox, abstract computers such as JVM and .net CLR, LPARs (dividing resources in a mainframe) and virtualizing the OS in form of container
On the face of it, these technologies may seem similar but they are not.
Hypervisor essentially is a mechanism to virtualize the hardware. When one chooses a hypervisor they create virtual disks, CPU’s, network interfaces and others. These constitute the virtual machine. The virtual machine in turn hosts an operating system which in turn hosts the applications. Hypervisors can be of two types, Type1 or bare hypervisor run directly on the hardware. Type 2 Hypervisors require a host operating system to be installed and run on the same.
While Hypervisor try to share resources of underlying computers by providing virtual options, they still use the instruction set that of a raw machine. This allows standard software to run as is. Abstract computers like JVM or CLR essentially run inside an OS and provide a completely different instruction set than provided by the raw hardware. They are essentially programming models allowing software development to be friendly.
LPAR or logical partition is a mechanism is a technique to logically divide and provide resources of a mainframe. This allows virtualized seperate computers that may host separate operating systems.
Containers are a bit different, while all the previous techniques tried to virtualize the hardware and by consequence had to install a copy of operating system on each virtual computer. Containers virtualize the operating system. This mechanism of virtualization has many benefits.
Although we may continue our discussion in areas of various virtualization technologies, however we would keep our interests only in area of containers, specifically Docker.
Containers is operating system level virtualization. This is a mechanism in which the OS kernel allows existence of multiple isolated user space instances. They may feel like a real OS from the point of view of the container or the virtual instance but the OS will manage any competing resources. For example each container would feel it has access to a root directory but in reality using chroot each container would be in a separate directory.
A visible consequence of this for example starting a docker container hosting tomcat
docker run -it --rm -p 8888:8080 tomcat:8.0
This means run tomcat, and we know tomcat by default runs on port 8080. While we are mapping it to port 8888 on real machine. While in a hardware virtualization no such mapping is required.
This allows multiple instances of containers to run within one OS each mapping physically to a different port.
Containers have several benefits over traditional Hypervisor. The most visible being each instance of a VM does not require separate installation of an operating system. This in turn can save cost of resources because memory and CPU footprint comes down, reduced licensing cost of softwares like OS, antivirus, etc. Thus also speeds up the startup and shutdown process for no complete OS boot sequence is required. This making launching container an operation of matter of single digit seconds while VM’s are in order of minutes.
Containers bring their own unique set of challenges such as need for load balancers that can work on applications across different ports.
While in the VM-world if one of the VM’s OS failed it did not bring down other instances and with use of Type 1 Hypervisor (standard in commercial cloud providers) minimise risk of entire physical machine coming down. However with containers if OS comes down, it may bring down multiple containers.
Containers like VM’s require resource management and allocation to ensure no starvation occurs.
To improve reliability of containers instances should be distributed across separate physical OS. Multiple mechanisms exist to manage this for example CoreOS a distributed linux OS manages containers across separate physical instances.
While containers provide very low overhead, however one should not jump into them blindly. VM’s allow a degree of isolation across machines which containers will not users managing containers would have access to all containers on a machine. Databases tend to be an area where containers seem to be hard to manage. Having that said containers are the future and are here to stay.
Enterprises should start investing in containers and take the first steps like they took for VM’s and clouds. This transition would however need a mind set change where DB, application and network team would need to trust each other.
I would like to end this discussion with a quick discussion how containers would make the deployment process seamless and inline with leading devops practices.
The primary benefit of a container is that guarantees configuration and software across instances. For example a Tomcat 8 container with JDK 8 would be guaranteed across environments. There would be no instance of configuration mismatch. One could use this based image and modify it with application of choice.
From a development and deployment strategy that build process would prepare a container and the said container image will be deployed.
Before we finally leave this discussion we drive our discussion on a different tangent. Virtualization till now has been limited to server, however as it stands new techniques now exist to virtualize the mobile ecosystem. This would mean a single mobile phone could have multiple mobile VM’s running on them. This has far reaching benefits such as having one phone for both home and work with different images. Similarly development and testing of mobile devices can be brought down by building against a VM and having it deployed on any hardware.
Container virtualization is here to stay so start preparing.