Sophia Harris
|Apr 13, 2023
Apr 13, 2023
|5 min read
Search Topic
Are you interested in learning about containers, Kubernetes, and modern application delivery but struggling to fit it into your busy schedule? Look no further. Our new ebook breaks down the basics of containerization into short, manageable exercises and explainers, so you can learn five minutes at a time. Containers are sandboxed software environments that share common dependencies, making them ideal for isolating processes for security, resource efficiency, and system hygiene. Plus, their portability and scalability make them perfect for speeding up development and providing pre-fabricated software modules.
Get started with Docker, the container engine that sets up structures like control groups that isolate containerized processes from the rest of the system. Join us on the journey to modern application delivery.
In this book, we’ll break down the basics of containerization into short, manageable exercises and explainers, so you can learn five minutes at a time. This book assumes a basic familiarity with the Linux command line and a Unix-like operating system—beyond that, you don’t need any special preparation to get started.
Whether you need a primer on containers or a quick refresher course, this book will bring you up to speed with concise explainers and hands-on exercises.
Let’s get started!
Containers are sandboxed software environments that share common dependencies, such as the operating system kernel. You might run many containers on the same machine, and where they depend on different binaries or libraries, they can use those—while sharing the same operating system layer.
More technically, we can say that containers are groups of processes isolated by kernel namespaces, control groups, and restrictions on root privileges and system calls. We’ll see what that means in the next chapter.
But first, we should think about the purpose of containerization. Why would we want to isolate our processes in the first place? Why not simply run programs in parallel on the same system?
There are many reasons why you might need to isolate processes, especially in the enterprise. You may wish to keep processes separate for the sake of security so that one program can’t access data from another. You may need to be certain that a process doesn’t have access to root privileges and system calls.
Or it may be a simple matter of resource efficiency and system hygiene. For example, on a given machine you may have one process that relies on Python 2.7 and another that calls for 3.1. Once such competing dependency requirements start to compound, they can create a real headache that process isolation goes a long way toward resolving.
One way to isolate processes is to run them on dedicated virtual machines (or VMs). For some use cases, this may be the most suitable approach, but containers offer advantages that VMs do not. Because VMs simulate an entire machine—including the operating system—they are usually much more resource-intensive. And because containers are so relatively lightweight, they are more portable and easy to replicate.
Indeed, the portability and scalability of containers mean they can speed development by providing pre-fabricated software modules in the form of container images: easy-to-download container configurations with a certain set of applications and dependencies ready to go. These container images provide readily accessible building blocks for developers, as well as a canvas that is easy to standardize across an organization.
Those are some powerful advantages that can transform the way an organization delivers software. So how do you get started working with containers? What are the primary containerization tools? Most beginners will want to start with Docker.
Today, “Docker” might refer to the company, Docker Inc., or the suite of tools that they package in their Docker Desktop application for Mac and Windows. But all of that is built around the Docker Engine container runtime: the application that builds the sandbox walls and passes messages from the processes inside to the kernel. When we refer to Docker in this book, we’re talking about the container engine. It sets up structures like control groups that isolate containerized processes from the rest of the system (and, at least initially, from one another).
Today, there are many alternative technologies available, including Mirantis Container Runtime. Often, these are designed with extra functionality—Mirantis Container Runtime, for example, provides features for enterprise security and compliance—and are built on the same open-source bones as Docker Engine.
For the purposes of this tutorial, we will use Docker Engine, which is easy to install and includes everything you need to get started.
Want to keep learning? Download the full eBook here.