We will use here the Docker containers as an example. However, beware that it is NOT the only existent solution to work with containers, but definitely, it is one of the most used so far.
What is a container?
A container is a standard unit of software that packages up code and all its dependencies to runs solutions in isolated environments.
Just to make this idea simple by using docker we can $ docker pull `some-image` and then $ docker run `some-image` in order to get a lightweight VM with the solution running on it. We can use any Docker image available as create or own Docker images for our solutions.
NOTE: See hub.docker.com to check public images provided. Also, beware that you can create and offer images on it as well.
However, keep in mind that at the end a container is “just processes” with isolation capabilities provided mainly by Linux Namespaces and CGroups, which means that:
- Container processes are visible to the root user on the host side
- Containers have entries in the /proc as any other processes
NOTE: The /proc directory is a pseudo-filesystem in the Linux where we can check the processes by its id which are called PID. (/proc/[PID])
CGroups and LinuxNamespaces
In this way, when we run a container, it means that it will be a child process isolated in the host like the following image. Note that 1 is the init process of the host kernel and that 8,1 is the init process of the container.
To understanding better CGroups and LinuxNamespaces do the following the exercise.
https://katacoda.com/courses/docker-security/cgroups-and-namespaces
Now that you know what is a Docker container check the blog post Understanding Docker Images to know more about it and how you can create your own images. Also, please feel free to check the tag docker of this website to see all related blog posts.
Sponsored by:
www.Dev4Devs.com 
2 Comments