Containers Overview

With all the attention the tech industry is bringing to containers we have decided to shed a little light on the subject and write a short overview of available options today. A container is a unit of an app packaged in such a way that it can be deployed as a single image on a host operating system without the need for a traditional virtualization solution. A vast array of recent (and not so recent) advances in operating systems, predominantly in the Linux kernel, enabled developers and system architects to deploy lightweight app images that can use the same kernel and other system resources directly on a host operating system. That paves the way to a whole new world of software deployment possibilities and eliminates the need for complex, expensive, and often – clunky, fully functional virtualization solutions.

LXC

LXC is one of the first container frameworks that got the ball rolling in the container space. It’s written for the Linux kernel-based systems and contains all the system APIs for targeting specific Linux kernel features (also known as namespaces) related to process isolation, containment, and system resource management (such as CPU time, RAM utilization, filesystem isolation, security, etc). LXC is distribution-agnostic, meaning that it can be deployed on top of any Linux distribution, as long as it comes with a modern kernel version. Many modern container technologies are based on LXC.

Docker

Docker is one of the most popular containerization platforms in the world of containers. It was originally based on LXC but differs from it in several fundamental ways. While LXC focuses on lightweight container deployments, Docker can be thought of as an app-based container. It is usually restricted to one process, which makes it suitable for apps based on microservices. Unlike LXC, it’s not aware of an init system, logging system, and it doesn’t know about a good old cron system even. Typically, a Docker container will contain only one process and running multiple apps within a single container involves installing a separate process manager

LXD

LXD is based on LXC and introduces a host of new features. It exposes a REST API interface, which makes the container orchestration and control significantly easier and possible through usual network-based protocols, such as HTTP(S). Also, the complete control over containers is unified to a single command-line tool, further reducing the operational overhead. It also comes with improved integration with other large scale deployment systems, such as OpenStack.

OpenVZ

Although OpenVZ started as a project of a private, commercial company (now known as Parallels, Inc), it is one of the most mature Linux-based open-source container platforms. It provides a host of advanced features related to process and resource isolation but requires custom kernel modules in order to take full advantage of the isolation capabilities. Running OpenVZ on an unpatched kernel version comes with reduced functionality.

FreeBSD Jails

FreeBSD Jails is one of the oldest container solutions, based on a BSD operating system, Jails relies heavily on ZFS storage and file system under the hood. It comes with very advanced isolation capabilities, such as restricting containers to specific network cards, and, while it is BSD-based, it can also run Linux user space software. It also comes with nested jails features, enabling system administrators to run additional jails within a single jail.

Check out our tech blog posts for more interesting stuff!