If you’ve been anywhere near the IT industry over the last five years, you’ve very likely heard of the container platform Docker. Docker and containers are a new way of running software that is revolutionizing software development and delivery.
Docker is a new technology that allows development teams to build, manage, and secure apps anywhere.
It’s not possible to explain what Docker is without explaining what containers are, so let’s look at a quick explanation of containers and how they work.
A container is a special type of process that is isolated from other processes. Containers are assigned resources that no other process can access, and they cannot access any resources not explicitly assigned to them.
So what’s the big deal?
Processes that are not “containerized” can ask the operating system for access to any file on disk or any network socket.
Until containers became widely available, there was no reliable, guaranteed way to isolate a process to its own set of resources. A properly functioning container has absolutely no way to reach outside its resource “sandbox” to touch resources that were not explicitly assigned to it.
For example, two containers running on the same computer might as well be on two completely different computers, miles away from each other. They are entirely and effectively isolated from each other.
This isolation has several advantages:
#docker #devops