Server virtualization, through VMware, Hyper-V, Xen and KVM, was literally ruling the world of cloud computing- until containers came along. The status quo changed in 2005 after Google initiated a project to solve elasticity problems on their web-services. On experimenting with virtualization, they noted poor resource management and hired a team of Linux engineers who […]
Server virtualization, through VMware, Hyper-V, Xen and KVM, was literally ruling the world of cloud computing- until containers came along. The status quo changed in 2005 after Google initiated a project to solve elasticity problems on their web-services. On experimenting with virtualization, they noted poor resource management and hired a team of Linux engineers who were already working on a cgroups concept to develop a better, more effective, elastic resource management solution. Through that, containers were ultimately born and have since taken over the IT world by storm.
With the current ecosystem primarily revolving around Docker, software containers are increasingly gaining traction and exponentially growing within the IT community. Although the technology is relatively immature, it’s significantly affecting processes, particularly server resource management. This is achieved through resource isolation features like namespaces and cgroups, plus additional kernel resource management systems which manage different entities of the server operating systems. The resultant benefits include:
With virtualization, a single operating system is spread across the entire server, regardless of the application size. Consequently, a lot of server resources are dedicated and utilized to run even the smallest applications which can be effectually handled by just a fraction of the resources. Ultimately, a couple of servers are dedicated to run multiple applications, which technically require resources in just a single server.
Software containers solve this problem by partitioning servers according to their resources, hence allowing multiple applications to smoothly run on them. Such a set up would presumably consume a significant amount of power and rack space. However, by inducing overhead on memory and CPU, containers prevent it and additionally allow efficient shifting of resources according to application requirements.
Effective Resource Isolation
Although applications are ran on the same server and theoritically utilize the same resources, they do not interact or interfere with each other. Each instance is executed independently on its own set of isolated resources, leaving the rest of the resources to other processes.
In addition to optimizing application resource handling, this feature prevents bugs from being transmitted from one application to another. If one crashes, the other continue running without any technical problems. Similarly, if one is breached through direct hacking or malware, the threat is quarantined and prevented from spreading to other applications on the same server. Therefore, although software containers may have addition security vulnerabilities compared to VMs, they are more reliable and efficient in handling breaches.
Efficient App Testing
Before the adoption of containers, app developers primarily tested their apps on virtual machines, which consumed a significant amount of server resources. Single app tests through this method have been fairly simple and affordable since costs are charged according to the overall computer processing times (with a minimum of 10 minutes to 1 hour per session). They however, shoot up very drastically when testing several apps since each server can only manage a single test at a time.
Software containers on the other hand, can efficiently handle hundreds, and even thousands of app tests at a time. You therefore end up paying for a single test instance but instead utilize the time to run other multiple tests, consequently making significant cost savings.
They are also ideal because of their "sandbox environment", which can be easily set up to facilitate the testing of applications in a safe and secure environment. In cases where for container repository you use Btrs file system, instances can be rapidly spawned and cloned even with minimal amount of disk space.
Short Boot Up Process
With an increasing need for faster computers with improved efficiency, most organizations are adopting software containers for their significantly shortened boot up processes. Contrary to virtualized servers which take about a minute to fully boot up and avail system resources to users, containers only take 1/20th of second. This is achieved by eliminating the full resource analysis and boot up process which occurs when starting a virtual server. Instead, a container only focuses on its respective isolated resources, consequently availing them at a much shorter time. Ultimately, this helps organizations improve their service delivery by saving time which would otherwise have been spent on system boot up processes.
Speed and efficiency doesn't only apply to booting up- it proceeds to subsequent processes. By subdividing and isolating resources according to respective process requirements, containers efficiently execute tasks at a much faster rate compared to virtual machines. Additionally, since they are light, they free a significant amount of disk space and CPU to other processes and applications.
One of the strategies used to further boost processing speed is underwriting key kernel and user space work. This subsequently allows you to come up with VM-like containers embedded with root, and ultimately optimize speeds for both root and non-root users.
In addition to resource control and management, containers allow users to easily control the precise software and data components which are installed. This is effectually achieved with the help of scripted, repeatable instructions within respective setup files.
By improving the process of updating the environment during application updates, containers also offer users the chance of conducting frequent security patches. Consequently, although not permanently, security risks are considerably reduced.
With these as clear indications of how users are largely benefitting from containers, it's evident that the technology is here to stay. A lot of development is expected to further improve it and get rid of its prime weaknesses, including increased vulnerability. It should however, not be considered as a replacement to VMs, but rather as a complementary technology. In fact, organizations stand to benefit greatly by implementing both solutions and efficaciously on how to leverage the hybrid setup.
Author: Davis Porter
Image Courtesy: Stuart Miles, freedigitalphotos.net/