Containers

Introduction to Linux containers.

What are containers?

A Container can be seen as a minimal virtual environment that can be used in any Linux-compatible machine (and beyond).

Using containers is time- and resource-saving as they allow:

• Controlling for software installation and dependencies.

• Reproducibility of the analysis.

Containers allow us to use exactly the same versions of the tools.

Virtual machines or containers ?

Virtualisation	Containerisation (aka lightweight virtualisation)
Abstraction of physical hardware	Abstraction of application layer
Depends on hypervisor (software)	Depends on host kernel (OS)
Do not confuse with hardware emulator	Application and dependencies bundled all together
Enable virtual machines	Every virtual machine with an OS (Operating System)

Virtual machines vs containers

Source

Pros and cons

ADV	Virtualisation	Containerisation
PROS.	Very similar to a full OS. High OS diversity	No need of full OS installation (less space). Better portability Faster than virtual machines. Easier automation. Easier distribution of recipes. Better portability.
CONS.	Need more space and resources. Slower than containers. Not that good automation.	Some cases might not be exactly the same as a full OS. Still less OS diversity, even with current solutions

History of containers

chroot

• chroot jail (BSD jail): first concept in 1979

• Notable use in SSH and FTP servers

• Honeypot, recovery of systems, etc.

Additions in Linux kernel

• First version: 2008

• cgroups (control groups), before “process containers”

  • isolate resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes

• Linux namespaces

  • one set of kernel resources restrict to one set of processes