Containerization and Isolation
Containerization and isolation are not new concepts. Some Unix-like operating systems have leveraged mature containerization technologies for over a decade.
In Linux, LXC, the building block that formed the foundation for later containerization technologies was added to the kernel in 2008. LXC combined the use of kernel cgroups (allows for isolating and tracking resource utilization) and namespaces (allows groups to be separated so they cannot “see” each other) to implement lightweight process isolation.
2013, Docker was introduced as a way of simplifying the tooling required to create and manage containers. It initially used LXC as its default execution driver (it has since developed a library called libcontainer for this purpose). Docker made them accessible to the average developer and system administrator by simplifying the process and standardizing on an interface. It spurred a renewed interest in containerization in the Linux world among developers.
Here is a brief timeline of key moments in software containerization platforms history
1979: Unix V7
The concept of containers was started way back in 1979 with UNIX chroot.
The idea of this feature is to provide an isolated disk space for each process. Later in 1982 this was added to BSD.
2000: FreeBSD Jails
The need for FreeBSD jails came from a small shared-environment hosting
provider
Instead of adding a new layer of fine-grained configuration options, the solution adopted by Poul-Henning Kamp was to compartmentalize the system — both its files and its resources — in such a way that only the right people are given access to the right compartments – called “jails” – with the ability to assign an IP address for each system and configuration.
2001: Virtuozzo
Virtuozzo developed the first commercially available container technology in
2001,
A significant force in the open source community, Virtuozzo sponsors and/or is a contributor to numerous open source projects including OpenVZ, CRIU, KVM, Docker, OpenStack, and the Linux kernel.
2001: Linux VServer
Introduced in 2001, Linux VServer is a another jail mechanism that can
Experimental patches continue to be available, but the last stable patch was released in 2006.
2004: Oracle Solaris Containers
2004 Oracle released Solaris Containers for x86 and SPARC systems,
A Solaris Container is a combination of system resource controls and the boundary separation provided by zones. Zones act as completely isolated virtual servers within a single operating system instance.
2005: Open VZ (Open Virtuzzo)
Released by Parallels (formerly SWsoft),
A live migration and checkpointing feature was released for OpenVZ in the middle of April 2006
2006: Process Containers
Process Containers, developed by Google primarily — Paul B. Menage and
Rohit Seth — in 2006
It shows how early Google was involved in container technology.
2007: Control Groups merged into Linux kernel
Process Containers were renamed Control Groups (cgroups)
the Linux Kernel in 2007. Redesign of cgroups started in 2013, with additional changes brought by versions 3.15 and 3.16 of the Linux kernel.
2008: LXC
LXC stands for LinuX Containers and it is the first,
The LXC project is sponsored by Canonical Ltd.
2011: Cloud Foundry Warden
CloudFoundry started Warden in 2011, using LXC in the
Cloud Foundry developed a client-server model to manage a collection of containers across multiple hosts, and Warden includes a service to manage cgroups, namespaces and the process life cycle.
2013: LMCTFY
LMCTFY stands for “Let Me Contain That For You”.
The libcontainer project was initially started by Docker and now it has been moved to Open Container Foundation.
2013: Docker
Docker is one of the most successful open source projects in recent history,
Docker uses the resource isolation features of the Linux kernel such as cgroups and kernel namespaces, and a union-capable file system such as aufs and others to allow independent “containers” to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines.
Every day, lot’s of developers are happily testing or building new Docker-based apps with Plesk Onyx – understanding where the Docker fire is spreading is the key to staying competitive in an ever-changing world. Want an overview of how Docker can fit into your stack? Check out 6 essential facts here.
2014: Rocket
Rocket started by CoreOS released reference implementation of an open
2016: Windows Containers
Microsoft also took an initiative to add container support
With this implementation Docker is able to run Docker containers on Windows natively without having to run a virtual machine to run Docker (earlier Docker ran on Windows using a Linux VM). This blog post by Michael Friis describes how to get setup to run Docker Windows Containers on Windows 10 or using a Windows Server 2016 VM.
Infographic
Enjoy our free Infographic “Moments in Container History”. Download it, print it out and hang it at your desk.
As always, we’re looking forward to hearing your feedback and invite you to join the conversation with us on Twitter and Facebook.
[Get the high resolution version here]
Be well, do good, and stay Plesky!