Let’s start a new serie of articles on Docker for beginners ! In this one, we will see what is Docker before having fun with it.

What are Containers ?

We can’t explain Docker if we don’t explain containers.

Containers are designed to benefit for both developers and system administrators.

Indeed, developers need to focus on writing code without worrying about the system that it will ultimately be running on. On the other hand, system administrators need have less systems to manage.

Container is a special type of process that is isolated from other processes. Containers are assigned resources that no other process can access, and they cannot access any resources not explicitly assigned to them.

Unlike a virtual machine, rather than creating a whole virtual operating system, Containers allow applications to use the same Linux kernel as the system that they’re running on and only requires applications be shipped with things not already running on the host computer. This gives a significant performance boost and reduces the size of the application.

Developers with containers will be able to package up an application (an image) with all it needs (like libraries, dependencies, code etc.) It’s really helpful because they are assured that the application will run on any other Linux machine, regardless of any customized settings.

What is Docker ?

Docker is an open source community project which has been supported by Docker Inc.

Its popularity has constantly grown over the last years :

It is a tool designed to make it easier to manage containers. So you can create, deploy, and run applications with it in an easy way. Indeed, Docker provides an image-based deployment model as you can see below. This makes it easy to share an application, or set of services, with all of their dependencies across multiple environments.

The advantages of Docker containers

1. Docker is easy to use ! Docker can be learned quickly, mainly due to the many resources available to learn how to create and manage containers.
2. You can scale fast ! Containers allow much more work to be done by far less computing hardware. In the early days of the Internet, the only way to scale a website was to buy or lease more servers.
3. Docker helps you to take down a part of an application, to update or repair, without unnecessarily taking down the whole app.
4. You can easily keep versions of your docker images. It can be helpful for rollbacks and fast build.
5. On of the best advantage is definitively “Rapid deployment”. Indeed, Docker-based containers can reduce deployment to seconds. By creating a container for each process, you can quickly share those similar processes with new apps.
6. If a container works on your machine, it will run the same way in a Development, Staging, and Production environment.
7. Docker supports software-defined networking. Developers and operators can design systems with complex network topologies and define the networks in configuration files on their own. 

When shouldn’t you use Docker ?

You can live without Docker, specially if your systems are not complex enough to justify the additional burden of taking on containerization. For example, if you only create static websites, you may just not need containers.

What about security ?

You may legitimately be concerned by your Docker platform security. It’s hard to answer to the question “Is Docker secure ?” Indeed, the answer for that would be “What part of Docker are you referring to ?” And then discuss pros / cons and solutions for each part. I don’t think you can easily say “yes” or “no” for such a question.

You have to remember that Containers should be considerate as services so you have to treat them as so.

In my opinion, you shouldn’t be naive and assume that Docker will protect you because it creates sandbox. It has many advantages as we have seen in the first part of this article but it will be weaker than a virtual machine. Because, first of all when you talk to a container, we can assume that you are already talking to the kernel… However, don’t be scared to use it, if you are not using Docker as a multi-tenant service, if you are careful with images you use and if you follow good security practices for the services running within a container .

Sources : https://opensource.com, https://www.redhat.com, https://raygun.com, https://blog.codeship.com