Understanding application containers
What does it mean to contain an application? We have a pretty good concept these days of containing servers, by means of virtualization. Taking physical hardware and turning it into a virtualization host—like Hyper-V—and then running many virtual machines on top of it is a form of containment for those VMs. We are essentially tricking them into believing that they are their own entity, completely unaware that they are sharing resources and hardware with other VMs running on that host. At the same time that we are sharing hardware resources, we are also able to provide strong layers of isolation between VMs, because we need to make sure that access and permissions cannot bleed over across VMs. Particularly in a cloud provider scenario, as that would spell disaster.
Application containers are the same idea, at a different level. Rather than creating VMs, we create containers, which are much smaller. We then run applications inside those containers, and the...
