You're reading from The Kubernetes Workshop

Product type Book

Published in Sep 2020

Publisher Packt

ISBN-13 9781838820756

Pages 780 pages

Edition 1st Edition

Languages

Concepts

Containerization

Authors (6):

Zachary Arnold

Sahil Dua

Wei Huang

Faisal Masood

Mélony Qin

Mohammed Abu Taleb

View More author details

Table of Contents (20) Chapters

Preface

1. Introduction to Kubernetes and Containers

2. An Overview of Kubernetes

3. kubectl – Kubernetes Command Center

4. How to Communicate with Kubernetes (API Server)

5. Pods

6. Labels and Annotations

7. Kubernetes Controllers

8. Service Discovery

9. Storing and Reading Data on Disk

10. ConfigMaps and Secrets

11. Build Your Own HA Cluster

12. Your Application and HA

13. Runtime and Network Security in Kubernetes

14. Running Stateful Components in Kubernetes

15. Monitoring and Autoscaling in Kubernetes

16. Kubernetes Admission Controllers

17. Advanced Scheduling in Kubernetes

18. Upgrading Your Cluster without Downtime

19. Custom Resource Definitions in Kubernetes

Virtual Machines versus Containers

A virtual machine (VM), as the name implies, aims to emulate a physical computer system. Technically, VMs are provisioned by a hypervisor, and the hypervisor runs on the host OS. The following diagram illustrates this concept:

Figure 1.1: Running applications on VMs

Here, the VMs have full OS stacks, and the OS running on the VM (called the Guest OS) must rely on the underlying hypervisor to function. The applications and operating system reside and run inside the VM. Their operations go through the guest OS's kernel and are then translated to the system calls by the hypervisor, which are eventually executed on the host OS.

Containers, on the other hand, don't need a hypervisor underneath. By leveraging some Linux containerization technologies such as namespaces and cgroups (which we will revisit later), each container runs independently on the host OS. The following diagram illustrates containerization, taking Docker containers as an example:

Figure 1.2: Running applications in containers

It's worth mentioning that we put Docker beside the containers instead of between the containers and the host OS. That's because, technically, it's not necessary to have Docker Engine hosting those containers. Docker Engine plays more of a manager role to manage the life cycle of the containers. It is also inappropriate to liken Docker Engine to the hypervisor because once a container is up and running, we don't need an extra layer to "translate" the application operations to be understandable by the host OS. From Figure 1.2, you can also tell that applications inside the containers are essentially running directly on the host OS.

When we spin up a container, we don't need to bring up an entire OS; instead, it leverages the features of the Linux kernel on the host OS. Therefore, containers start up faster, function with less overhead, and require much less space compared to VMs. The following is a table comparing VMs with containers:

Figure 1.3: Comparison of VMs and Containers

Looking at this comparison, it seems that containers win in all aspects except for isolation. The Linux container technologies that are leveraged by the containers are not new. The key Linux kernel features, namespace, and cgroup (which we will study later in this chapter) have existed for more than a decade. There were some older container implementations such as LXC and Cloud Foundry Warden before the emergence of Docker. Now, an interesting question is: given that container technology has so many benefits, why has it been adopted in recent years instead of a decade ago? We will find some answers to this question in the following sections.