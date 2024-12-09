Containers have helped revolutionize computing, particularly in the cloud, over the last decade. By reducing the overhead required to run things like virtual machines, and allowing easy packaging and modification of layered container images, containers have made running and sharing isolated software applications easier and quicker than ever before.

The concept of containers has been around for decades, but modern containerization has hugely popularized them over the last decade. Chroot, a Linux concept for changing the root directory of a system and hence limiting its access, has been around since the early days of Linux in the 1970s. While it isn't a full implementation of anything resembling a modern container, it laid plenty of groundwork for what has followed since then. Versions of FreeBSD later had a concept of jails, which were similar isolated processes. The real modern containerization came out of work done on Linux namespaces and cgroups, which then formed the basis for Docker and LXC, among other runtimes.

4 Containers are lightweight and efficient

Save power and resources by skipping the OS

By stripping out a full underlying operating system, and providing container runtime to interface with the underlying host operating system, containers can massively decrease the overhead required in running them. This makes them smaller, more portable, quicker, and easier to deploy and tear down than a virtual machine. It also allows more application instances to run on the same hardware as would be required for a fleet of virtual machines. Whether you're running a single container locally or hundreds of them in the cloud or in Kubernetes, using containers will save you resources.

Compared to virtual machines, containers can also start up and shut down far more quickly, as they don't need to start up an entire operating system to run an application. Containers can also be transferred more easily, as they're far smaller and don't need to bundle an entire operating system. Some container runtimes can also deploy images in layers, allowing only a small part of a container image to be modified for a small change, making them easier to cache.

3 Portability

Containers are far more portable than VMs

The nature of containers means that they can easily be moved between machines, typically packaging all dependencies within the container. This means they can be moved from environment to environment or machine to machine without worries about dependency issues. Virtual machines are significantly less portable, as there's no standard format for sharing VMs between different hypervisors. This means that you're typically tied to one type of hypervisor or platform.

This also makes it easy to deploy a container identically across various locations. For example, you could run a container locally, then test it out in your Kubernetes cluster before deploying it into a cloud runtime, all without needing to change any definitions. The one caveat here is that containers need to be built for the architecture they're running on, so an x86 container won't run on a Graviton AWS machine, for example.

It's not always true that virtual machines aren't portable between platforms, but it's typically a more involved process than for containers.

2 The community and ecosystem

Installing your favorite app is as simple as 'docker run'

One of the biggest benefits of containers for developers and homelab enthusiasts is the ecosystem and community that surround them. Need an image for your favorite service, tool, or app? There's probably one on Docker hub you can spin up in a few seconds. Want to install a new nginx proxy or Jellyfin instance? It's as easy as pulling one down from the cloud and filling in the config. Containers bring a modular ease to deploying your favorite applications, and make it easy to pull in your existing data or configuration using volumes.

If you're stuck with a container, or need to make some modifications, it's as easy as looking at the definition. For Docker Engine containers, it's as simple as reading a Dockerfile, which defines everything needed to recreate your container from a base image. This makes understanding how containers work, as well as inspecting exactly what they contain, a breeze.

1 Easy isolation for applications

Close

Part of why the community support for containers is so broad is that they're secure by default. A container image is easily auditable, and contains fundamentally a lot fewer malicious elements than a full virtual machine image. We wouldn't recommend downloading and running a full virtual machine image for your home lab, as it could contain any amount of unknown code or malicious applications - similar to why we don't recommend custom Windows ISOs. But a container is far easier to audit, and far smaller in both its attack surface and footprint.

Containers retain a lot of the isolation that virtual machines provide, keeping applications and processes isolated. Orchestration tools like docker-compose can make sharing resources easy, such as networking elements and volumes, while allowing proper isolation and security with each process.

Now, containers aren't always 100% secure, I certainly wouldn't use docker as a jail to test malware, for example. Virtual machines do still have their place, and can have benefits as well. But for most users, especially in the homelab or personal space, containers are a much better option.

Containers are a modern approach to running applications

Containers are a modern, streamlined way of running applications, whether it's in a home lab or business context. They save time and resources, plus allow simple builds, making the deployment and development of applications a breeze. Whether you're using one container or hundreds, the simplicity and efficiency will be hard to live without once you've embraced them.

If you're using a hypervisor like Proxmox, you can make use of containers natively in your home lab. Similarly, if you're already using TrueNAS or similar, you might be making use of containers without even realizing it.

Containers can be a bit odd at first - they almost seem a little too good to be true, but they're the backbone of how many modern applications are deployed, managed, and packaged. They can bring huge benefits, especially if you're still using VMs!