Containerisation has evolved into a groundbreaking pillar of contemporary software development and infrastructure!
Gone are the days when it was merely a fancy buzzword – mastering containerisation is now a must for every developer striving for excellence.

Spearheading the cloud-native revolution, containerisation has changed the way we construct, deploy, and govern applications in the dazzling realm of distributed systems.


# Why Use Containerisation?

Containerisation is a method of packaging and deploying applications in a consistent and reproducible manner.
Imagine bundling your app and all its dependencies into a portable, high-powered box – that’s precisely what a container is all about!

These nifty containers are not only lightweight but also run independently, ensuring seamless performance across diverse computing environments.
Wave goodbye to pesky dependency conflicts, as containerisation masterfully isolates each app!

Revolutionize your app deployment and management with containerisation’s simplicity and effectiveness.
Unleash the full potential of your software development process by boosting productivity, efficiency, and scalability like never before!


# Dockerfile: A Universal Language

Containerisation was popularised and brought to life through the simple yet ingenious Dockerfile format.
These remarkable files are built and deployed with ease by the Docker runtime.

However, just as Adobe pioneered the PDF file format, Docker created the Dockerfile format as a brilliant solution to define and package containerised applications.
But guess what? You likely don’t need Docker to make the most of this format, much like you don’t need Adobe to view PDFs anymore!

The Dockerfile has skyrocketed to become the universal language of containerisation, soaring beyond its original creator’s vision.
It’s now a widely recognised de facto standard, embraced by a plethora of containerisation tools and platforms, freeing developers from the chains of a specific tool or vendor.

Take Podman, for instance – a fantastic drop-in replacement for Docker that boasts a daemonless architecture, empowering you to build and run images without root privileges.
Or consider Containerd, the lightweight, modular runtime that underpins Kubernetes and offloads higher-level tasks like building and networking to other tools.
And let’s not forget gVisor, the security-conscious runtime that offers stronger isolation by running a separate kernel in userspace, safeguarding your host’s kernel!


# Open Container Initiative

These runtimes all adhere to the Open Container Initiative (OCI) image specification.

The OCI’s primary goals are nothing short of phenomenal – promoting interoperability, ensuring consistency, and fostering innovation across the container ecosystem.
By defining open standards for container images and runtime, the OCI paves the way for seamless integration of container technologies from various vendors.
This freedom lets users cherry-pick the best tools for their needs without being shackled to a single vendor’s ecosystem.

Introducing the OCI’s two main specifications:

  1. OCI Image Specification: Standardises container images, guaranteeing that images created with diverse tools can be universally recognised and managed.
  2. OCI Runtime Specification: Lays out the requirements for container runtimes, ensuring a uniform environment for running containers on different platforms.

You might scratch your head when one system uses one build tool or runtime, and another uses something different.
But fear not!
Most of the time, the knowledge is entirely transferable, thanks to these shared specifications.
This also means that migrations between runtimes are mostly a walk in the park.
When Kubernetes switched from Docker to Containerd as its runtime, many organisations didn’t even bat an eye – despite some unnecessary drama online.


# Layers: The Anatomy of a Container Image

Container images are composed of multiple layers, each representing a modification or addition to the base image.
These layers stack up like a well-crafted cake, giving birth to a unified file system.

Efficiency is the name of the game with layers, as they enable streamlined storage and transfer of images.
Only the changes between layers need to be transmitted or stored, saving you precious time and resources.

When you update a container image, you only need to modify the affected layers, which keeps the image lightweight and speeds up the building and deployment process.
Remember, each command in a Dockerfile creates a new layer – so, use them wisely!


# Base Images: A Foundation for Success

Base images are pre-built containers that come packed with all the necessary software, libraries, and configurations.
With these time-saving gems, you can focus your energy on crafting your application, instead of worrying about setting up the underlying infrastructure.

And with a plethora of base images available, catering to different programming languages, frameworks, and operating systems, you’ll be spoilt for choice!
Whether you opt for the lightweight and efficient Alpine Linux, or official language-specific images like Node, Python, or Ruby, you’ll find the perfect fit for your project.

But that’s not all – by choosing a base image that closely aligns with your application’s requirements, you’ll create efficient and reusable images, minimising the need for additional customisations.
Just don’t forget to stay on top of your game by keeping your base images up-to-date and patched for any security vulnerabilities that might arise.


# CloudNative

Containerisation is a key component of cloud-native application development – an approach that’s designed to take full advantage of cloud computing architectures and services.

Cloud-native applications are optimized for the cloud, making them flexible, scalable, and resilient.
By building applications that are cloud-native, you can achieve faster time-to-market, better scalability, and more efficient resource utilization.

An example: Containerisation plays a vital role in supporting cloud-native applications by enabling horizontal scaling.
When traffic or workload increases, containerisation allows you to quickly and easily deploy multiple instances of an application.
With each instance self-contained and isolated from the others, scaling becomes a breeze without the need for complex configuration or infrastructure changes.


# Process Isolation

Containerisation isn’t the only game in town when it comes to isolating processes.

Virtual Machines (VMs) take isolation to the max by emulating an entire operating system, complete with dedicated resources like CPU, memory, and storage.
Each VM runs on a hypervisor, separating it from other VMs and the host system.
With this ironclad isolation, VMs are perfect for running applications with varying OS requirements or stringent security boundaries.

Containers, on the other hand, share the host’s operating system kernel but with separate user spaces.
By managing the container in the kernel, we can ensure that containers cannot directly access or interfere with other containers or the host system.
This approach offers process-level isolation while also giving you lightning-fast startup times and reduced resource overhead.

Last but not least, WebAssembly bursts onto the scene as a binary instruction format that isolates by running inside a secure sandbox environment.
This security-savvy design allows the execution of untrusted code without jeopardizing the integrity of the underlying system.
The use of WebAssembly is still in its early stages, as it is transitioning from being solely on the frontend, to full stack.
It will be exciting to see how it evolves.


# Tips & Tricks

Let’s get pumped up about containerisation and share some tips and tricks to get started with:

  1. Start small: Dive in headfirst and containerise a single service or application! This hands-on approach will give you the confidence and experience to tackle any project.
  2. Leverage existing images: Explore the vast collection of public container registries like Docker Hub, and unlock a treasure trove of pre-built images that’ll save you valuable time and effort.
  3. Master container orchestration: Learn about cutting-edge container orchestration platforms like Kubernetes and take your development game to the next level.
  4. Prioritize security: Keep your development process secure and implement best practices that’ll safeguard your containerised applications.