We find that diagrams and drawings help us to get an overview of the impact a new technology has on existing processes. This also helps when explaining things to customers and colleagues. Obviously, not all of our pictures are worth sharing, but some of them can spark an inspiring discussion.
Today we would like to share the schema of Docker use cases and their mutual relationships. As you can see, putting your application in a container creates a whole raft of important, and maybe for some, unseen advantages.
We have identified the following primary use cases.
Application Isolation and Scalability
Containers and the host share the kernel, but otherwise the applications running in containers have a high level of isolation. Applications that were previously not able to run on the same system, because of conflicts in their networking setup, process space or filesystem, can now smoothly share one physical or virtual machine, regardless of whether they are entirely different apps or multiple instances (containers) of the same application scaled up behind a proxy service.
Containers add a level of implicit isolation between system components, which naturally allows for a higher level of security. However, it’s still risky to run applications with a different security profile on the same host, mainly because there’s no user ID isolation yet. (For more information about different types of security threats and how to avoid them in systems that take advantage of Docker for image distribution and runtime environment, you can have a look at the Docker Security Cheat Sheet.)
Simplified Configuration Management
Configuration can be attached to containers as volumes, passed through with environment variables, or, in the case of secret keys, with services like etcd or Vault. What’s nice about these options is that each configuration can be easily changed per container, not per image. This has a positive impact on continuous delivery pipelines, for instance. At different stages of the process, a different configuration can be provided to the containerized application and thus the whole process is faster and more transparent.
Multi-tenancy and Server Utilization
Isolated applications allow multi-tenancy and higher hardware utilization. These can be high impact advantages (both ecological and economical) on medium to large scale deployments. As a rule of thumb, you can expect 5 to 10 times higher average hardware utilization once containers are used together with resource scheduling tools like Mesos or on Mesosphere’s DCOS.
Developer Productivity and Debugging Capabilities
Because containers allow developers to reproduce the very same environment of an application on their laptops (or development clusters, testing environments, you name it), it’s easier for them to investigate defects. One particularly useful feature of Docker is the possibility to commit a state of a container to an image and run it later with, for example, a different runtime configuration. Being able to quickly get into a running container and use debugging or other development tools without the risk of messing up a conventional, hard-to-restore testing environment is also a great time saver, since this modified and no longer useful container can be quickly trashed and the original version restored.
Code Pipeline Management and Rapid Deployments
Innovation requires rapid deployments leading to shorter feedback loops. Docker’s way of distributing images and caching layers locally speeds up the application turnaround, while the extremely fast startup times of containers allows for quick task execution.
Being able to start containers within milliseconds, in comparison to seconds or minutes in the case of virtual machines, makes a great difference to the availability of the applications in situations when hardware fails (which eventually, it will), the application crashes or an operator needs to reset it because, for example, it was modified by a hacker. (See Diogo Monica’s example for a great in depth look at how this works.)
We have briefly described some use cases of Docker. There is a strong synergy among the use cases, one leading to another. This is often the trait of inventions with potentially high impact. Let this infographics spark discussions in your circles. We believe there are more features and associations to be discovered around Docker. Feel free to share your opinion in the discussions section below.