• Overview
    Key features
    • Observability
    • Auto-scaling
    • Multiframework
    • Security
    Frameworks
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Languages
    • PHP
    • Python
    • Node.js
    • Ruby
    • Java
    • Go
  • Industries
    • Consumer Goods
    • Media/Entertainment
    • Higher Education
    • Government
    • Ecommerce
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Login
  • Watch a demo
  • Free trial
Meet Upsun. The new, self-service, fully managed PaaS, powered by Platform.sh.Try it now
Blog
Cover image

CMS architecture: What the heck is . . . containerization?

containerswhat-the-heck-is
05 October, 2020
Larry Garfield
Larry Garfield
Director of Developer Experience

Ask a non-technical professional what the most challenging part of their job is and you’ll often hear, “Understanding what the heck our developers are talking about.” The “What the heck is . . .?” series explains common development terms in simple language. Today we’re letting you know what the heck your developers are talking about when they talk about a “container.”

Understanding containerization: Keeping computer processes separated

When developers talk about containers, they are talking about a method for keeping computer processes from communicating with each other. Just like the term implies, containers keep computer processes boxed up.

Normally, an operating system runs every program in a separate "process." Each process is a collection of code plus the memory space for its data. An operating system can handle hundreds or thousands of processes at the same time, quickly switching back and forth between them.

In addition to being able to communicate with the operating system, processes can communicate with other processes. But sometimes, you don't want them to. Any time a process can interact with another process, it has the potential to cause problems. Processes might communicate infected information to each other leading to security issues. They might also wrestle with each other over operating resources, like memory. So when you’re running several processes at the same time, you often want to keep them isolated from each other. That's where containers come in.

Containers work by using "namespaces" to lie to a process about its environment. There are different types of namespaces, each with its own brand of fibbing. For example, the process namespace groups processes into clusters and lies to those processes to say that no other processes exist. The mount namespace gives each group of processes a different, independent file system so they cannot reach each other's files. And so on.

“Contained” by this false information, processes run as if they are essentially on their own private computer. Multiple processes can now run safely at the same time without being a security risk to each other and competing for limited resources.

Containers

What are the benefits of containerization?

The isolating features of a container provide important benefits:

  • Many applications can share one computer's resources without introducing security risks or resource bottlenecks.
  • There is almost no overhead for running a process in a container vs not.
  • A container's available resources can be scaled up or down dynamically without hardware changes.
  • Programs can be moved from a container on one computer to a container on another.

Better container management with Platform.sh

Because containers are so flexible, controlling and configuring them can be overwhelming for users. (The market is exploding with tools that manage tools that manage tools that manage containers.)

Platform.sh uses a specially built container system that provides you with all the benefits of containers without any of the hassles. For instance, we automatically install every bug and security update, but give you complete control over installing feature upgrades. We also offer a wide variety of shrink-wrapped services that you can enable on a project with nearly no configuration required.

The process isolation offered by containers keeps your applications running securely and smoothly. The no-hassle Platform.sh container system will free you to run your enterprise the same way.

(For a more in-depth explanation of containers, please read “The container is a lie!”)

Get the latest Platform.sh news and resources
Subscribe

Related Content

How software company security priorities are changing

How software company security priorities are changing

Company
AboutSecurity and complianceTrust CenterCareersPressContact us
Thank you for subscribing!
  •  
Field required
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceAcceptable Use PolicyManage your cookie preferencesReport a security issue
© 2024 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺