Virtual Containers – What Are They Used For ?
Containers are a specialised virtualisation software that can decrease the storage space needed to run apps and potentially reduce boot time for applications.
Virtual Containers are like Virtual machines (VM). A Containers goal is to reduce the cost of IT (namely hardware) and further improve the overall performance and efficiency of your infrastructure even more so than your current VMs.
A VM works differently to a Container, as it runs its own Operating System (OS), whereas a container uses the same operating and file system as the host which intern can lower boot times and save space.
This isn’t without its draw backs, as you may have realised you will have less flexibility when trying to use different applications with different operating systems as you are subjected to what OS is installed on the host (unless you use Containers within VMs).
There are new and important security risks that also need to be considered when usings containers.
- The intrinsic security of the kernel and its support for namespaces and cgroups.
- The “hardening” security features of the kernel and how they interact with containers.
- Virus being able to Tamper with the Host OS Kernel.
- The attack surface of the daemon itself
- Loopholes in the container configuration profile, either by default, or when customized by users.
Most Container software’s such as Docker and Kubernetes are inherently secure and don’t require much tweaking, but I would always recommend checking the later yourself to make sure your container is secure.