Definition

Linux Containers Project

This definition is part of our Essential Guide: An essential guide to software container usability and management
Contributor(s): Matthew Haughn

Linux Containers is a project created to provide a distro- and vendor-neutral environment for the development of Linux container technologies. The umbrella project’s focus is on system containers, which provide environments similar to a virtual machine (VM) but without the associated overhead. Linux Containers projects involve self-contained images, complete with their own execution environments, running at a an operating system level rather than as a full virtual machine (VM).

Linux Containers projects:

LXC: An operating system-level virtualization environment.

LXD:   A set of tools that allows administrators to deploy, manage and secure containers in much the same way that a hypervisor enables administrators to manage virtual machines.

LXCFS: A userspace file system that overcomes shortcomings of some components by exporting files that match what a system container user would expect.

Using containers on the same hardware can allow for 6-8 times more duplicate instances of an operating system than is possible with a conventional VM. The use of Linux for containers allows for cgroups (control groups) to enable fine control of resources. With customizable and dedicated CPU, memory, storage and network resources, containers allow isolated Linux environments to run in a trimmed-down OS-level VM. This control also makes it possible to limit programs that might otherwise consume all available resources. Programs for scientific computing, for example, could be constrained to a desired amount of available compute power, memory, disk I/O or network bandwidth so admins can better balance all available resources.

Linux containers used to have security issues because they couldn’t run in an unprivileged environment. However, security improvements have made it possible for them to run in limited user accounts. Since LXC 1.0, with proper configuration, security is possible even where containers are privileged.

This was last updated in September 2016

Continue Reading About Linux Containers Project

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What are some additional benefits containers can bring to Linux container security?
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchDataCenter

SearchAWS

SearchServerVirtualization

SearchCloudApplications

SearchCloudComputing

Close