<p>Cloud containers are a hot topic, especially in security. Technology giants Microsoft, Google and Facebook all use them. Google uses containers for everything it runs, totaling several billion each week.</p>
<p>The past decade has seen containers anchoring a growing number of production environments. This shift reflects the modularization of <a href=”https://www.techtarget.com/searchitoperations/definition/DevOps”>DevOps</a>, enabling developers to adjust separate features without affecting the entire application. Containers promise a streamlined, easy-to-deploy and secure method to implement specific infrastructure requirements and are a lightweight alternative to VMs.</p>
<p>Let’s examine the evolution of containers and discuss why cloud container security can’t be overlooked.</p>
<section class=”section main-article-chapter” data-menu-title=”How do cloud containers work?”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>How do cloud containers work?</h2>
<p>Container technology’s roots were based on partitioning and chroot process isolation developed as part of Linux. Modern containers are expressed in <a href=”https://www.techtarget.com/searchitoperations/definition/application-containerization-app-containerization”>application containerization</a>, such as <a href=”https://www.techtarget.com/searchitoperations/definition/Docker”>Docker</a>, and in system containerization, such as Linux containers (LXC). Both enable IT teams to abstract application code from the underlying infrastructure as they work to simplify version management and enable portability across various deployment environments.</p>
<p>Containers rely on virtual isolation to deploy and run applications that access a shared OS kernel without the need for VMs. Because they hold all the necessary components — files, libraries and environment variables — containers run desired software without worrying about platform compatibility. The host OS constrains the container’s access to physical resources, so a single container cannot consume all of a host’s physical resources.</p>
<p>The key thing to recognize with cloud containers is they are designed to virtualize a single application. Consider a MySQL container. It provides a virtual instance of that application and that is all it does. Containers create an isolation boundary at the applic
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: