From Gmail to YouTube to Search, everything at Google runs in containers. Containerization allows our development teams to move fast, deploy software efficiently, and operate at an unprecedented scale. Each week, we start over several billion containers. We’ve learned a lot about running containerized workloads in production over the past decade, and we’ve shared this knowledge with the community along the way: from the early days of contributing cgroups to the Linux kernel, to taking designs from our internal tools and open sourcing them as the Kubernetes project. We’ve packaged this expertise into Google Cloud Platform so that developers and businesses of any size can easily tap the latest in container innovation.
Containers offer a logical packaging mechanism in which applications can be abstracted from the environment in which they actually run. This decoupling allows container-based applications to be deployed easily and consistently, regardless of whether the target environment is a private data center, the public cloud, or even a developer’s personal laptop. Containerization provides a clean separation of concerns, as developers focus on their application logic and dependencies, while IT operations teams can focus on deployment and management without bothering with application details such as specific software versions and configurations specific to the app.
For those coming from virtualized environments, containers are often compared with virtual machines (VMs). You might already be familiar with VMs: a guest operating system such as Linux or Windows runs on top of a host operating system with virtualized access to the underlying hardware. Like virtual machines, containers allow you to package your application together with libraries and other dependencies, providing isolated environments for running your software services. As you’ll see below however, the similarities end here as containers offer a far more lightweight unit for developers and IT Ops teams to work with, carrying a myriad of benefits.
Instead of virtualizing the hardware stack as with the virtual machines approach, containers virtualize at the operating system level, with multiple containers running atop the OS kernel directly. This means that containers are far more lightweight: they share the OS kernel, start much faster, and use a fraction of the memory compared to booting an entire OS.
There are many container formats available. Docker is a popular, open-source container format that is supported on Google Cloud Platform and by Google Kubernetes Engine.
Containers give developers the ability to create predictable environments that are isolated from other applications. Containers can also include software dependencies needed by the application, such as specific versions of programming language runtimes and other software libraries. From the developer’s perspective, all this is guaranteed to be consistent no matter where the application is ultimately deployed. All this translates to productivity: developers and IT Ops teams spend less time debugging and diagnosing differences in environments, and more time shipping new functionality for users. And it means fewer bugs since developers can now make assumptions in dev and test environments they can be sure will hold true in production.
Containers are able to run virtually anywhere, greatly easing development and deployment: on Linux, Windows, and Mac operating systems; on virtual machines or bare metal; on a developer’s machine or in data centers on-premises; and of course, in the public cloud. The widespread popularity of the Docker image format for containers further helps with portability. Wherever you want to run your software, you can use containers.
Containers virtualize CPU, memory, storage, and network resources at the OS-level, providing developers with a sandboxed view of the OS logically isolated from other applications.
|Container Benefits||Virtual Machine Benefits|
|Consistent Runtime Environment||check||check|
|Small Size on Disk||check|
Containers allow you to package your application and its dependencies together into one succinct manifest that can be version controlled, allowing for easy replication of your application across developers on your team and machines in your cluster.
Just as how software libraries package bits of code together, allowing developers to abstract away logic like user authentication and session management, containers allow your application as a whole to be packaged, abstracting away the operating system, the machine, and even the code itself. Combined with a service-based architecture, the entire unit that developers are asked to reason about becomes much smaller, leading to greater agility and productivity. All this eases development, testing, deployment, and overall management of your applications.
Containers work best for service based architectures. Opposed to monolithic architectures, where every pieces of the application is intertwined — from IO to data processing to rendering — service based architectures separate these into separate components. Separation and division of labor allows your services to continue running even if others are failing, keeping your application as a whole more reliable.
Componentization also allows you to develop faster and more reliably; smaller codebases are easier to maintain and since the services are separate, it's easy to test specific inputs for outputs.
Containers are perfect for service based applications since you can health check each container, limit each service to specific resources and start and stop them independently of each other.
We’ve had so much success with our internal cluster management system Borg that we’ve taken what we’ve learned and put it into the open source project Kubernetes. Now you and other companies can benefit from our decades of experience. Also known as “k8s,” Kubernetes provides automated container orchestration -- management of your machines and services for you -- improving your reliability and reducing the time and resources you need to spend on DevOps, not to mention relief from the stress attached to these tasks.
Kubernetes makes everything associated with deploying and managing your application easier. Kubernetes automates rollouts and rollbacks, monitoring the health of your services to prevent bad rollouts before things go bad. It also continuously runs health checks against your services, restarting containers that fail or have stalled, and only advertising services to clients when it has confirmed they’ve started up successfully. Additionally, Kubernetes will automatically scale your services up or down based off of utilization, ensuring you’re only running what you need, when you need it. Like containers, Kubernetes allows you to declaratively manage your cluster, allowing your setup to be version controlled and easily replicated.
Perhaps most importantly, Kubernetes is built to be used anywhere, allowing you to orchestrate across on-site deployments to public clouds to hybrid deployments in between. This enables your infrastructure to reach your users where they’re at, your applications to have higher availability, and your company to balance your security and cost concerns, all tailored to your specific needs.
Of course, Kubernetes runs best on Google Cloud Platform. Google Kubernetes Engine is the premier managed Kubernetes solution that gets you quickly set up and production-ready.
But we love to give you options. Google Cloud Platform offers you a full spectrum for running your containers. From fully managed environment with Google Cloud Run to cluster management with Kubernetes Engine to roll-it-yourself infrastructure on world-class price-to-performance Google Compute Engine, you can find your ideal solution for running containers on Google Cloud Platform.
It doesn’t stop there. Google Cloud Platform provides the tools you need to use containers from development to production. Cloud Build and Container Registry provide Docker image storage and management, backed by both Google’s high security standards and world-class network. Google’s Container-Optimized OS provides a lightweight, highly secure operating system that comes with the Docker and Kubernetes runtimes pre-installed. All your container management can take place on GCP.
“ A decade’s worth of experience building container management systems has taught us much, and we have embedded many of those lessons into Kubernetes, Google’s most recent container management system. Its goals are to build on the capabilities of containers to provide significant gains in programmer productivity and ease of both manual and automated system management.”— “Borg, Omega, and Kubernetes: Lessons learned from three container management systems over a decade,” Google LLC, 2016