Containers: In the beginning

Today, containers are the hot topic of cloud computing. With them, system designers and cloud architects can have as many as six times the number of server applications on a hardware server as you can with a virtual machine (VM).

But, for all the excitement about Docker, the headline container technology, and how even Microsoft has embraced this open-source technology, we’ve never really looked at containers’ origins. You see, this “new” technology is decades old.

Containers go back at least as far as 2000 and FreeBSD Jails. This, in turn, was based on the Unix/Linux chroot C command, which first appeared back in 1982 in BSD Unix. And, if you want to take it even farther back you can trace chroot all the way back to 1979’s Version 7 Unix. With chroot you can change the root directory of the next operating process and its children. This in turn meant you could run programs independently of the preceding software operations.

By itself, running programs in chroot was only suitable for simple applications, often mere shell programs. In addition, in what’s going to prove a common thread of threat with containers, chroots were easy to break out of. Jails, as the name indicates, made it harder for applications to break out into the larger system. Jails did this by virtualizing access to the file system, the set of users, and network.

Sun then took the concept of Jails and turned it into Solaris Zones. This technology is Solaris-specific. So, while you can run Solaris applications or an older version of Solaris with a Zone, you can’t run say AIX or Linux.

While Solaris started from FreeBSD jail concepts, Parallels Google and Linux companies, such as Red Hat and Canonical, began working on such Linux-based open-source projects as OpenVZ, lmctfy (Let Me Contain That For You) and LXC (Linux Containers) to make containers work well and securely.

Each of these technologies started with chroot, but they added other programming concepts such as Control groups (cgroups) and Kernel namespaces. These enabled developers to further abstract system resources and improve security.

All these new container technologies became important. Indeed, Joe Beda, a senior staff software engineer at Google, recently said, “Everything at Google runs in a container.” Gmail, search, you name it, Google’s containerized it.

But, for most companies containers remained this mysterious, insecure technology. What really changed things wasn’t so much Docker coming up with a slick way of deploying and implementing containers. Instead it was Docker getting everyone to agree to make yet another open-source container technology, libcontainer, the standard for Linux containers.

Now, while work continues on other container technologies, all the major container players, with the exception of Oracle, are backing libcontainer. Standardization is the real container magic. Just as the standardization of shipping containers revolutionized global trade, the standardization of container technology is poised to transform the data center and cloud.


  1. peter lees says:

    solaris zones included different “brands”. you could run different versins of solaris, and, if you were running on solaris for x86, you could run a linux brand. so you /could/ run linux on a solaris zone.

    docker a very very very very long way to go to catch up with zones.


  2. Nelson Orengo says:

    Steven, you failed to mention AIX WPAR container technology available since at least 2007 starting with AIX 6.1. WPAR stands for AIX Workload Partitions and it’s mature enough technology to be officially supported by the likes of SAP and Oracle for production systems. See for a short overview or for more technical details.


  3. Jürgen Fischer says:

    Aren’t these concepts almost half a century old? Think of IBM’s VM & CP/CMS back in the 70iess/80ies?



  1. […] just a few years containers have risen from obscurity to become the way we deliver software. But just why are companies making the move? Let’s go […]


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: