Container
An isolated packaging and execution unit built from an image, sharing the host kernel but using OS primitives to constrain processes and resources.
Definition
A container is a packaging and execution unit that runs one or more processes with isolation constraints, typically built from an image.
Containers usually share the host kernel, and rely on OS primitives (namespaces, cgroups, filesystem layers) to provide isolation and resource controls.
Why containers matter for behavior
Containers often change assumptions:
- filesystem contents are minimal and explicit
- networking can be restricted or routed differently
- CPU/memory limits can be enforced
That’s why “it works on my machine” can mean “it works outside the container image”.