# Containerization Containerization is a lightweight virtualization approach where applications run in isolated user-space instances called containers. Unlike virtual machines that emulate entire operating systems with their own kernels, containers share the host's kernel and only package the application code, runtime, libraries, and dependencies. This makes them fast to start (milliseconds vs. minutes), efficient in resource usage, and highly portable. The key innovation is the container image: an immutable snapshot containing everything needed to run an application. Build once, run anywhere—the same image works on a developer's laptop, CI server, and production cluster. This eliminates "works on my machine" problems and makes deployments reproducible. Images are built in layers and stored in registries, enabling efficient storage and distribution. [[Docker]] popularized containerization and remains the dominant tool for building and running containers. [[Podman]] is a daemonless alternative that runs containers rootless by default, offering better security for some use cases. For multi-container applications, [[Docker Compose]] handles orchestration. At scale, platforms like Kubernetes manage container scheduling, scaling, and networking across clusters. Containerization has become the foundation of modern [[Self-hosting]], cloud-native development, and microservices architecture. The container/VM line is blurring: [[Windows Sandbox]] uses [[Hyper-V]] for kernel isolation but borrows container techniques (dynamic memory reclamation, shared OS pages with the host via "direct map") to achieve near-container footprint and start time while keeping VM-grade isolation. ## Related - [[Docker]] - [[Podman]] - [[Windows Sandbox]] - [[Docker Compose]] - [[Self-hosting]] - [[Kubernetes]]