A Brief Guide to Understanding Docker Containers and CPU Performance (Updated 2019)

Docker’s meteoric rise has been astounding, and it’s been a revolution for both developers and those administering systems. However, Docker is still often not well understood, even among some people who utilize it successfully during their day jobs. Here are a few facts about how Docker handles CPU usage.

Full Performance

The terminology surrounding containers and similar technologies can be confusing, and people sometimes use the same term for different ideas. However, it’s important to know that Docker doesn’t rely on full virtualization that same way other technologies do. Although there is a small amount of overhead in containerization in terms of memory and disk space, Docker images have full access to CPUs and can be expected to perform at full speed when running on a Linux machine. In the past, Docker on Windows and Apple used virtualization to some extent, but modern versions provide a much lighter translation layer that offers far better performance. Still, images on Linux machines can be expected to provide better CPU performance in general.

Per-Container Resource Limiting

One of the most powerful aspects of Docker is its ability to handle resources in a straightforward manner, and this is true of CPU limiting. By default, Docker images have access to all available CPU resources. On multiprocessor systems, Docker can be limited to a number of processors less that what the machine has available. Furthermore, users can give container images fractions of processors as well; on a two-processor system, for example, Docker images can be given access to 1.5 CPUs. Docker providers other means of limited access, and tools such as quotas can be incredibly powerful, especially when used on production machines. Achieving optimal performance will require some testing, but Docker provides a flexible approach.

Processes Inside Docker Images

Docker’s success is largely due to its ability to treat containers as singular units, and, as a result, controlling what’s going on inside of images can be a bit more difficult. It can be tough to measure CPU utilization of processes inside Docker containers. The “docker top” command can provide some information, and so can some of system’s built-in monitoring tools. However, all of these solutions are limited. Limiting CPU usage from processes inside of Docker images is similarly difficult. Although better tools might come online, Docker is designed to treat each running image as a self-contained unit, and it’s often best to use other tools for ensuring proper performance within each instance.

Docker has been a revolution, and its ability to streamline operations while providing excellent hardware utilization means it’s here to stay. Because of its focus on production, Docker offers excellent tools for handling CPU usage, and its flexibility means it works in nearly all types of production environments.