Think of docker as a “virtual machine lite”. You can package your application and all of its supporting libraries and configuration files into a docker container and run it as a standalone package without having to worry about the system admins getting the right versions of stuff loaded or some incompatibility between the library your app needs vs another app.

But you can’t run a docker container for something like Windows on a Linux box, which is why I called it a “virtual machine lite”.

Kubernetes is a container orchestration system. it lets you deploy containers across servers, manages the containers if they die or if the host machine the containers are running on crashes. It lets you scale up/down (crap, server overloaded…need to run another 30 containers to handle the load!).

I think the two comments so far miss some critical elements of what container are, but I’m not the right person to fully cover them. I’ll try my best, but I truly hope a more technical writer with better conciseness will improve on this.

Look at [https://www.weave.works/blog/a-practical-guide-to-choosing-between-docker-containers-and-vms](https://www.weave.works/blog/a-practical-guide-to-choosing-between-docker-containers-and-vms) if only for the great image at [https://images.contentstack.io/v3/assets/blt300387d93dabf50e/bltb6200bc085503718/5e1f209a63d1b6503160c6d5/containers-vs-virtual-machines.jpg](https://images.contentstack.io/v3/assets/blt300387d93dabf50e/bltb6200bc085503718/5e1f209a63d1b6503160c6d5/containers-vs-virtual-machines.jpg).

Also, if you are truly interested, check out Liz Rice’s “Containers from Scratch,” a live demo where she creates a container system in 45 minutes with clear explanations of what is going on and why: [https://www.youtube.com/watch?v=8fi7uSYlOdc&vl=en](https://www.youtube.com/watch?v=8fi7uSYlOdc&vl=en)

Having written and edited the following, I’m unable to simplify it much further, and your five-year-old attention span will need to work with me here. Tell you what, let’s build Lego stuff while we talk.

Let’s back up a little, since you’re five. Computers have hardware, the parts you can touch, and software, instructions for the computer to know what to do with the hardware. I can show you the instructions on my screen, but you can’t really touch them, you can just touch them screen which happens to be showing them to you.

Fundamental hardware components are the processor, somewhat like a brain for the computer, storage, a way to store information whether it is in use right now or not, and memory, a way to manage information. A foundational piece of software is the operating system (OS). An OS manages all the resources (processor, storage, network, etc.) including software such as applications and services.

Your phone’s OS is likely Android or iOS, and settings for your ringtone, your daily alarms, your home screen are all part of your OS. Apps like Tik Tok or Angry Birds are not part of the OS, but they can only run because your OS knows what to do with them, that is the OS knows how to follow the app’s instructions to play sounds, change colors on the screen, or read touches on the screen. Your laptop from the school district runs Chrome OS, and my work computers run Windows and Linux OSes.

What are you building there, and helicopter? I love that idea.

A virtual machine is a full operating system (OS) running within a resource controller called a hypervisor. So, my computer has the “host” OS, that is the OS that runs on the hardware, and also one or more “guest” OSes that run within the hypervisor. The hypervisor assigns access to hardware resources to the guest OSes, for example the hypervisor could assign half of my computer’s capacities (processor, storage, and memory) to the guest OS, leaving half for the host OS. This effectively divides my hardware, but requires two copies of the OS.

Each OS, the host and the guest, consume a portion of these resources, leaving fewer resources available for apps. Running host and guest OSes allows me to keep projects separated. I can use my host OS for work stuff, and my guest OS for personal stuff. The host OS can delete the guest OS, but the guest OS can’t delete host OS. This type of separation is also important for applications that I only want to communicate in certain ways, or I can reboot the guest OS without rebooting the host OS.

Nice helicopter there. Can I use that long Lego piece if you don’t need it? Thanks. You are really good a sharing.

Now, all this about hardware and resources is background. Containers are a way to conserve more resources for running more apps and services instead of running more OSes. Critically, containers also provide more isolation between apps. So, I have the same hardware, only one OS, but I still have independent control of applications/services running in potentially many containers. Each container could be the same application running independently from the others, or each could be a different application. If one container crashes, I can just start a new one without any impact to other containers and without any impact to the OS.

Really do watch the talk by Liz Rice. She has shorter versions, but that is the only one I’ve watched so I can’t vouch for the condensed ones.