Up until now, the containers you have been working with include all their content within the container image. As I described in chapter 1, the only thing required to be shared with traditional containers is the Linux kernel. There are several reasons you need to isolate application data from the application, including the following:
- Avoiding embedding actual data for applications such as databases.
- Using the same container image to run multiple environments.
- Reducing overhead and improving storage read/write performance, since volumes write directly to the filesystem, while containers use the overlay or fuse-overlayfs filesystem to mount their layers. Overlay is a layered filesystem, meaning the kernel needs to copy the previous layer entirely to create a new layer, and fuse-overlayfs switches each read and write from kernel space to user space and back. All of this creates quite an overhead.
- Sharing content available via network storage.