Containers are a means to install and run applications in an isolated environment on a server (physical or virtual). The application running inside a container is limited to resources (CPU, memory, disk, process space, users, networking, volumes) allocated for that container. Access is limited to that container’s resources to avoid conflict with other containers. Think of a container as an isolated sandbox for an application to run in.
The concept is similar to virtual machines, but containers use a light-weight technique to achieve resource isolation, whereby they use the Linux kernel (as opposed to a hypervisor-based approach taken by virtual machines). Containers issue Linux commands to make use of a subset of system resources.
Docker is a popular tool to create and start a container. Docker Community Edition (CE) is ideal for developers and small teams looking to get started with Docker and experimenting with container-based apps. It enables packaging of an app with all its dependencies and libraries.
Here’s more information on using AWS to build secure services with containers.