The push for virtualization
With the push for virtualization and cloud computing, virtual machines and containers are making big waves in the IT world. Major companies like Google, IBM and Microsoft have embraced the technologies to pump out multiple services on a single platform. Despite the widespread attention virtual machines and containers have received, many people conflate the technologies, overlooking how the two compare and contrast.
What are virtual machines?
A virtual machine is an operating system that performs network functions on software rather than proprietary hardware. With this technology, network administrators do not have to invest in expensive hardware to setup a chain of network connected devices. Rather, they can invest in inexpensive nodes to run virtual machines that perform those functions automatically. If a user needs a new network function, a service administrator can spin up a virtual machine for that function in half the time it takes to install on hardware.
A hypervisor, otherwise known as a virtual machine monitor, is a software program that enables a user to run multiple virtual machines on a single piece of computer hardware. While virtual machines do not require a hypervisor, they do require additional bandwidth, storage and processing capacity whenever the physical hardware hosts multiple virtual machines.
What are containers?
Containers are a form of lightweight virtualization that share the same kernel as the host system. There are two major types of containers: application containers and OS containers.
Application containers are designed to run a single service. They are widely used to package applications and services without launching a virtual machine for every app. Containers by Docker and Rocket are prime examples.
OS containers, on the other hand, can run multiple processes on an individual console. They isolate various processes and resources, like memory and CPU, from the host and other containers. The isolation ensures processes and resources within a container cannot view processes and resources from outside containers. OS containers are often created from templates or images, which supply their form and contents.
Virtual machines versus containers
There are several similarities and dissimilarities between virtual machines and containers. Virtual machines provide an abstract machine, whereas containers provide an abstract OS. Although containers share system resources, unlike virtual machines, all containers on an individual host share the same OS kernel. Consequently, users can put two to three times as many applications on an individual server with containers than with virtual machines.
Another advantage containers have over virtual machines is the former has a low overhead, which allows new containers to start quickly. This is due to the fact that the OS underpinning a virtual machine requires time, memory and space for virtual machine disk storage. Since containers are lightweight, they can be deployed faster than virtual machines.
Although containers may appear to have the high ground, they have their share of drawbacks. Virtual machines are more secure than containers. Since containers share a host OS, security threats have better access to the whole system in comparison to a hypervisor-based platform. The hypervisor provides a high level of isolation for each virtual machine, meaning if one is infected by a computer virus it may not spread to the others.
Containers also have issues with management. Containers are easy to spin up and duplicate. This may seem advantageous on the surface; however, too many containers can quickly eat up a computer’s resources without the user knowing it. While containers can be deleted when no longer needed, scaling a containerized application up or down can be costly, and requires the user to be on constant alert.
Deciding which to choose
Another misunderstanding about virtual machines and containers is the technologies are rivalries rather than comrades in arms. Architectural frameworks like OpenStack can enable organizations to take advantage of existing virtualized technology without having to create a separate infrastructure for containers only. By getting these tools to work together, users can experience the best of both worlds.