CONTAINERS OR VIRTUAL MACHINES: HOW TO CHOOSE
Containers
The massive boom of Docker and other companies providing containers over the past few years have given IT pros a new technology that assists in reliably running software in diverse computing environments.
A common example of this includes a developer using a container to have a test environment on her laptop, then switching to a staging environment on a different computer.
To do this, the container hosts the bundled runtime environment, including the application, libraries, and configuration files. This abstracts the differences in operating systems and infrastructures.
So, put simply, containers allow you to run isolated systems on a single server or host OS, even when they are moved from one environment to another. They are on top of the physical server and its host operating system, and each container shares the host OS kernel.
Containers and virtual machines both help save space, but containers take up a smaller amount of space on your server than VMs, and should take only seconds to open. You are also able to put multiple containers on one server, and they are all easily shareable with other machines, both those that are physical and on the cloud.
Another benefit to using containers is the increased simplicity of management. With a single, shared operating system, there are fewer required patches and bug fixes. Overall, containers are used to make everyone’s life easier by making it lighter, faster, and more simplified to move among different environments, from development to testing.
Virtual machines
Existing before containers, virtual machines have helped millions save money and resources by lowering the need for physical hardware system. A VM is an entire operating system or environment that imitates dedicated hardware.
A hypervisor or virtual machine monitor creates and runs VMs, which emulate isolated operating systems. This hypervisor rests between the OS and hardware to virtualize the server. For example, with a virtual machine, the same computer can run a Linux OS and a Windows OS.
With this efficient use of the pre-existing hardware to utilize server processing power and capacity, companies are required to buy less hardware and can make backups more secure.
So, with a VM, the technology creates not only an application but also an entire operating system. While each VM has a unique OS, it is also possible to run more than one VM on the same physical server, although the VM may be quite large.
The cost-saving benefit of containers and virtual machines is quite obvious. With VMs, there is less need to buy physical hardware. You are also able to consolidate applications and operating systems on a single system, and VMs have a reduced footprint and faster server provisioning.
Differences
As above, the main difference between containers and virtual machines is the virtualization layer and how the operating system resources are used. Containers virtualize an operating system to run multiple workloads on one OS instance. On the other hand, virtual machines virtualize the hardware to run multiple operating system instances.
VMs need a hypervisor that allows VM instances to be provisioned from the system’s available computing resources. This means that containers take fewer resources, leaving them with greater speed.
Virtual machines operate in full isolation from one another, making malware and application crashes much less damaging as they only impact the virtual machine they occurred in.
Containers, on the other hand, are more resource-efficient because, though not creating the full operating system, the resulting instances do not use as many resources and are faster to create and migrate.
Thus, it’s possible to have many more containers on one server than virtual machines. Another thing to consider is that containers are only able to migrate to servers with compatible operating system kernels.
However, the isolation that protects VMs from a separate, compromised VM on the same machine does not exist in the same way for containers. If the host OS is compromised in a malware attack, all containers can be disabled or impacted by the breach.
Containers also make a breach in security easier, as the possibility of a user or application gaining superuser privileges within the container, then consequently gaining access to the underlying operating system is a possibility that doesn't really exist with virtual machines.
Of course, though, you could take additional precautions to secure your container, such as making container processes to write to container-specific file systems. Many precautions are also the same you would take on a typical computer without a container, such as not installing unknown programs.
Which should you choose?
Both containers and virtual machines have their benefits. Essentially, it depends on the size of your project and how much you want to do on a single machine. Typically, if you are running a single application, or multiple copies of that application, you want to run it on a container. However, if you want to run various applications and have increased flexibility in doing that, a VM might be best for you.
Additionally, how important is changing the operating system to you? With containers, you usually need one OS; however, VMs, of course, give you the ability run almost any operating system.
Here are two simple questions to help in your decision:
- Do I need to run many applications on different servers or have multiple operating systems?
- Your best solution: Virtual machine
- Do I need a very large amount of applications on a very small amount of servers?
- Your best solution: Containers
Additionally, if budget is a large concern, it’s probably best to use containers, as you are able to use more of these with less physical hardware. However, if security is your No. 1 concern, VMs can give you more peace of mind with less work.
Comments
Post a Comment