Containers and Virtual Machines Toe-to-Toe: What You Should Know!

Containers and Virtual Machines Toe-to-Toe: What You Should Know!

December 15

Virtualization is the way to the future of IT. There’s no arguing that. The idea is just too compelling. The cost savings just too sweet to pass up. What we can debate about is the form of virtualization technology that will carry us into a new tomorrow.

Companies big and small reap giant-sized benefits by using virtualization to maximize underutilized hardware, consolidate their applications, and make data center operations easier to manage. Hypervisors have been tagged the golden standard thanks to their ability to spit out virtual machines that emulate the best of physical servers. While the old way seems to work just fine, it’s not perfect, and flawed enough to clearly see that a better way exists.

Enter Container Madness

Containers are the talk of the virtualization industry and one to watch in the cloud space. The idea of application isolation via “containerization” has attracted the attention of some of the heaviest hitters in the world of technology. Amazon, Google, Microsoft, and even virtualization forerunner VMware have recently made sizable investments in containers. While there are already a few players in the game, this trend is exclusively synonymous with one brand – Docker.

Similar to a young VMware 15 years ago, Docker is turning heads in the virtualization community, a space VMware still dominates, by the way. The firm offers an open platform of the same name that strives to create a more standardized and consistent environment for applications. Docker has been on a meteoric rise since its launch in 2013. Investors have lent their financial backing and big name partners are coming out of the woodwork to get in good with the early king of containerization.

There currently isn’t much available in the way of market forecasts or statistics. Cloud monitoring service Data Dog HQ put together what I’ve find to be the most comprehensive set of data on Docker adoption. I highlighted some of the areas that stand out below:

  • Adoption rate: Docker adoption bloomed from 1.8 percent to 8.3 percent from September 2014 to September 2015.
  • Adoption profile: Docker had higher adoption rates among organizations running 500 hosts or more, dispelling the myth of larger companies taking the wait and see approach with new technology.
  • Adoption conversions: Two in three companies that try Docker end up going from testers to full fledged adopters, usually within 60 days of their initial trial.
  • Adoption production: Whereas virtual machines are often deployed by the double digits, Docker hosts were docked as running approximately four containers at a time.
  • Adoption results: Docker adopters tripled their number of containers after five months of usage, which suggests that users are pleased with the results.

Data Dog drew the above conclusions by monitoring roughly 7,000 organizations and their actual usage of virtualization platforms. Sure, it’s only a small piece of the whole picture, yet bigger than your average sample size. More importantly, it appears to be a fairly accurate glimpse into not only Docker adoption, yet the overall appeal of containerization as a whole.

A Virtual Edge

I recently started tinkering with virtualization to access some Windows-only apps on my Linux box. Amazing tech, of course, but I instantly realized how performance can become an issue in a mission-critical production setting. Virtual machines are notorious for pigging out on system resources. Every VM you install is essentially another operating system you’re running in addition to your host system. Plus you have to account for virtual copies of their RAM and CPU cycles. My little laptop is no speed demon, but even the most powerful machine will feel that resource taxing in the performance department.

containers photo

Containers, on the other hand, are more resource-friendly by design. There is no need for a hypervisor, so multiple containers can run and be made to share resources across a single host machine. They can even be deployed within a classic virtualization environment, where they eliminate the need to run hundreds of resource-hungry VMs on one poor server. The result is a lightweight operating environment with almost all the efficiency benefits of traditional virtualization and far less overhead. As IT experts are increasingly learning, containerization offers a portable solution for developing, testing, and deploying the next generation of application experiences.

Cause For Concern

When something looks too good to be true, it usually is. Containerization is certainly not without its drawbacks. One known advantage of the hypversior is its ability to induce abstraction at the hardware level and create individual kernels for each virtual machine. In turn, this process reduces the attack surface to the host system as well as those individual VMs.

security photo

Security has been singled out as the biggest concern for containers. Each container shares a kernel with the host server, which introduces a number of potential issues. What this basically means is that if the kernel can be exploited, then every container hooked into it is equally vulnerable. Despite being great at isolation, containers, at this point, fail to contain security threats like virtual machines. It’s arguably the biggest reason vendors and end users need to think carefully about deploying them across multi-tenant environments like the public cloud.

The mere popularity of a white hot technology like containerization poses a threat to IT security. Developers are steadily cranking out new tools to help build the ecosystem that will drive this trend into the future. The container concept isn’t exactly new, but it is still very much in its infancy as a mainstream technology, in a space that currently lacks standardization. And since developers and quality control specialists are still getting acquainted with the core essentials, their contributions are in turn attributing to security woes.

An even darker side of containerization can be uncovered in user feedback. For instance, some programmers feel that Docker has some regrettable user experiences. They complain the system is slow, doesn’t work as intended or that too many workarounds are required. Just see the blogs for many such reviews, detailing all of these issues.

Co-existence is the Key

You’ll find enough pros and cons in both VMs and containers if you go looking. Keeping this in mind, the wise play may be using both so the strengths of one can make up for the weaknesses of the other. It makes a lot of sense because virtual machines are just a better fit for most common virtualization applications while containers are still more of a niche thing for specialized needs. But with some of the biggest tech giants having thrown in their chips, it could be only a matter of time before this emerging technology is truly ready for primetime.