Before we understand the differences between Containers and Virtual Machines let's understand the basic concept of virtualization.
What is Virtualization?
Virtualization is the process of running a virtual instance of a computer system in a layer separate from the actual hardware. It is often inefficient and costly for organizations to deploy multiple servers. Instead, virtualization provides the ability to create multiple simulated environments from a single, physical hardware system. It can run multiple operating systems in different virtual machines all running on the same host. This eliminated the need for extra hardware resources.
In the Pre-Virtualization days, we used to buy very big physical servers and on top of it, we would install the desired operating system and run applications on it. This way each physical machine would run only one application at a time. This involves so many costs and would end up using very less amount of hardware resources.
This process is done through software called a hypervisor, which connects directly to your hardware and allows you to split that one system into completely separate, distinct, and secure environments called virtual machines. The hypervisor provides the ability to separate the machine's resources — such as CPU, memory, storage, and more — from the hardware and distribute them appropriately.
There are two types of hypervisors:
Type 1 or “bare-metal” hypervisors are installed on empty or bare metal hardware which means there is no existing operating system or any other software on the machine. They most commonly appear in virtual server scenarios.
Ex: VMware ESXi,Citrix XenServer, Microsoft Hyper-V
Type 2 hypervisors are installed on existing operating system such as windows, macOS , Linux, Unix and so on. So the operating system sits in between the machine and the hypervisor runs as an application on an existing OS. These are typically used on personal computers to test new software, or to try out different operating systems.
Ex:Oracle VM VirtualBox, Microsoft Virtual PC, VMware Workstation.
Types of Virtualization
Data center virtualization
Advantages of Virtualization
Multiple operating systems can run on the same machine
Maintenance and recovery is easy in case of failure conditions
Tool cost of ownership is also less due to the reduced need of infrastructure
Portability as VMs can be easily transferred to another physical machine
Disadvantages of Virtualization:
Hypervisors are not as efficient as the host operating system
The guest OS runs on top of the hypervisor because of which it will have its own kernel and set of libraries and dependencies
Boot up process is long and takes time
What are Virtual machines?
Virtual Machines are software that creates a complete, isolated copy of an operating system. This means that each Virtual Machine can run its own applications, and each application will have its own isolated environment.
What are Containers?
A container refers to a lightweight, stand-alone, executable package of a piece of software that contains all the libraries, configuration files, dependencies, and other necessary parts to operate the application.
Instead of virtualizing the hardware like virtual machines, containers virtualize the OS. It’s built on top of a host OS kernel and usually shares its libraries and binaries.Because it shares most of its necessities, containers only pack the application and its dependencies. They’re much lighter than VMs and only megabytes in size.
There are a lot of containerisation and orchestration platforms. The most popular set up commonly used for complex applications are the pairing of Docker as the containerisation platform and Kubernetes, a container orchestration platform developed by Google.
A container consists of a master node, worker nodes and pods. A master node is the control that connects your requirements with the rest of the system. Pods are where your containers are located, while worker nodes are where pods will be deployed to.
Containers vs Virtual Machines
Containers are a method of operating system virtualization that allow you to run an application and its dependencies in resource- isolated processes
Containers can run on top of Virtual machines
There is no guest operating system overhead and utilizes a host’s operating system
Share relevant libraries and resources as and when needed unlike virtual machines
Light weight and faster than virtual machines
Containers are small, fast and portable because unlike a virtual machine, containers do not need to include a guest OS in every instance and can instead simply leverage the features and resources of the host OS.
As a part of a distributed system, containers are highly portable.
Because containers pack microservices and their dependencies in a small-sized package, it’s easy to move containers around, even across environments, such as the public cloud, private cloud, and hybrid cloud, as well as the multi-cloud and bare-metal environments.
Effective resource usage
Code packaged within containers share most of the dependencies needed to run the containers, including an operating system, libraries, and frameworks.
Unlike in virtual machines, there’s only one copy of necessary files in each hardware, leading to more effective resource usage. This also results in a lighter container, which means you can fit more containers within a physical server.
Easier to maintain
As containers use a micro services-based architecture, your code is broken down into manageable pieces that can be handled individually. Hence, you can update and maintain a container without worrying it will affect other parts of your application.
Container orchestration platforms are created to help you manage your containers. Container orchestrators, like Kubernetes or Docker Swarm, automate most of your container management process, including scaling, networking, and deployment.
Lacking Security measures
Containers provide lightweight isolation from the host OS and containers within the same system. This leads to a weaker security boundary compared to virtual machines.
Runs only one OS
This can be a benefit if you only use one OS, but if you need to be able to use it across different OS’s this is a negative. You can run an earlier version of the same OS using lightweight virtual machines.
Popular container providers:
Google Kubernete Engine
Linux Containers (LXC, LXD, CGManager)
Windows Server Containers
Hard security boundaries
VMs provide more isolation between neighboring systems, as you’re using a separate operating system from other machines in the same physical server. Whereas in containers, you’re operating within one OS, and flaws can affect the entire system.
The complete isolation in VMs results in better security, and vulnerabilities that are harder to exploit. If you’re not in control of the environment you’re in, using VMs, which has a stronger boundary is preferable.
Can emulate multiple OS
As you can run any operating system you want within a virtual machine, you don’t need to buy another hardware every time you need a different OS.
The resources allocated for a virtual machine are far more than what’s allocated for containers. That’s why VMs are more suitable for resource-intensive tasks. Tasks with larger sizes and a long lifecycle are more suitable to use with VMs rather than containers.
Not as portable
Virtual machines are gigabytes-sized chunks of software.
Naturally, it’s harder to move a virtual machine when compared to a container, because the applications run on a virtual machine that is highly dependent on the OS and the emulated hardware it runs on.
Ineffective resource usage
Often, the resources provided by virtual machines are too much for running a single application.
Harder to maintain the OS
As there are multiple operating systems in one VM, you need to update and maintain each OS separately. This is a time consuming and exhausting task, especially if you have multiple VMs.
As like most other areas in technology, virtualization continues to evolve — disrupting how businesses do business, and accelerating innovation. The concept of OS-level virtualization has been around for a while (as early as the 2000s), but the modern container era began with the introduction of Docker in 2013. Hope this blog helped to understand few basics.