Docker vs. VM – who wins?
We asked 12 Docker Captains to tell us their personal tips and tricks regarding Docker. In the first part of our ongoing series we learned why and how our experts use docker – and how to get the most out of using this technology. In the second part we are going to have a look on the disruptive elements of Docker. Is it really accurate to talk about a “revolution of IT by containers”? What is hype and what are the real values of using Containers? And what are the differences between Docker and Virtual Machines?
Docker – Hype or true revolution?
Ajeet Singh Raina: How many times have you encountered CPU/Memory/Resource error while you install Temple Run or any kind of application on your mobile device? I never heard anyone complaining about it. I think the same thing is happening in the server world. Irrespective of what language you are using to develop your application on whichever platform, all you do is package the application and run it seamlessly across the multiple environments. Docker has revolutionized the way how we ship, build and run our application ranging from small IoT devices like the Raspberry Pi, laptops, workstations, or mainframes to diversified Cloud Platforms.
Whether it’s Big data analytics, application frameworks, application infrastructure, application services, databases, messaging services, monitoring, operating systems, programming languages, deep learning, security, storage, DevOps tools, or more, you will surely find tremendous amount of interest around implementations with Docker containers.
Docker vs. VM – where is the difference?
Docker is container based technology and containers are just user space of the operating system. At the low level, a container is just a set of processes that are isolated from the rest of the system, running from a distinct image that provides all files necessary to support the processes. It is built for running applications. In Docker, the containers running share the host OS kernel.
A Virtual Machine, on the other hand, is not based on container technology. They are made up of user space plus kernel space of an operating system. Under VMs, server hardware is virtualized. Each VM has Operating system (OS) & apps. It shares hardware resource from the host.
VMs & Docker – each comes with benefits and demerits. Under a VM environment, each workload needs a complete OS. But with a container environment, multiple workloads can run with 1 OS. The bigger the OS footprint, the more environment benefits from containers. With this, it brings further benefits like Reduced IT management resources, reduced size of snapshots, quicker spinning up apps, reduced & simplified security updates, less code to transfer, migrate and upload workloads.
STAY TUNED
Learn more about DevOpsCon
Docker – Hype or true revolution?
Nick Janetakis: I’m usually unaffected by hype because deep down, I just care about results. A question I always ask myself is “can this new technology really make my life better as a developer or sysadmin?” If the answer is yes, then I’ll give any new technology a fair shot.
I do think Docker lives up to its hype. I wouldn’t be using it if I wasn’t thrilled with what it lets me do.
The biggest advantage I see to Docker is how it empowers developers. When you don’t need to worry about how to install something, it really opens the door to letting you pick whatever technology fits best.
Not only that, but you see the wins right away, which is really important. For example, you don’t need to mess around with trying to isolate your projects using various programming language version managers. You can just isolate them with Docker instead.
Docker vs. VM – where is the difference?
A Dockerized application is just a process that runs on your system. It doesn’t require running a Hypervisor (such as VMWare or VirtualBox), which means there’s no guest operating system to lug around. I do think there are reasons to use Virtual Machines nowadays, but they solve a different set of problems than Docker. You can use Docker to isolate individual applications, and use Virtual Machines to isolate entire systems. They are operating at different levels of abstraction.
Docker – Hype or true revolution?
Gianluca Arbezzano: I think it’s true for two main reasons. First, cgroup and containers are really good technologies and concepts capable of a real support for developers and sysadmin. The second reason is the architecture itself. Docker and all the projects started from it like notary, containerd, runc are a great example of good code. Dockerfile to describe and build a container is a very great and clean implementation. Before that, we were coming from a complex and long configuration file to describe infrastructure as code. The mix of these two factors created what we know now.
Docker vs. VM – where is the difference?
GA lot of people at the moment don’t really care about isolation. I mean, a container that runs as privileged inside a virtual machine, without resource limitations, security profiles and so on, it’s kind of a smart tarball and nothing more. But if you put together all the capabilities provided by containers you can reach a good isolation, plus a light and easy ecosystem to run, distribute and manage your application. Starting a virtual machine is more expensive in terms of time than starting a container. The same goes for the distribution and building part. I spoke already about how munch a Dockerfile looks easier than other solution related virtual machine provisioning.
Docker – Hype or true revolution?
Adrian Mouat: It’s probably more accurate to say containers and microservices are revolutionizing IT. Yes, it’s true. At its simplest, a Docker container is just packaging. But it’s packaging that bridges the gap between development and production, increasing the speed and reliability with which we can develop software. Containers are an ideal delivery vehicle for microservices – a software architecture that is becoming increasingly important when building large, distributed systems that need to scale and be resilient.
Docker vs. VM – where is the difference?
They are similar in that they both provide isolated environments – they can both be used to package up and distribute software. However, containers are typically much smaller and faster, which makes them a much better fit for fast development cycles and microservices. The trade-off is that containers don’t do true virtualization; you can’t run a windows container on a Linux host for example. It’s also worth pointing out that several companies are trying to create tooling around slimmed down VMs to try to get the best of both worlds e.g. hyper.sh, Intel Clear Containers and vSphere Integrated Containers.
Docker – Hype or true revolution?
Vincent De Smet: Machine Virtualization revolutionized IT first: improving stability, manageability and cost savings. Time-sharing resources have been a fundamental model since the 1970s in computing. Many of the time sharing concepts have been revived as Cloud computing since the prevalence of the internet. When I saw the core concepts Docker introduced on top of the LXC technology, which has roots back to 1979 (chroots – pun intended), I was sure this was going to be an important technology in the way we will develop and deliver applications going forward. These core concepts introduced by Docker are:
1. Immutable container Images which can be reproducibly built following an open standard across several platforms
2. Central Registries to share these images to and from, with strong governance on a strict interface to and addressing of these registries
3. Container Runtime engine with clearly defined responsibilities of setting up and starting containers from the container Images
Docker provided the first implementation of these concepts as open source in 2013. Docker was able to manage and grow a very large community of contributors (including Red Hat and Microsoft, among others). This ensured that the industry centralized on the definition of these components and made sure they are here to stay.
Docker vs. VM – where is the difference?
There are many analogies – apartments (shared plumbing/facilities) versus stand-alone houses being a popular one. I think there is already a lot of material out, such as this article from Mike Coleman.
Container technology is spreading like wildfire!
Explore the Kubernetes Ecosystem Track
Docker – Hype or true revolution?
Chanwit Kaewkasi:It’s pretty true in my opinion. In the past, it was very hard to up and run a set of Web servers.
With Docker, we can just do it in a couple of minutes.
Docker vs. VM – where is the difference?
Docker is basically using the OS-level virtualization, Linux namespaces and control groups, for example. Its overhead is very thin compared to a virtualization technique, like Hypervisor used by virtual machines.
x
x
Docker – Hype or true revolution?
Kendrick Coleman: Docker is definitely revolutionizing IT. But right now, it’s not Docker alone. Docker has been the enabling technology that has not only vaulted them onto the scene along with other solutions that use Docker under the covers like Mesos and Kubernetes. These tools combined create a new and powerful tool for breaking down the wall between Devs and Ops. The common packaging tool allows your application to be extremely portable between any environment whether it’s in the cloud, on-prem or between any orchestrator.
However, the fact that this is completely open source does not mean it’s free. Nothing is ever free, remember that. Open Source means you must spend money in different ways through building your staff to learn something new, paid support, or consultation and outsourcing.
Docker vs. VM – where is the difference?
We’ve all seen the comparison charts. For me, it’s speed and portability. After managing environments with hundreds of VMs, containers are going to reduce the footprint even further.
Docker – Hype or true revolution?
John Zaccone: I think Docker and containers solve a lot of problems that we currently have such as “it works on my machine” and being able to automate deploying applications at scale of many different types. The central thing that makes all this stuff possible is containers. The only thing that was left to do was make containers usable with some really nice tooling. Docker provided that, and they have done a really good job in making a very friendly developer user experience.
Docker vs. VM – where is the difference?
Containers allow you to encapsulate your application dependencies and allow that to be included as part of your application development. Ask yourself: Are you testing just your code? Or are you testing your entire application, i.e. the code + everything your application depends on: libraries, runtime versions, etc? We set up all these best practices for testing, automated validation, etc., but it’s silly if we don’t consider those application dependencies as a part of that.
Docker – Hype or true revolution?
Nicolas De Loof: Containers are not a new thing. Google has been using them for a decade and many ops team have already adopted LXC. What make Docker disruptive is that it defines a high-level, user-focused abstraction for “distributing and running stuff”. Docker’s main value is the image format and the plumbing to distribute them. The runtime also is great, as it offers reasonable defaults so things just work out-of-the-box, but experienced users like production can also tweak runtime for fine-grained control.
Docker vs. VM – where is the difference?
They differ because of technical reasons, but that’s not the point. One could implement Docker using virtual machines. (Actually, Intel’s clearcontainer and hyper.sh do!) But for most users, VMs are created and managed as plain machines that never get replaced. One has to upgrade them, fix them, etc. But a VM is still a full system, when something goes wrong, it’s hard to tell who’s guilty.
Containers and Docker are not in conflict with virtual machines; they are complementary technologies for distinct usages. VMs allow users to manage hosts by APIs and offer infrastructure elasticity. Docker allows users to define software as small lego blocks to assemble, so they embrace modern architectures: immutable infrastructures, microservices, distributed software, and more.
Docker – Hype or true revolution?
Lorenzo Fontana: Yes, it is. The most important thing to know about the Docker project (now The Moby Project) and Docker Inc. is that they are good in making difficult things easier and that’s what they are doing not just with Docker.
Docker vs. VM – where is the difference?
I have a blog post for that, but it’s not definitely worth comparing the two technologies.
If you prefer a one-liner: “Containers are processes, VMs are servers”
x
Docker – Hype or true revolution?
Brian Christner: I really believe Docker has created a new toolset which has now become the standard for DevOps
Docker vs. VM – where is the difference?
This is a question that comes up again and again. I really like to point out that VM’s are built for applications that are usually more static and don’t change very often. Whereas containers are more flexible and make it possible to easily and frequently update your containers. The line between VM’s and containers comes down to use case. But in the same breath I also mention that we run all of our apps in containers and VM’s so they actually complement each other very well.
x
Docker – Hype or true revolution?
Antonis Kalipetis: I’d say that Docker brought a revolution that was already happening to the masses. Containers have existed long before Docker, but Docker managed to bring the technology to the community in a way that was easy to use and straight forward, making the technology useful.
Docker vs. VM – where is the difference?
Docker nowadays is more of a platform; it is way more than what it used to be when I started using it. So, in my opinion, the classic VM vs Docker conversation should be rephrased to VM VS containers like runC.
Back to the question though, a VM is what it actually says – a hardware machine, virtualized. A container on the other hand is just a process, which using kernel features we can isolate and limit the resources available to it. They’re serving different purposes; there’s no silver bullet.
STAY TUNED
Learn more about DevOpsCon