Getty Images/iStockphoto


Why use containers vs. VMs in a modern enterprise?

Thinking about making the switch from VMs to containers? Compare container features against VMs to determine whether you should change where you host your applications.

When considering whether or not to use VMs instead of containers to host applications, it's best to take a systemic approach and weigh the benefits and risks of the two technologies.

But first, let's define them both and describe how they work.

What are VMs and containers?

Virtual machines divide a server into two pieces, which lets you share the server. Each VM runs its own software, including the OS, and shares only a minimal hypervisor element that creates the server virtualization itself.

The benefit of this setup is isolation; software sees VMs as separate devices, which means they require minimal interaction. However, the selection of the right hypervisor matters because the hypervisor's features mediate how it will share the hardware.

Containers are perhaps the most misunderstood concept in IT. Most users think that a container is a kind of lightweight virtual machine, but a container is a unit of software deployment hosted on an OS (usually, Linux) that can support container hosting.

VM vs. container setup

Hosting differences

The differences between container hosting vs. VM hosting are easily explained. However, because a container is a software element, it offers a second dimension of benefits that, for many enterprises, far outweigh the benefits of VM hosting.

Server efficiency. Every VM runs the complete OS and middleware stack, as well as the applications, which limits the number of VMs that a server can support. Containers share the basic OS and, in some cases, middleware. Users report between two and six times more containers than VMs can be hosted on a server.

Isolation. VM applications are more securely isolated from each other, meaning there is little risk that an application could hack into the server and, from there, to other applications that run on the server. VM applications are also less likely to be affected by other applications that contend for server resources. Containers might take a performance hit if other applications compete for resources, such as memory or CPU.

Security and compliance. VMs seem to be a clear winner for critical applications, as their security measures include a strong segmentation boundary between workloads, guests and the hypervisor. However, other considerations might further tip the scale toward containers.

Infrastructure and deployment

Containers package software to run in a specific resource environment, which is what container hosting provides, and why containers are more portable. Standardized container environments simplify operations.

VMs are typically deployed and redeployed through a series of steps, which prepare and configure the platform and then deploy the software. If the software is made up of multiple interdependent pieces, each piece has to be configured and deployed. DevOps tools, such as Chef, Puppet and Ansible, usually handle this process. Some users will also precondition servers using infrastructure-as-code tools.

Containers don't require infrastructure setup and the container's contents manage the configuration of the application. The entire application is then deployed as a unit on suitable container hosts. The most popular tool for deployment and redeployment of containers is Kubernetes. Container hosting requires less work, so it takes less time to deploy and run an application that's containerized versus one that requires VMs.

Container deployments are in defined domains called clusters. Hybrid and multi-cloud applications usually create multiple clusters, which can complicate deployment. However, federation, a recent advance in the container space -- specifically, in Kubernetes -- lets enterprises use multiple Kubernetes hosting clusters collectively, without losing the clusters' individual identities. For example, Google Anthos, a Kubernetes federation tool, lets hybrid and multi-cloud infrastructure users deploy and redeploy containers across their mixed cloud environment, with global policies set by Anthos.

Another useful container advance is managed container or managed Kubernetes services from public cloud providers. Application orchestration is a complicated process and many companies can't acquire and retain the necessary skills to handle it in-house. Managed container services unload much of the complexity, though the price is higher.

These container features that extend beyond container hosting are likely to alter the VMs vs. containers debate for many users. Hybrid and multi-cloud applications, particularly those that move components across cloud boundaries, are a strong point in favor of container use. Most users would agree the default strategy for applications in the cloud should be containers, unless application requirements dictate otherwise.

Using VMs and containers together

Many users find containers perfect for hybrid and multi-cloud computing because the resource independence of containers makes them easy to adapt to both cloud and on-premises hosting. The cloud connection opens a third choice in the question of VMs vs. containers: the option to use both. If you use VMs and IaaS cloud services to host your own container software, the result is portable between data centers and multi-cloud.

Next Steps

How well do you know container basics?

Compare running Kubernetes on VMs vs. bare-metal servers

Dig Deeper on Containers and virtualization

Software Quality
App Architecture
Cloud Computing
Data Center