Tip

Making the case for container-based virtualization over hypervisors

Container-based virtualization can offer greater efficiency and performance than a conventional hypervisor

    Requires Free Membership to View

, if you don’t mind using just one kind of operating system.

More on container-based virtualization

Building a Linux virtualization solution with OpenVZ

How to create virtual machines using OpenVZ

Container-based virtualization uses a single kernel to run multiple instances of an operating system. Each instance runs in a completely isolated environment, so there is no risk that one container can gain access to another’s files. As a result, container-based virtualization is secure.

And this virtualization method is also very resource efficient, because everything runs on top of the same kernel. But this efficiency also comes with a price: With one kernel, there is no flexibility in your choice of operating systems. When evaluating each virtualization method, it’s important to understand the differences as well as where each approach excels.

Container-based virtualization vs. the hypervisor: The differences
There are some differences between a hypervisor environment and container-based virtualization. For one, with hypervisor-based virtualization, every virtual machine (VM) needs a complete operating-system installation, including a kernel. This requirement makes hypervisor-based virtualization rather massive but also very flexible. The hypervisor just coordinates access to hardware, and every virtual machine has its own kernel. Therefore, you can install any operating system you want, and these OSes run in completely isolated environments.

On the other hand, with container-based virtualization, the virtual machines are one level closer to the hardware, because they all use the same kernel, without the need for a hypervisor. Popular forms of container-based virtualization run on top of a Windows kernel, in the case of Parallels Virtuozzo Containers, or atop Linux. Because of the flexibility and openness of the latter, container-based virtualization is used with Linux in most cases. And many open and free solutions are available.

Typically, corporate environments avoid container-based virtualization, preferring hypervisors and the versatility of having many operating systems. But a container-based virtual environment is an ideal choice for hosting providers. It delivers an efficient and secure way to offer operating systems for customers to run services on.

A hosting provider strives to use the same operating system for every virtual machine, to simplify VM maintenance. For example, you can update hundreds of virtual machines on a physical server with one Linux kernel patch. Also, with far-reaching methods (e.g., cgroups) to optimize performance, container-based virtualization is an ideal solution, if optimal efficiency is the first priority and the choice of operating systems is less important.

Linux LXC a boon for container-based virtualization
LXC is one of the newest additions to enterprise Linux, and it’s a native solution that can create containers. It is based on chroot and the so-called chroot jail. This approach allows for an isolated environment on top of the kernel. But not everything is copied in a chroot jail -- only the binaries, libraries and configuration file are really needed. As such, the individual virtual machine can be stripped down to an absolute minimum.

The use of cgroups is another major step forward in Linux container virtualization. Cgroups are groups of resources that can be created at the kernel level, and you can assign priorities to them. Therefore, you can ensure that each virtual machine has exactly the resources it needs and nothing more.

These two aspects of container-based virtualization create a really efficient environment, where many instances of the same operating system are offered to your customers.

This was first published in June 2012

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Expert Discussion

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.