What is containerization and how does it work or differ from existing virtual machines?
A virtual machine mimics a complete server. In a typical virtualized server, each VM "guest" includes a complete operating system along with any drivers, binaries or libraries, and then the actual application. Each VM then runs atop a hypervisor, which itself runs on a host operating system and in turn operates the physical server hardware. It's a tried-and-true approach, but it's also easy to see how each iteration of the guest operating system and supporting binaries can cause duplication between VMs; it wastes precious server memory, which limits the number of VMs that each server can support.
The concept of containerization basically allows virtual instances to share a single host operating system and relevant binaries, libraries or drivers. This approach reduces wasted resources because each container only holds the application and related binaries or libraries. Containers use the same host operating system (OS) repeatedly, instead of installing (and paying to license) an OS for each guest VM. This is often referred to as operating system-level virtualization. The role of a hypervisor is instead handled by a containerization engine, like Docker, which installs atop the host operating system.
Since each application's container is free of OS overhead, the container is notably smaller, easier to migrate or download, faster to backup or restore and requires less memory. Containerization allows the server to potentially host far more containers than it could virtual machines. The difference in utilization can be dramatic, and it is possible to fit anywhere from 10 to 100 times the number of container instances on a given server (compared to the number of VM-based application instances).
A containerized environment, such as Docker, works as a series of layers, starting with a base image composed of an OS and application, including Linux, Apache and a custom web application. Updates and modifications can be applied through additional layers to create new images, and then the desired image can be used to launch containers that can also be stopped, migrated and removed as-needed. By isolating containers from each other, containerization can provide security for applications and prevent malware from proliferating across instances.
Cloud app containerization: Is it right for you?
Explore the link between containers and mobile data protection
Create a secure container checklist
Dig Deeper on Application virtualization
Related Q&A from Stephen J. Bigelow
Full virtualization and paravirtualization both enable hardware resource abstraction, but the two technologies differ when it comes to isolation ... Continue Reading
Organizations can cap their hyper-converged infrastructure costs when they deploy the Azure Stack HCI platform, but once they plug into the cloud, ... Continue Reading
You can implement ESXi on ARM -- or other RISC processors -- in micro and nano data centers. A nano data center is more specialized but also more ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.