What is containerization and how does it work or differ from existing virtual machines?
A virtual machine mimics a complete server. In a typical virtualized server, each VM "guest" includes a complete operating system along with any drivers, binaries or libraries, and then the actual application. Each VM then runs atop a hypervisor, which itself runs on a host operating system and in turn operates the physical server hardware. It's a tried-and-true approach, but it's also easy to see how each iteration of the guest operating system and supporting binaries can cause duplication between VMs; it wastes precious server memory, which limits the number of VMs that each server can support.
The concept of containerization basically allows virtual instances to share a single host operating system and relevant binaries, libraries or drivers. This approach reduces wasted resources because each container only holds the application and related binaries or libraries. Containers use the same host operating system (OS) repeatedly, instead of installing (and paying to license) an OS for each guest VM. This is often referred to as operating system-level virtualization. The role of a hypervisor is instead handled by a containerization engine, like Docker, which installs atop the host operating system.
Since each application's container is free of OS overhead, the container is notably smaller, easier to migrate or download, faster to backup or restore and requires less memory. Containerization allows the server to potentially host far more containers than it could virtual machines. The difference in utilization can be dramatic, and it is possible to fit anywhere from 10 to 100 times the number of container instances on a given server (compared to the number of VM-based application instances).
A containerized environment, such as Docker, works as a series of layers, starting with a base image composed of an OS and application, including Linux, Apache and a custom web application. Updates and modifications can be applied through additional layers to create new images, and then the desired image can be used to launch containers that can also be stopped, migrated and removed as-needed. By isolating containers from each other, containerization can provide security for applications and prevent malware from proliferating across instances.
Cloud app containerization: Is it right for you?
Explore the link between containers and mobile data protection
Create a secure container checklist
Dig Deeper on Application virtualization
Related Q&A from Stephen J. Bigelow
WET code leaves apps bogged down. Learn how to reduce the challenges brought on by code redundancy by programming based on the DRY principle. Continue Reading
A virtualization layer in an embedded system provides better efficiency for tasks such as network virtualization. Some examples of embedded ... Continue Reading
An embedded hypervisor offers several benefits, such as VM security, system reliability and improved hardware use, and is ideal for admins looking to... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.