It's possible to run a container in a VM using nested virtualization, but this added complexity can lead to problems...
in the virtual environment, such as instance incompatibility.
Containers are a form of virtualization that bear some similarities to traditional hypervisor-based VMs, but they differ in some key respects. The principal difference between containers and VMs is that VMs operate in complete isolation from one another; each VM requires a separate and complete suite of OSes and drivers. This means VMs tend to be large, resource-heavy instances.
By comparison, containers share a common underlying OS kernel, which offers weaker isolation, but results in far smaller, more resource-lean instances that can start and stop faster.
Containers are usually regarded as the more flexible and scalable virtual instance type. Ultimately, container platforms such as Docker provide the native virtualization used by containers.
Running a container in a VM
Hypervisors and container platforms aren't mutually exclusive, and it's entirely possible to run VMs and containers simultaneously on the same host system. Similarly, it's also possible to install a container platform and run a container in a VM instance -- a scenario called nested virtualization. For example, it's entirely possible to install Linux and Docker on a Windows Server Hyper-V VM and run Linux containers in that VM.
But there are always exceptions to every rule, and emerging container platforms such as Docker for Windows are known to pose some potential problems when run in certain VMs, such as Parallels running on a Windows 10 computer or VMware Fusion running on a Mac. These hypervisors virtualize hardware differently than Microsoft Hyper-V, which is used on enterprise-class platforms such as Windows Server 2016, and the resulting differences can lead to intermittent faults that are sometimes difficult to predict.
Although it should be perfectly acceptable to run a container in a VM using enterprise-grade platforms, such as Docker under a Hyper-V VM, it's generally best practice to run the container platform natively on endpoint computer systems, such as PCs. For example, admins could run Docker for Windows natively on the Windows system or Docker for Mac on the Mac system.
If nested virtualization must be used on endpoint computer systems, ensure that nested virtualization is enabled, that you provision adequate system resources to operate the workload, and that you install all the current OS patches and updates. Older processors might be more sensitive to nested virtualization performance than the latest processors, which provide more hardware virtualization capabilities.
Dig Deeper on Application virtualization
Related Q&A from Stephen J. Bigelow
Embedded systems and hypervisors go hand in hand. By understanding both, admins can maximize system benefits such as multiple OS support and legacy ... Continue Reading
Application load balancers and API gateways both manage network traffic, but in their own ways. Learn the differences between them and how to use ... Continue Reading
Developers don't have a lot of free time. Code reuse helps dev teams focus on the most value aspects of a project, so ensure everyone knows how to ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.