Maksim Samasiuk - Fotolia
It's possible to run a container in a VM using nested virtualization, but this added complexity can lead to problems in the virtual environment, such as instance incompatibility.
Containers are a form of virtualization that bear some similarities to traditional hypervisor-based VMs, but they differ in some key respects. The principal difference between containers and VMs is that VMs operate in complete isolation from one another; each VM requires a separate and complete suite of OSes and drivers. This means VMs tend to be large, resource-heavy instances.
By comparison, containers share a common underlying OS kernel, which offers weaker isolation, but results in far smaller, more resource-lean instances that can start and stop faster.
Containers are usually regarded as the more flexible and scalable virtual instance type. Ultimately, container platforms such as Docker provide the native virtualization used by containers.
Running a container in a VM
Hypervisors and container platforms aren't mutually exclusive, and it's entirely possible to run VMs and containers simultaneously on the same host system. Similarly, it's also possible to install a container platform and run a container in a VM instance -- a scenario called nested virtualization. For example, it's entirely possible to install Linux and Docker on a Windows Server Hyper-V VM and run Linux containers in that VM.
But there are always exceptions to every rule, and emerging container platforms such as Docker for Windows are known to pose some potential problems when run in certain VMs, such as Parallels running on a Windows 10 computer or VMware Fusion running on a Mac. These hypervisors virtualize hardware differently than Microsoft Hyper-V, which is used on enterprise-class platforms such as Windows Server 2016, and the resulting differences can lead to intermittent faults that are sometimes difficult to predict.
Although it should be perfectly acceptable to run a container in a VM using enterprise-grade platforms, such as Docker under a Hyper-V VM, it's generally best practice to run the container platform natively on endpoint computer systems, such as PCs. For example, admins could run Docker for Windows natively on the Windows system or Docker for Mac on the Mac system.
If nested virtualization must be used on endpoint computer systems, ensure that nested virtualization is enabled, that you provision adequate system resources to operate the workload, and that you install all the current OS patches and updates. Older processors might be more sensitive to nested virtualization performance than the latest processors, which provide more hardware virtualization capabilities.
Dig Deeper on Application virtualization
Related Q&A from Stephen J. Bigelow
Microsoft SDN capabilities got a boost in Windows Server 2019 to wrap more security around VMs and make networking tasks less painful to execute. Continue Reading
When selecting GPUs, look at processing power, memory and OS support. These factors ensure hardware compatibility and effective performance in the ... Continue Reading
The Azure Update Management cost is free, but organizations that require the tool's advanced features might have to contend with additional fees. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.