Containers and Virtual Machines achieve the same thing - isolation. There are however some fundamental differences which we'll explore in this article.

Size

Virtual Machines are heavyweight because they emulate an entire computing environment, including hardware and Operating System. The size of VM's is generally measured in gigabytes.

Containers are typically much smaller as they share the host machine's OS kernel. The size of container images is typically measured in megabytes.

Booting Time

VM's include a guest Operating System which like any OS, needs time to boot time.

Containers share the host OS and only include the application and its dependencies, so can be switched on and off within seconds.

Level of Virtualization

Virtual Machines perform hardware-level virtualization with the help of a hypervisor, so multiple guest Operating Systems can run on a single host machine at the same time. However, the large amount of CPU and RAM that VMs require limits the number of VMs that can exist on a single machine.

In contrast to a VM, a container performs OS-level virtualization. This is achieved by abstracting what’s known as the user space, which is where an application runs. There is no emulation occurring with containers. Instead, they actually share kernel space with the host OS. In this way, you can have many containers running, all with their own user space but sharing the kernel resources of the host Operating System.

Portability

Containers are much more portable than Virtual Machines. Containers are able to leverage the features and resources of the host OS, freeing up workloads from OS dependencies. This increases flexibility in terms of where an application can run.

Containerized applications can be deployed quickly and reliably across all types of infrastructure without the need of any significant configuration or application code changes.

Host Architecture

A Virtual Machine provides the ability run an Operating System that is different to that of the host machine. That is not possible with containers because containers share the OS of the host machine.

Overhead

A Virtual Machine has all the same management overheads of a physical machine. The Operating System must be regularly updated and patched, which adds to the cost and management overhead of operation.

Containers have an overall lower overhead making it possible for a host machine to run many different containers. Since containers share the host's OS, only a single operating system needs to be patched and monitored.

Security

VMs provides complete isolation from the host operating system and other VMs. This provides a strong security boundary. An individual VM can still be infected but that VM will be isolated and unable to contaminate any other neighboring VMs.

Containers may be less secure than VMs since they share the underlying OS of the host machine. A single infected application provides a way for malicious actors to compromise the entire host system.

Resources and Memory Required

Virtual Machines are resource and memory intensive. In contrast, the lightweight architecture of containers is less memory and resource-intensive.

Conclusion

VM's and containers are similar in that they both improve the utilization of IT resources. However, they solve different problems and are intended for different use. Nonetheless, they both have a place in the modern IT environment.

Where VMs work well with traditional, monolithic IT architecture, containers were made to be compatible with newer technology like CI/CD and DevOps. Their attributes make them perfect for cloud applications and microservices that need to scale quickly or across multiple environments.

This article brings an end to the 3-part series which was an introduction to Containers and Virtual Machines. If you enjoyed the series let me know in the comments below.