Docker, System Containers and VMs: Virtuozzo’s Take

Docker continues to dominate the container and microservices landscape. But Virtuozzo, which develops a related but different technology that it calls system containers, thinks Docker falls short in production environments. Here’s why.

Virtuozzo containers are based on a technology called OpenVZ. It predates Docker by a decade. Yet OpenVZ and Virtuozzo, which is a spinoff of Parallels, have made many fewer headlines to date than Docker.

That’s not because OpenVZ containers don’t have a place in the market, according to interim Virtuozzo CEO Mike Riolo. He said in a recent interview that OpenVZ fills a crucial niche, which Docker does not address.

That niche is the need for what Virtuozzo calls system containers. The term, which Riolo said his company has trademarked, refers to containers that virtualize an entire operating system. That makes them different from Docker containers, which typically host only a single app inside each container rather than a complete OS environment.

“Docker is very relevant today in non-production environments,” Riolo told me, adding that Docker “is on an innovative path.” But he believes that path centers primarily on tasks related to staging and app development rather than deployment and production.

In the Virtuozzo view, OpenVZ system containers are a better solution for production environments. Virtuozzo system containers make it easier to build out a complete software stack, rather than just a staging pipeline, he said.

To illustrate his point, Riolo pointed to Virtuozzo’s distributed storage system for containers. In his view, Virtuozzo’s approach to storage is simpler and more sophisticated than Docker container storage solutions.

Ultimately, Riolo said, Virtuozzo aims “not to compete or replace Docker but rather complement and innovate.”

What About Virtual Machines?

If hosting a complete OS inside a virtual environment does not sound like a new idea, it’s because VMware and other companies have made it possible to do that for a long time using hypervisors and virtual machine software. What makes OpenVZ system containers different?

Well, lots of things. Perhaps the most important is the fact that system containers can make it easier to access resources on the container host. That’s because the host is not as deeply isolated from the guests in a containerized environment as it would be under a hypervisor.

In other situations, of course, that could be a disadvantage. Less isolation could mean less security.

That’s why “we don’t believe containers are better than VMs or VMs are better than containers,” Riolo said. “It depends on the use case you’re trying to manage.”

Virtuozzo and the Future of System Containers

To be sure, Virtuozzo has made a much smaller splash to date than Docker. It’s unlikely that vendors as diverse as Red Hat and Microsoft are going to be making big announcements about OpenVZ-based products anytime soon.

Yet even as Docker remains in the limelight, Virtuozzo’s system container business appears steady enough. The company claims that its products run 5 million container environments today.

There’s also reason to expect system containers to remain an important concept. Canonical is now pushing its own system container solution, LXD. And there are people out there who are interested in running complete operating systems inside Docker containers.

This is all to say that Virtuozzo may be on to something. It probably won’t be as big a deal for the tech world as Docker was. But it will be an important part of the container landscape as the meaning of “container” in the minds of CTOs expands beyond the Docker implementation.

Christopher Tozzi

Christopher Tozzi has covered technology and business news for nearly a decade, specializing in open source, containers, big data, networking and security. He is currently Senior Editor and DevOps Analyst with Fixate.io and Sweetcode.io.

Christopher Tozzi has 254 posts and counting. See all posts by Christopher Tozzi