August 20, 2017

You already know which advantages containers offer over virtual machines (VMs). But what do they do that containers can’t? Here’s a summary of the benefits.

Some Docker fans would have you believe that containers have made virtualization a dinosaur technology. But in fact, virtual machines can still do some important things that containers cannot.

Consider the following advantages of VMs:

Portability

Docker containers are portable in the respect that a Docker container can run on any server where Docker is installed. The host operating system does not matter—unless you want to cross the divide between Windows and Linux, in which case it becomes a limitation. You can’t run a Dockerized Linux application on a Windows host or vice versa.

In this regard, virtual machines offer more portability. You can run a VMware or KVM virtual machine on any modern Linux or Windows server, no matter which combination of host and guest operating systems you desire. Containers can’t deliver this type of portability.

Security Isolation

Containers are not fundamentally insecure. But they lack the rigid isolation between the host system and guest applications that you get from virtual machines.

An attacker who is able to compromise a virtual machine is unlikely to find a way to extend the attack into other virtual machines on the same host, or to the host itself. With containers, however, attack escalation is, theoretically, easier.

This is not to say that containers are insecure. But it does mean virtual machines offer an inherent security advantage that containers lack.

Video Output

It is possible to run GUI applications in containers. But it is not easy and no one that I know of is doing it in production.

With virtual machines, in contrast, exporting video from a guest application to the host is very easy using virtual displays.

Currently, if you want to run a GUI app, virtual machines (or bare metal) are the only good solution.

Storage

Persistent storage for containers is becoming easier and easier thanks to a growing set of solutions within the ecosystem. However, it is still not as simple as storage on virtual machines.

With a virtual machine, you configure a virtual disk image and use it to store data persistently. The paradigm is very similar to storage on bare metal. If you use containers, however, you need to configure a persistent storage solution to save data.

Using virtual machines, then, there is no big learning curve or added complexity to overcome if you want to implement persistent storage.

Conclusion

None of the above should be read as a criticism of containers. Containers have lots of advantages of their own. But as the container craze continues, it is worth keeping in mind that virtual machines are far from obsolete.

Depending on your exact needs and aims, virtual machines still may be a better solution than containers for certain types of workloads.

Christopher Tozzi

Christopher Tozzi has covered technology and business news for nearly a decade, specializing in open source, containers, big data, networking and security. He is currently Senior Editor and DevOps Analyst with Fixate.io and Sweetcode.io.

  • dennyzhang.com

    Nice summary. VM won’t fade out. Good to see members in the party.