If you can use Docker containers to host individual applications, why would you want to containerize an entire operating system inside a system container using a technology such as OpenVZ and LXD? Keep reading for insights on use cases for system containers.
Since Docker’s launch in 2013, containers have become popular primarily because they can be used to run individual applications—or even just parts of applications—inside isolated environments.
The main advantage of doing this instead of using virtual machines to host applications is that you don’t have to duplicate a complete operating system just to run an application. In other words, with Docker, there is no need to run a host OS and a guest OS inside the container. Instead, you just have an OS on the host and an application inside the container.
Meanwhile, if you use a full-blown virtual machine, it’s probably because you need functionality that you can’t get from Docker. This could include the ability to run an application written for Linux on a Windows host server, or vice versa. Or maybe you want the strict isolation between the host system and guest applications that only a virtual machine can provide.
In sum, if you want to cross the divide between different types of operating systems or need a high level of isolation, use virtual machines. Otherwise, use Docker containers, which are not OS-agnostic or strictly isolated from the host, but which are lighter-weight.
System Container Use Cases
Unlike a virtual machine, a system container is not OS-agnostic. You can’t run a Windows guest inside a system container on a Linux host.
System containers also are not as isolated from the host OS as are virtual machines.
So, why would you want to run a system container at all? Why not just use Docker application containers? Consider the following use cases for system container platforms such as LXD or OpenVZ:
- You want to run many guest operating systems on a single host. Since system containers have less overhead than virtual machines, you can achieve fit more guests onto a host when using system containers.
- You want an easy, resource-efficient way of creating virtual private servers without having to use full virtualization. If you have a single physical server and want to create a set of virtual servers on it without the overhead of virtual machines, system containers are the way to go. Each system container can offer root access and full control to users.
- You want fast start-up times. Using LXD, I can start an Ubuntu system container in about 10 seconds. It would take much longer to boot an Ubuntu virtual machine on KVM or VMware.
Those are the main advantages of system containers that come to my mind. The list is relatively short, which helps to explain why Docker remains a much more important force in the container world than LXD and OpenVZ. But the latter have their place.