Saturday, December 23, 2017

Virtual Machine vs Docker

Virtual Machine vs Dockers
Whats the difference ? a picture is worth thousand words

For a Hypervisor or VM , each VM has an abstraction of physical hardware , each has a percentage of processing power, memory, harddisk + resources of the physical server.

Docker / Container  : is kind of OS level virtualization.

Docker originally used LinuX Containers (LXC), but later switched to runC (formerly known as libcontainer), which runs in the same operating system as its host. This allows it to share a lot of the host operating system resources. Also, it uses a layered filesystem (AuFS) and manages networking.

Good Example being ... So, let's say you have a 1 GB container image; if you wanted to use a full VM, you would need to have 1 GB times x number of VMs you want. With Docker and AuFS you can share the bulk of the 1 GB between all the containers and if you have 1000 containers you still might only have a little over 1 GB of space for the containers OS (assuming they are all running the same OS image).

Note :
     Each container can have different version of same library
  • Also has its own root file system , networking trees , process stacks 
  • Each container has its own Cgroup.
  • Processes inside one container , cannot send msgs to process inside another.
  • Each Container will have its own pid 0.

A full virtualized system gets its own set of resources allocated to it, and does minimal sharing. You
get more isolation, but it is much heavier (requires more resources). With Docker you get less isolation, but the containers are lightweight (require fewer resources). So you could easily run thousands of containers on a host, and it won't even blink. Try doing that with Xen, and unless you have a really big host, I don't think it is possible..

A full virtualized system usually takes minutes to start, whereas Docker/LXC/runC containers take seconds, and often even less than a second.

There are pros and cons for each type of virtualized system. If you want full isolation with guaranteed resources, a full VM is the way to go. If you just want to isolate processes from each other and want to run a ton of them on a reasonably sized host, then Docker/LXC/runC seems to be the way to go.

Docker is written in Go Programming Language from Google.

What kind of Work do containers do ?

People often ask is docker useful for stateful apps or stateless apps.

remembers what done
does a task , forgets it , moves on

Docker can handle both.