In this post we will explore how Docker compares to Virtual Machines: Docker vs VM as a battle so to speak.
We will learn how and if this works in general and what their use case is.
What this post will cover:
- Docker on a high level
- VM on a High level
- Use case comparison of VM and Docker
- Resource utilization
What this post will not cover:
- Technical comparison of Docker and VM
- Details of how to work with docker
We compare VMs to Docker, because most developers are already used to using VMs to isolate their software systems. And there we have the common denominator of Docker and Virtual Machines: Isolation.
Both technologies isolate systems in a way that we can have reproducible results.
The main question then is what do they isolate and how do they do this? Let us start with how it works on a high level and where Docker shines especially for development.
How do they isolate systems
Both technologies build on the hardware and the Host Operating system. This is because VMs and Docker are software systems in the end.
And here we also find the first difference. The Host OS for docker needs to be Linux, where we have for Virtual machines any OS as a possible starting point. This is because Docker builds on the following Linux Kernel concepts:
- cgroups (limit resources that a process can access)
- namespaces (limit what parts the process can see)
- seccomp (limit what kernel features the process is allowed to use)
And wraps it inside an API.
So on the left side we have the Hypervisor and on the right side there is the Docker Daemon.
In this figure we can also see two applications isolated with a virtual machine and the same used with docker containers.
The difference here is that the Virtual Machines need always the Guest OS where Docker only needs the Docker Daemon and the packages as well as the application it should run.
So for Docker we do not need the overhead of the Guest OS for each individual application we want to start. This overhead consists of memory, startup time and CPU cycles to manage the OS tasks. For docker those are shared inside the docker daemon.
Benefits of using Docker for isolating applications
In this regard docker comes with a lot of less overhead and therefore the startup time is much less.
Also you can run much more applications on a single machine because of the much more efficient use of resources, which is only the exact amount you give to this application, and can be fully utilized for this application alone.
But this leads us to the question: Why use one over the other? Or should we even compare them like this? or rather:
Docker vs VM – is it a meaningful comparison?
What we compared here are two different scenarios:
- Isolation of systems
- Isolation of a single process or a single application
For the first one we tend to use Virtual machines, for the latter we most likely want to use docker.
So the comparison for this post, is not very meaningful because those two technologies have different scopes in general.
Most of the time you even want to combine those two technologies. An example for this is the deployment to a public cloud:
You containerize your application inside a docker container and deploy it to a VM instance on the cloud (EC2 on AWS or VM on Azure).
Docker is also not without any drawbacks, it has its use cases but as any other technology out there it is not a silver bullet!
Docker drawbacks include:
- Linux is required as it is a Linux only technology
- Docker CLI and concepts need to be learned
- Docker abstracts a lot, yet you still need Linux admin skills
- Security has a little different approach (namely Images, Daemon as root user and others).
Docker and VM – Hotel room vs a House
For a more visual comparison, VMs are like a house and Docker is more like a hotel room.
The house is multi purpose with different rooms for different purposes and is fully functional on its own. It is also more long lived.
The hotel room has a specific purpose and it is also more of a temporary nature.
This is the same as with Docker containers. You take what you get provided by your Image and go with it (like in a hotel room, only seldom you will put your own furniture and so on into a hotel room)
In this post we covered how Docker and VMs compare. We learned that VMs and Docker are not really comparable as they target different use cases.
We also learned about the benefits and drawbacks that docker has on a high level and looked at an analogy to compare the use cases for VMs and Docker in a better way.