With all of the recent buzz around the Open Container Initiative (OCI), a program developed to create open industry standards for a container format and runtime software, the topic of virtual containers and how they're different from virtual machines (VMs) has been widely discussed. Recently, Google released a version of its Kubernetes software that manages virtual containers, leading many to consider whether this is the more efficient virtualization approach to take. Kubernetes has more than just a cool name. It lets you partition applications into several pieces and store them in virtual containers that are easier to move around and copy across multiple servers.
You know it means something when Google gives something its stamp of approval, and with the prevalence of press around the OCI, many believe this newer form of virtualization has staying power. Before we discuss potential advantages and disadvantages of this model, let's first learn more about these containers that everyone is talking about.
What Are Containers?
Are you familiar with Google Chromebooks? Essentially, they are laptops that deliver superior browsing speed because that's what they're built to do. That's their core function and through specializing on this one application, these devices are able to scale down the operating system so that it only has to be able to run that one program. Everything else is hosted in the cloud. If you need to retrieve information, you can access it online with that data stored in the cloud.
Virtual containers work in the same way. They're designed to run a single application, like MySQL, Nginx, or Redis. The idea is that you devote one separate container for each of these apps. As a result, you can store more applications in your physical server than you can with a VM. The argument is that this makes your website infrastructure more scalable and cuts down on overhead costs.
Advantages of Containers vs Virtual Machines
In What are containers and how did they come about?, Gordon Haff explains this further. Since containers "run atop a single copy of the operating system, they consume very few system resources such as memory and CPU cycles." He also goes on to explain that upkeep and management of containers isn't as costly because there's only one OS that needs to be patched and updated. You only have to make these fixes once, and they immediately take effect in all containers.
What are some other benefits leading hosting providers to abandon VM ship. According to Pantheon, a website management platform built on containers, each of their sites would have to be run on its own separate VM if not for this new virtualization technology. As further testament to this infrastructure, Pantheon highlights scalability, availability, and fast provisioning as features of containers lacking in VMs.
Security Concerns with Containers
Wait, what could be wrong with more efficient processing? Not everybody is ready to embrace containers 100%, at least not just yet. In Containers vs. virtual machines: How to tell which is the right choice for your enterprise, Steven J. Vaughan-Nichols lists security as a top vulnerability when using a container system, identifying these top two concerns:
- Depending on a user or app's privileges within a container, the OS could potentially be cracked - I'd defer to Steven for the specifics
- Increasingly, people are creating their own containerized apps. That means you could mistakenly download a compromised version, if you're not careful.
Best Practice for Deciding
As with any pairing, option 1 may be best for you and option 2, for someone else. You all have different needs. The rule of thumb when deciding between containers and VMs is this (with obvious exceptions):
Use Containers if: you want to maximize your apps, while minimizing the amount of servers you use
Use VMs if: you need to either run several apps on servers or want to use multiple operating systems
What Does this Mean for Backups?
So what role does container virtualization play in backups? If you use Docker open-source software to build your containers, you can backup and recover within the platform. Still, it's important to note that if you do leverage this service, it should be used to enhance your backup solution, not supplement it.
Now, we want to hear from you! Are you backing up your containers? If so, how and why? Leave a comment below!