VMware virtual machines and containers address the fundamental needs of operating and managing workloads. Both have developed a loyal following, and in recent years, it appears containers are the heir-apparent to the decade-long reign of VMware. What containers lack in fully realized ecosystem development (something that is rapidly being addressed), they make up for in mindshare.
VMware has been the industry leader in virtualization technology for the better part of the last decade. Their technology leverages a Type 1 hypervisor to run virtual machines, and they have developed an impressive array of first and third-party tooling to run and manage this environment. VMware, however, can be difficult to scale without investing in additional first-party software offerings.
Operations teams are familiar with VMware’s technology and have a strong affinity for it. So VMware can be a good choice if you already run it. Applications can be run on existing hardware in the existing environment with little to no configuration delay.
With the virtual machine paradigm, workloads are typically managed at the OS, and it is assumed the OS is highly managed, typically with existing configuration management capabilities. It is also common to spawn virtual machines using a cloned template model, native to VMware.
Workloads on VMware are easier to scale vertically than horizontally. Most virtual machines can have cores and RAM hot added without restarting the virtual machine, allowing for additional cycles to be handled by the same machine. Scaling virtual machines can also reduce the number of OS instances that need to be managed.
The VMware ecosystem is highly mature, allowing for deep and varied use of associated products from VMware, including robust software-defined networking support, host cloning, and low-latency hot workload migrations. This is especially helpful when operating low-tolerance critical workloads such as SQL databases.
Containers are a read-only packaged workload run on a container host. The most popular container format is Docker, but others exist, such as lxc and rkt. Docker has a strong and growing base of tooling supporting their “batteries included but replaceable” philosophy, including Swarm, for orchestration; Compose, for linking containers together into workloads; and Datacenter, for running and operating clusters of containers. Containers can be run by many platforms, including AWS Elastic Container Service, Google Container Engine, or on-prem with OpenStack.
Containers tend to be easier to scale than virtual machines and are especially effective at tackling very spiky workloads because they can be dramatically scaled up and down as needed. There are less OS instances to manage because many containers can be run on a single container host. This also leads to a potential security vulnerability between containers because one container could potentially overwhelm other containers on the same host.
Developer-centric tools such as the CLI and APIs are first-class citizens in the container ecosystem, making containers easier to integrate into your development pipeline. Many tools, like Codefresh for example, exist to build containers from source control, and work in conjunction with an organizational artifact repository. The ecosystem and container-native tools like Codefresh were also designed from the ground up for blue/green testing and Continuous Deployment. Incorporated into an end-to-end managed pipeline, containers can significantly reduce the complexity of configuration management in production applications.
|Robust Ecosystem||Developing Ecosystem|
|Virtual Machine as Core Unit||Container as Core Unit|
|Leverages Existing Configuration Management||Leverages Development Pipeline|
|Isolation at OS||Isolation at Container Edge|
|Scales Vertically||Scales Horizontally|
Why Not Both?
Running VMware virtual machines or containers on their own comes with both pros and drawbacks. One option that has not yet been reviewed is to run them together. It is possible to run container hosts as virtual machines on VMware. This has some interesting advantages, by transforming a segment of an already deployed on-prem capability to one that can leverage a newer technology. In addition, it is a really interesting way to begin learning the container ecosystem.
In some cases, the best way to leverage containers is by running them one-to-one in virtual machines. Using this method limits the scalability advantages of using containers, but also provides the firm security boundary and isolation of virtual machines, and the optional, additional secure segmentation of the workload from the rest of the environment.
Depending on a number of factors, including the workload to be deployed, the comfort level of an operations team with container technologies, and the maturity of an organization’s development pipeline, both VMware and containers can be a good option for managing workloads. And during a transition period, both technologies can be used in coordination to produce a better result than either alone.