See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/327389502

Docker Containers Versus Virtual Machine-Based Virtualization: Proceedings

of IEMIS 2018, Volume 3

Chapter · January 2019

DOI: 10.1007/978-981-13-1501-5_12

CITATIONS READS

0 396

3 authors, including:

Ritika Mehra
DIT University
23 PUBLICATIONS   15 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

A STUDY ON EARLY PREVENTION AND DETECTION OF BREAST CANCER USING THREE-MACHINE LEARNING TECHNIQUES View project

Disease prediction system using machine learning techniques View project

All content following this page was uploaded by Ritika Mehra on 29 January 2019.

The user has requested enhancement of the downloaded file.

Docker Containers Versus Virtual
Machine-Based Virtualization

Anuj Kumar Yadav, M. L. Garg and Ritika

Abstract Cloud computing is a paradigm based on IT that enables ubiquitous access

to large pools of configurable resources which can be shared (such as computer net-
works, servers, storage, applications, and services) and rapidly provisioned with least
effort. Cloud computing implementation in traditional ways is done using virtual
machines, but nowadays a new concept of Docker containers is also gaining pop-
ularity due to its features. Containerization in some cases is treated as lightweight
virtualization technique. Virtualization is used by cloud computing environments and
data centres to disassociate the tools and applications from the underlying hardware.
To validate this, hardware virtualization and OS-level virtualization is used. Apart
from virtualization, a new technique is, containers, gaining popularity and many
cloud-based deployments are using this technique. In this paper, both of these tech-
nologies are compared such that end-user can use these according to the requirement
to get benefitted.

Keywords Container · Docker engine · Hypervisor · VMs

1 Introduction

Cloud computing provides many benefits to end-users on the basis of basic char-
acteristics it poses. The characteristics include elasticity, availability, on-demand
self-service, and scalability. Due to these, various users from different domains like
industry, business, and other application hosting agencies are increasingly adopting
cloud-based services.

A. K. Yadav (B) · M. L. Garg · Ritika

DIT University, Dehradun 248001, India
e-mail: [email protected]
M. L. Garg
e-mail: [email protected]
Ritika
e-mail: [email protected]

© Springer Nature Singapore Pte Ltd. 2019 141

A. Abraham et al. (eds.), Emerging Technologies in Data Mining and Information
Security, Advances in Intelligent Systems and Computing 814,
https://doi.org/10.1007/978-981-13-1501-5_12
142 A.K. Yadav et al.

Cloud implementation is totally based on the virtualization that is used to obtain

elasticity of large pool of shared resources. There are many benefits of using virtu-
alization like it provides flexibility of allocating the physically available resources
to visualized applications and the entire task is done dynamically. In addition to
this, virtualization also helps in multi-tenancy that allows more than single resource
instances of virtualized applications to share the same physical resource. Multi-
tenancy also helps the data centres to integrate applications into small server that
reduces the operating cost. Virtualization also provides scalability and replication of
applications [1].
Virtual machines (VMs) have been the central part of the cloud computing that
acts as infrastructure layer which is used to provide operating system virtualization.
With the help of virtual machines, various cloud services can be provided to end-
users such as infrastructure, platform, and software. VMs basically create illusion
that user is working on a machine that is dedicated to him/her. All the peripheral
devices are also emulated using the virtualization. Virtual machine provides user
a complete operating system to work upon where user can use various application
software. We can treat virtualization as an additional layer between the operating
system and user [2].
A Docker container is a similar concept like virtual machines but it is lightweight
in terms of time consumption and resource needs. They have been suggested as a
solution for more interoperable application packaging in the cloud. Containers and
host share the same kernel; that is why they are called lightweights as compared
to virtual machines (VMs) that have an additional layer of isolation. In a container,
almost all the components (software and hardware) are shared between the applica-
tions and host OS. Isolation among the application is provided by the host operating
system itself [3]. Container generally is a package that includes multiple applications
as well as dependencies associated with these applications, and the package can be
made shareable to the users. Along with the shareable feature, containers can be used
in variety of cloud deployment models whether it is public cloud or private cloud. In
addition to this, it helps in reducing the management overhead as a single OS needs
to be managed. A limitation in some cases arise in terms of OS compatibility due to
availability of shared kernel; in other words, we can say no Linux container can be
used on Windows-based host OS and vice versa [4].
Both cloud implementation techniques are based on virtualization but handle dif-
ferent kind of problems and provide solution to them. The little difference is that
virtual machines are more suitable for hardware allocation and hardware manage-
ment, and containers are more suitable tools for software delivery or we can say
prime focus is on PaaS.
So both of these are task-specific like for portable applications in the cloud com-
puting we need a lightweight distribution of application package for development
and deployment and virtual machines are preferred [1, 5].
Docker Containers Versus Virtual Machine-Based Virtualization 143

2 Paper Organization

The rest of the paper is organized as follows. In Sect. 3, basics of virtual machines
have been discussed. In Sect. 4, Docker containers’ working and basics have been
discussed. In Sect. 5, these two virtualization techniques are compared, and finally,
the paper concludes in Sect. 6.

3 Virtual Machines

All the virtual machines are managed and controlled by virtual machine managers.
These are generally termed as VMM or hypervisor, and their main focus is to provide
abstraction to the underlying hardware. The system on which VMM is installed or
run is termed as host machine, and all other virtual machines running inside the host
machine are termed as guest. Both host and guest use almost same interface for using
the different applications. Host machine and all the available guest machines running
on host machine are independent of each other [6].
There are various hypervisors provided by different organizations. These hypervi-
sors are capable of controlling the hardware and create a secure virtualized environ-
ment for users to work upon. These hypervisors can be divided into two categories:
Type 1 and Type 2.
Type 1 hypervisors basically run on the top of system hardware, and due to this,
they are named as native virtual machine. In other way, we can say this Type 1 hyper-
visor takes the place of OS and they can directly access the available hardware for
their use. Type 1 hypervisors have one favour that if any virtual machine fails or does
not respond for any reason then other guest OS does not get affected. Type 1 runs in
kernel mode and because of which has exclusive physical CPUs. Examples of Type
1 hypervisors are Microsoft Hyper-V, VMware ESXi Server, Citrix/Xen Server, etc.
On the other side, Type 2 hypervisors run within the OS installed on top of hyper-
visor or in other words we can say they are just like any other application software
which runs under OS. Type 2 hypervisors are also known as hosted virtual machines.
Examples of Type 2 hypervisors are Microsoft Virtual PC, VMware Workstation,
and Oracle Virtual Box, etc. [7].

3.1 Virtual Machine Benefits

There are several benefits of using virtual machines; some of the benefits are as
follows:
• As there are many virtual machines running on a single host machine, they
have their own basic security zones which cannot be accessible via other vir-
144 A.K. Yadav et al.

tual machines. In addition to this, there is one security layer of hypervisor as well,
so we can say there are many security zones available to provide the security [8].
• In virtual machines, all the OS are isolated as well as their applications. This
isolation provides better separation between the application and various activities
of operating systems.
• Virtualization provides better resource utilization and improved performance as
compared to traditional systems. All the underutilized resources can be used in
much more efficient way by using virtualization.
• Virtualization provides better fault-tolerant environment as compared to traditional
systems as if there is any server failure due to any reason, there are other servers
that are available to work upon.
• Virtualization also reduces the many server requirements as it can be implemented
using various virtual machines.
• Process migration is one of the major advantages provided by the virtual machines.
Processes can be migrated at run-time from high-loaded virtual machines to less-
loaded virtual machines. This process migration helps in saving of energy and
balancing of loads. Another advantage is that due to this migration, no activity got
disrupted.
• Traditional data centres generally have large pool of computing resources, and
with the increasing demand, the capacity of various resources also needs to match.
Due to this, large amount of energy is required to operate those systems as well
as to keep them cool. With the use of virtual machines, the requirement can be
minimized and resource utilization becomes efficient. And most importantly, this
is also helpful for the environment.

3.2 Limitation of Virtualization

Apart from various benefits as discussed, there are several issues as well that needs
to be taken into consideration while opting for virtual machine-based solution.
• Virtual machines generally share their data and interact with each other, so if the
communication is not secure, then it can be exploited by the attacker and which
in turn leads to security-based attack.
• Like other technologies, virtualization also has possibilities of attacks due to vul-
nerability like buffer overflow.
• There is a single point of failure in Type 1 hypervisor as there exists a single
hypervisor. If hypervisor stops working, then the entire system gets affected.
• While using virtualization in cloud computing, one data needs to be stored far
away from the local machine, and also data generally moves time-to-time from
one tenant to another tenant. This movement leads to concern of leakage of data,
and it can be a risk from security point of view [9].
• As Internet connection is the basic requirement of virtualization-based cloud com-
puting, it can lead to various kinds of security risks.
Docker Containers Versus Virtual Machine-Based Virtualization 145

• In cloud-based virtualization, user data always resides on cloud server, so user is

always concerned about security of his/her data.

4 Docker Containers

Docker is an open-source project that is used for automation in a systematic way for
fast deployment of applications running under a container. Docker engine is required
to run the Docker containers like VM runs inside hypervisor.
Containers are a more lightweight virtualization concept, i.e. less resource- and
time-consuming [10, 11]. They can be seen as more flexible tools for packaging,
delivering, and orchestrating both software services and applications. Containers are
built on recent advances in virtualization and therefore allows for better portability
and interoperability while still utilizing operating systems’ virtualization techniques
[12]. Docker container is just like a directory. It contains all the things that are
required for an application. In containers, isolation is done at kernel level. Docker is
a platform that is used to design, deploy, and run various applications. With the help
of Dockers, applications can be isolated from the available infrastructure and user
can view the infrastructure as a managed application [13].
In recent times, OS-based virtualization gained popularity in terms of software
to run predictably and transferring from one environment to other. By using the
containers, all these isolated systems can be run on a single host operating system.
Containers lie on top layer over a server and its host operating system. Operating
system can be Windows or Linux or any other operating systems. Every container
not only shares the host OS but also the libraries and binary files as well that are
required for application to run. All the shared components are generally read-only,
and due to this, containers are lightweights, just some Mb in size. As the containers
are less in size, they need few seconds to start up. By using the Dockers, jobs of
application developers and system administrators become simple [14].

4.1 Different Container Models

There are different containers models or we can say delivery models according to
the different operating systems. Few of them are listed as:
• Linux: Docker, LXC Linux containers, OpenVZ,
• Windows: Sandboxie,
• Cloud PaaS: Warden/Garden (in Cloud Foundry), LXC (in Openshift).
146 A.K. Yadav et al.

Fig. 1 Architecture comparison of virtual machines and hypervisors

4.2 Need for Containers

By the invention of virtual machines, various issues related to cloud computing like
scheduling, packaging, resource management have been resolved. As the applications
can be made isolated with the help of virtual machines, due to this security can be
improved [15]. Cloud needs to answer the requirements of application management
and packaging. Containers can give solution to these requirements in efficient way.
A container is a package that contains ready-to-deploy application parts, business
logic, and middleware as shown in Fig. 1 [16].
Containers are highly scalable and safe to use. These are easy to deploy when
we compare it with the virtual machines. So we can say Docker is an open-source
platform that helps users and programmers to isolate application dependencies.

5 Containers Versus Virtual Machines

Both of these technologies generally provide an illusion that a single host machine
can be used to run multiple machines. All of these machines running under the host
machine need to be isolated from one another and also from the host machine. The
difference comes in that how both of these technologies are able to achieve isolation
between the different machines. A brief difference is shown in Fig. 2[17], according
to which we can say that containers generally are executed on host OS and virtual
machines run on hypervisor. A container engine is generally combined with the
kernel of the host OS.
Further, both of these can be compared based on certain factors like:
Docker Containers Versus Virtual Machine-Based Virtualization 147

Fig. 2 Virtual machines versus hypervisors

Operating System Support: As per the architecture for both the virtual machine
and Docker containers, the operating system support differs. A virtual machine con-
tains a host OS which is able to run multiple guest OS inside different virtual
machines, whereas containers need to be hosted on a single server that contains
a shareable OS. The guest OS can be anything irrespective of the available host OS.
On basis of this, we can say that both of these technologies can be used in different
situations according to the requirement. If one wants to run many applications on
a single OS kernel, then Dockers need to be preferred, and when user has many
applications that need support of different operating systems, then virtual machines
should be preferred. As the host OS is shared between the containers, it leads them
to boot in very short span of time. So we can say maintenance overhead of containers
is less than virtual machines [17].
Host/Guest Architecture: Virtual machine provides the facility to run the guest
kernel that is different from the host kernel; that is not possible with containers as
kernel needs to be shared.
Booting: Booting started as it starts in normal operating system, and the speed
depends on the applications. Containers can start up rapidly when we compare it
with virtual machines as they are less resource-centric.
Standardization: Virtual machines are generally like a complete standard operat-
ing system having all the features. On the other hand, containers are more application-
specific [18].
Portability: Docker containers are the separate package which can run the needed
application. As Dockers do not contain any separate operating system, so applications
can be ported out easily across various platforms which is not possible in case of
virtual machines. Containers can be switched on and off within seconds, much faster
than that of virtual machines, because of their lightweight nature. Due to this feature,
containers can be easily deployed on the servers. Virtual machines on the other side
148 A.K. Yadav et al.

are separate server instance that is isolated with their operating system. It is not
possible to port the virtual machines across various platforms due to compatibility
issue. So we can say for the developers where application development is the primary
focus, Docker containers need to be preferred.
Need of Servers: Multiple server requirements in Dockers are not as much as
compared to virtual machines. As Dockers are lightweight and contain only the
applications, there is no need of multiple servers. These applications can run on a
single physical server. But if user needs to run multiple applications on different server
instance and these servers need specific operating system, then the user needs the
virtual machines. Virtual machines contain all the necessary library files, supporting
files, and most importantly the entire operating system to work upon which is required
by the particular application. So we can say lesser number of virtual machines can be
accommodated to the same server if we compare it with the Dockers. As the number
of virtual machines hosted on a single server is less than Dockers, we can say that
the server density is lesser with virtual machines. Due to this feature, one can say
that Dockers are cost-effective application hosting solution when we compare it with
virtual machines.
Performance Evaluation: Both of the virtualization techniques have their specific
purposes so comparison of performance evaluation is not fair.
But we can say as the containers are lightweight virtual architecture, they are
less resource-intensive when we compare them with virtual machines. Due to this,
start-up time of containers is very much less than that of virtual machines. Resource
allocation in containers is not permanent as resource usage can vary with the load.
Replication and elasticity are also much easier in containers in comparison with
virtual machines as containers do not require a separate operating system.
Security: Security can be an overhead in the case of Dockers, as the host kernel is
shareable among all the containers, so a single vulnerable point can lead to hacking
of entire server. Due to this security concern, superuser access to the applications
and also running them with root user privileges are not recommended. While in the
case of virtual machines such applications are run, those need more security and
privilege. Apart from this as we know that each virtual machine runs under separate
or its own operating system, due to which they can use their own security features
and kernel features.
Low Redundancy: Containers just need the applications to run on host operating
system unlike virtual machines where entire operating system needs to install before
proceeding. This results in lots of duplicity of various components. Thus on the basis
of this, we can say that containers result in low redundancy when we compare them
with the standard virtual machines.
Hardware Access: Applications that run under the containers have direct access
to the hardware, which is not possible with virtual machines.
Resource Distribution: Containers generally require very less resources, only
those which are required at that particular time, unlike virtual machines which require
permanent resource allocation before start-up of virtual machines. So we can say
resource distribution is optimal in case of containers [19].
Docker Containers Versus Virtual Machine-Based Virtualization 149

Table 1 Virtual machines versus hypervisors

Comparison factor Virtual machines Containers
OS support Requires guest OS Host OS can be shared
Booting time Require time to boot up just Boots very fast
like traditional OS
Standardization Virtual machines are generally Containers are
OS-specific application-specific
Portability Less portable More portable
Need of servers More servers required Less number of servers
required
Security Each OS that runs in a virtual Security can be overhead as
machine can provide security kernel is shared among the
to user data. Security depends applications. So we can say it
upon hypervisor as well lacks security measures
Low redundancy More redundant information A single OS is shared so not
as each virtual machine has its much redundant information
own OS
Hardware access No direct hardware access is Direct hardware access is
possible possible
Resource distribution Large number of resources Fewer resources needed as
required compared to VM
Memory requirement Large memory requirement as Less memory is required as
each guest has their own OS host OS is shared among
applications
Files and library sharing Sharing of file and library files Files can be shared using
is not possible Linux commands such as scp

Memory Usage: Virtual machines need complete operating system for each of
the guest, due to which it requires large memory when we compare it with containers.
Containers use less memory as it shares the host operating system.
Files and Library Sharing: Each virtual machine has its own OS, which contains
large number of files and libraries. These files cannot be shared between different
virtual machines. On the other side, containers run under host OS, no separate OS
is needed by each application. So files and libraries can be shared using Linux
commands.
All these differences are summarized in Table 1.

6 Conclusion and Future Scope

In this paper, virtual machines are compared with containers on the basis of vari-
ous parameters. Both the techniques are based on virtualization and solve specific
purpose; in some cases virtual machines can be used and in some cases containers
 150 A.K. Yadav et al.

can be preferred. If the requirement is to provide high availability and scalability,

then containers are more suited. If the requirement is to create secure system, then
virtual machines need to be preferred. While working in heterogeneous environ-
ment, Docker containers focus on applications and dependencies associated with
them, whereas flexibility can be achieved using the virtual machines. So we can
say both of these technologies are not to replace one another but these can be used
simultaneously depending upon the requirement of the user. While adopting these
two technologies, we can say VM provides better IaaS solution (machine portability,
security and greater isolation) and Docker provides better SaaS solution (applica-
tion/software portability) to end-users. If one can build hybrid architecture, then it
will surely benefit variety of users.

References

1. Ranjan, R.: The cloud interoperability challenge. IEEE Cloud Comput. 1(2), 20–24 (2014)
2. Goldberg, P.: Survey of virtual machine research. IEEE Comput. 7(6), 34–45 (1974)
3. Soltesz et al.: Container-based operating system virtualization: A scalable, high-performance
alternative to hypervisors. ACM, 41, 275–287(2007)
4. https://www.taksatech.com/containers-vs-vms/
5. Di Martino, B.: Applications portability and services interoperability among multiple clouds.
IEEE Cloud Comput. 1(1), 74–77 (2014)
6. Silberschatz, P.B. Galvin, Gagne, G.: Operating System Concepts, 9th ed. ch. 8.5, 16,
pp. 366–377, 711–740. ISBN: 978-1-118-06333-0, (2013)
7. http://www.golinuxhub.com/2014/07/comparison-type-1-vs-type-2-hypervisor.html
8. Sarna, D.E.Y.: Implementing and Developing Cloud Computing Applications. Taylor and Fran-
cis Group, LLC (2011)
9. Almond C.: A Practical Guide to Cloud Computing Security (2009)
10. Scheepers, M.J.: Virtualization and Containerization of Application Infrastructure: A Compar-
ison. In: Presented at the 21st Twente Student Conference on IT, Twente The Netherlands June
23 (2014)
11. Pahl, C., Lee, B.: Containers and clusters for edge cloud architectures-a technology re View
(2015)
12. Ranjan, R.: The cloud interoperability challenge. IEEE Cloud computer. 1, 20–24 (2014)
13. https://docs.docker.com/introduction/understanding docker/
14. Merkel, D.: Lightweight linux containers for consistent development and deployment. Linux
J. 239, 2 (2014)
15. Mao, M., Humphrey, M.: A performance study on the VM startup time in the cloud. In: 5th
International Conference on Cloud Computing (CLOUD), IEEE, pp. 423–430. (2012)
16. Soltesz, S., Pötzl, H., Fiuczynski, M.E., Bavier, A., Peterson, L.: Container-based operating
system virtualization: a scalable, highperformance alternative to hypervisors. ACM SIGOPS
Operating Systems Rev. 41(3), 275–287 (2007)
17. https://bobcares.com/blog/docker-vs-virtual-machines/
18. Bernstein, D.: Containers and cloud: from LXC to Docker to Kubernetes. IEEE Cloud Comput.
1(3), 81–84 (2014)
19. http://www.channelfutures.com/technology/docker-vs-virtual-machines-understanding-perfo
rmance-differences

View publication stats