Docker vs. Virtual Machines

by Andriy Kravets,
Magento Team Lead

October 24, 2017

Docker. Why is there still a buzz around this container technology? In this article, our technical expert will share his own experience coupled with knowledge to delve into its problem-solving features as well as demystify others.

Software Development Environment. Why is efficient handling so important?

Imagine your software development company is about to launch a brand-new software project facing a need to handle the servers’ environment background. Everything is running smoothly; developers install development environment locally using package managers; they start deployment of development, staging and live environments with similar options.

With the initially great outcomes the project keeps growing, so do the requirements. The team gets staffed with the new tech experts, QAs as well as business-oriented employees. This means additional updates of the countless environments and software packages, upgrade of the databases and installation and support of the security patches.

Here comes the first challenge: to make all the environments and software in use work smoothly on each and every operating system used in a team. Each environment, being compatible with the operating system (OS), should operate independently from it and simultaneously perform flawlessly on everyone’s PC.

Are you “an environment addict?”

Have you ever experienced the situation when your software solution works well locally but all of a sudden upon reaching quality assurance or staging phases everything crashes? Well, if your answer is YES, you, like many others, are likely to be “environment addicts”.

While every development team prefers its own OS, custom requirements also exist for security and confidentiality, etc., so let’s outline the number of options one can have based on the set of existing environments and OSes in a team:

n = (environments: local dev, local QA, dev, stage, live) x (OS: Ubuntu, Windows, CentOS)

There are 15 (5 * 3) options plus numerous users utilizing these environments at some point. Apparently, efficient support of these environments is getting really complicated and expensive. It is crucial to resolve the multiple environments issue. Why? As simple as that: the dynamics of the market demands your prompt response; your local development environment has to perform in tune with the live environment, and finally, you have to make sure that nothing breaks down after your software-in-use is updated.

Can virtual machines be an option?

There is a common misconception that Docker is a virtualisation system. I’ll now explain why this is not the case.

Major drawbacks of the virtual machine include:

1. Slow performance. Statistically, one can lose up to 15% of performance with OS virtualization.
2. A guest OS is not aware of its own status nor of another systems’ existence. The OS installed through virtualisation considers itself a standalone system which can cause incompatibility.
3. A virtual machine preserves its current state. This means any error or critical fault inside the guest system is automatically saved which can affect its performance leading to system reinstallation.
4. System deployment and update processes are extremely time-consuming.
5. The dependencies loop can influence the system’s integrity in a negative way.

As you can see, virtualisation is not the best option for handling numerous environments effectively.

… and here comes Docker

Docker is a Containers as a Services (CAAS) platform.

It packs, ships and deploys containers that are actually distributed processes. Containers, being speedy and lightweight, enable the OS virtualization for different workloads running on the single OS instance. The difference between containers and virtual machines is that having resource isolation and allocation benefits, they function differently, since containers run at the core of the host OS and do not use any virtual machines for this.

Docker creates an abstract environment to work with containers. It manages several typically discrete Linux features, jointly utilised to provide any given functionality.

Moreover, Docker offers an opportunity to launch a number of processes in the containers without interfering with the core system’s performance. It can upload an absolute container’s copy on other PCs without downloading the software into the server, so you can avoid environments incompatibility and slow performance.
Docker can be installed into the Linux core but cannot be installed onto Mac OS or Windows. However, there are tailored projects that can be used with other OS: Docker Toolkit, Docker for Mac and Docker for Windows.

The story of Docker

Control Groups (cgroups)

A Linux kernel feature, called cgroups, was launched in 2007. It was designed to limit, account, and isolate resource usage (CPU, memory, disk I/O, network) of a collection of processes. It provides the following resources:
1. Resources limitation: memory usage including virtual memory usage
2. Prioritization: volume of the processor resource and bandwidth of the IO subsystem differ in various groups
3. Calculation: losses count of different resource groups
4. Isolation: name spaces are specifically divided into groups, so that different groups have different types of files and processes access.

Namespaces

Namespaces were the second technology of Linux kernel; it enabled isolation of the address memory space for different processes.
Both technologies: cgroups and namespaces played a key role in the implementation of Linux containers (LXC) in 2008. It meant working on a single Linux kernel without any additional patches, that is a developer could now launch isolated processes with their own memory space and network stack.

LXC and Docker

Considering the fact that LXC uses the kernel of the Linux operating system exclusively, it definitely is not a virtual machine. The beauty of this lies in the reduced usage of resources as well as the possibility to isolate processes. Since every process can have its own resources, file system, PID, etc., it turned out to have even more advantages:
1. Possibility to launch various “conflict” processes into a separate address space
2. Significant increase of performance speed
3. Possibility to divide resources for every single process (network stack, memory, files directory, CPU usage)
4. Speedy deployment procedure

Initially Docker also utilized LXC as its container manager, but later they replaced it with its native/own library known as libcontainer. So, the launch of Docker in 2013 altered the entire ecosystem of container management. In just a few years’ time, Docker started influencing the software industry with the new lexicon, framework and approaches to software development, packaging and management.

Conclusion

When you use Docker you have a ready-made solution to handle your environments without disrupting your software’s performance. With Docker you have the perfect opportunity to react to dynamic project/market changes and to efficiently control different versions of your software. I believe Docker has got a bright future ahead and we will soon be hearing more about this technology.

Follow our blog, in the next post you will read about Docker containers and excellent tools for making your environment more flexible.