A titanic battle is looming over the IT horizon: containers vs. virtual machines. Hypervisors like VMware’s vSphere have held hegemonic sway over the virtualized server infrastructure landscape for more than a decade. But now the age of the hypervisor seems to be in peril.
Containers, like hypervisors, also virtualize server resources. The difference is that containers virtualize at the Linux operating system level while hypervisors, sitting on top of the OS, virtualize at the hardware layer.
You may be asking, "Who cares?" Well, containers are free. They are part of the Linux OS and don’t require separate licensing. Furthermore, since containers put far less overhead on the underlying OS, they can support more applications per host than a hypervisor can. This means businesses can potentially use far less server resources to service their application environment, which could translate into real hard dollar savings.
On top of that, with tools like Docker, application developers can build a standard container image with all of the required application tools and resources and regenerate these images at will (build once/deploy many). This can help speed up the application development and delivery process; providing the business with agility and Dev/Ops capabilities that many organizations are aspiring to achieve.
So what’s the downside? Container isolation and security capabilities, according to VMware, are still in their infancy. And this can make the use of containers a non-starter for many businesses. VMware’s Project Bonneville is an effort to merge the management and security maturity elements available in vSphere into the container universe, without all of the associated server overhead that hypervisors typically place on the host.
By using a “lightweight” VM to manage a container, businesses can isolate containers from each other and thus help ensure better security. This “best of both worlds” approach is designed to enable IT operations to continue using the same vSphere management tools (that they’re already used to) to service up and manage containers.
VMware acknowledges that these lighter weight VMs are still “heavier” than just running naked containers on a host. Enter “Project Photon,” VMware’s initiative to integrate vSphere directly into the Linux operating system kernel. So in theory, the combined technologies of Bonneville and Photon could deliver all of the agility and efficiency benefits of containers while wrapping around all of the isolation and security elements required to manage hundreds or thousands of containerized applications.
Bonneville and Photon are aptly named projects—both use monikers alluding to the speed businesses are striving for to gain a competitive edge. VMware is banking on the fact that businesses will prioritize application security over speed and thus subordinate containers to VMs.