Docker vs VM

Joseph Sibony reading time: 8 minutes

May 13, 2021

There are a number of options for application hosting and development. If you are comparing the option of Docker vs VM, the answer to which one is right for your team depends on several factors. In the case of Docker, you will need to determine if your application is ready to run inside containers vs VMs. Cost and ease of adoption are also important factors.

Cloud and hybrid cloud automation have enabled more creative workflows for writing and deploying code. Container technology in conjunction with other advancements has shown to decrease reliance on requests for infrastructure from Ops. Here, we will discuss these and other aspects as they apply to Docker vs VM.

Virtual Machine Application Hosting

We have virtualization to thank for much of what we use in everyday software development. Using various types of hypervisor solutions, companies are able to take pools of resources to create machines that would normally be individual pieces of hardware. VMs allow for a fast and reliable way of creation by combining machine images with underlying automation.

By using existing hardware, users are able to create the pooled resources needed for an on-premise cloud environment. Many of today’s production systems use VMs to handle serving critical applications. Using virtualized machines is one way to allow for a mix of tried-and-true infrastructure with the benefits of more modern and centralized management.

Clustering this type of infrastructure is more likened to bare metal machines. Each VM is its own entity and can be sectioned off with virtual networking and storage. In the case of VMware, vSphere enables automation that brings the ability to create dynamic machines from scripts or via interfacing with 3rd party orchestration software. This is one reason a team may be using VMs vs Docker.

Recently, more focus is being put on containers and orchestration tools like Kubernetes (read more on Docker vs Kubernetes here). Those already using VMs in a VMware environment now have the option to start incorporating a hybrid approach. Meaning support for not only VMs, but also for container technology like Docker and Kubernetes.

A Quick Docker Primer

Docker

Docker is similar to a virtual machine. It is a representation of a full machine image all the way down to running and exposed services. Using this approach has taken the concept of hosting via VMs and extended it further to support a greater degree of management and flexibility. The positives of using a containerized approach to software development are abundant.

Developing applications using Docker allows for a more true representation of what will be run in production. This is because of how Docker images are designed, built, and deployed. Developers can help set direction on the environment used to serve their application. This allows for a lot of creative freedom that may be restricted in other areas when using a full VM image solution.

Automation is another key aspect where Docker shines. Within the Dockerfile are the instructions to install the base operating system, any prerequisite software, and patches. Developers can then use these images to have instant access to a fresh, local environment for testing their changes. This approach helps lessen the prevalence of the phrase “Works on my machine!”

Moving to a containerized application model has other positives that should be mentioned. In addition to the wins around standardization and automation comes the ability to run more with less. What does that mean? A virtual machine is typically used for each application that may be part of a larger environment. In contrast, Docker allows for abstraction at the application layer.

With each executing in its own, protected process, security is maintained while keeping the ability to use the underlying Docker image for multiple applications. Clearly, this has made way for much more efficient development workflows. Plus, it puts teams one step closer to more robust solutions using an orchestration tool to extend their built containers even further.

Those working in a cloud space such as Microsoft Azure also benefit from ready-made infrastructure to serve containers. This ability for the resultant Docker images to be run across multiple environments has allowed for much cleaner configuration and deployment methods for DevOps engineers. The approach is quickly becoming the norm as things move more towards containerization.

Docker vs VM – From Comparison to Complimentary

Although there are similarities between the usage of Docker vs VM, it is how they work together that can open up more ability for higher uptime and better use of resources. Using various orchestration and automation methods, Docker images and Virtual Machines can work in tandem to create stable services running on less infrastructure.

For example, an application may use MS SQL for the data layer. Since MS SQL is better executed on a VM vs Docker, a virtual machine would be created and configured with the appropriate setup and security. Alongside this server would be a Docker host that runs the containers holding the applications. This hybrid approach removes the need for a VM per application and may help with better resource optimization.

Another example is the integration of Docker containers with virtualization software such as VMware. As we discussed earlier, VMware vSphere now enables container support up to and including Kubernetes clusters. This is where a simple Docker application takes on a newfound ability for scaling, monitoring, and self-healing of the services it provides

Docker vs VM – A Comparison

	Docker	VM
Virtualized	Yes (docker engine on OS hypervisor)	Yes
CLI Management	Yes	Yes
Clusterable	Yes (Using an Orchestrator)	Yes (Traditional)
Resource Sharing	Shared.	Dedicated to VM.
Persistent Data	Yes (Somewhat complicated.)	Yes
Portable	Yes	N/A
Easy to Implement	Very	Somewhat (May require Ops service request.)

When to Use Docker vs VM

It is clear that the options are readily available for your application’s infrastructure. A solid look at the architecture involved, uptime required, and security requirements are all factors in deciding whether you run your service via Docker vs VM. Both have pros and cons as well as situations where a combination may be the way to go.

Take for example a simple application whose only job is to display the current date, time, and temperature for geolocation. Looking at the factors above, we can determine what infrastructure would be best to run the service in production. Here are a few facts about the application:

The application is created in Node.js.
No login security is required.
Uptime is not critical as this is a vanity application.
Data persistence being warning level application logs is not necessary.

Looking at the above information, we can determine a few things:

Since the application is Node.js, a Docker base image exists that has the base requirements pre-installed. Building the application involves adding files to the image’s app directory.
Data is received from the system and an outside API that provides the temperature information. Logging for the calls to the external API should be added.
A clustered environment would not be necessary due to the low resource usage and low traffic.

In this situation, it would not make sense to run such a simple web service in a full-fledged environment like a virtual machine. Rather, a simple Docker image is created and populated with the built application files. The portable container can then be run on a number of hosts that support Docker. This takes advantage of the fast workflow that becomes available when using containers vs. a fully virtualized environment.

In contrast, another application example involves a web service that handles financial transactions for cryptocurrencies. In the same way, we examined the simple vanity service, we will look at this application in more detail:

Application runs via .NET Core.
It checks for an active login session.
Uptime must be as close to 100% as possible excluding maintenance.
Data persists via a connection to a MS SQL database.

As before, we can glean a few pertinent details from the information we have:

The application can be served using a Docker base image that builds and publishes the results to an application layer within the container.
The containers must persist the session even through application scaling.
An orchestration tool needs to be used such as Kubernetes to handle internal probes and ability to recreate a container in a stuck state.
The Docker host should be on the same VLAN as a MS SQL virtual machine to allow for secure data transit.

This is where a hybrid approach would be desirable. As stated earlier, MS SQL is better run on infrastructure like a virtual machine so that the necessary aspects can be properly configured and monitored. This is also where orchestration can help with the aspects of data persistence and security. In the case of Kubernetes, probing and self-healing capabilities allow the cluster to bring up applications in a manner to ensure they start properly and remain available.

There may also be situations where “containerizing” an application is not a viable option. In these cases, a virtual machine is likely the best choice. However, quick wins can still be realized by converting existing bare metal infrastructure to virtualized. Doing this frees up even more resources that can then be used for additional compute, memory and storage for virtualization.

Putting It All Together

There are various situations where Docker will be a helpful option for legacy and new application development. Knowing the benefits of each and how they may actually complement each other should help you make a decision on what direction to move forward. In either situation, virtualization has shown itself to be a great tool for the development and management of today’s applications.

Whether you are serving a simple date/time application or crunching thousands of transactions per minute, a solution exists to improve your services performance and stability. Take a look at each technology and take some time to see how different applications operate in both. The best approach is to do a true performance comparison. At the end of the day, the right solution will show through.

The Incredibuild Angle

When discussing Docker vs VM we couldn’t help bringing up the Incredibuild angle.

VMs and containers today are not used only in production but are an essential part of a mature CI/CD pipeline. When VMs or containers are used as build servers to run your CI/CD, Incredibuild can transform them into super containers with hundreds of cores that run faster builds, tests, and other compute-intensive processes. Try it free.

Joseph Sibony

Joseph Sibony, Incredibuild's Senior Content Manager, has spent his life surrounded by technology. From hardware to software and everything in between. He has worked in data science, cyber security, and has written extensively about the intersection of technology and society.

Cookie	Duration	Description
ARRAffinity	session	ARRAffinity cookie is set by Azure app service, and allows the service to choose the right instance established by a user to deliver subsequent requests made by that user.
ARRAffinitySameSite	session	This cookie is set by Windows Azure cloud, and is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.
cf_use_ob	past	Cloudflare sets this cookie to improve page load times and to disallow any security restrictions based on the visitor's IP address.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_gat	1 minute	This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.
_uetsid	1 day	Bing Ads sets this cookie to engage with a user that has previously visited the website.
_uetvid	1 year 24 days	Bing Ads sets this cookie to engage with a user that has previously visited the website.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-8508435-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjIncludedInPageviewSample	2 minutes	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.
_hjIncludedInSessionSample	2 minutes	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit.
_hjTLDTest	session	To determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
MR	7 days	This cookie, set by Bing, is used to collect user information for analytics purposes.
utm_campaign	2 months	Google Ad Services sets this cookie to store session campaign value if present.
utm_content	2 months	This cookie is used for storing the session content value if present.
utm_source	2 months	This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
utm_term	2 months	This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
_mkto_trk	2 years	This cookie, provided by Marketo, has information (such as a unique user ID) that is used to track the user's site usage. The cookies set by Marketo are readable only by Marketo.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
personalization_id	2 years	Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
utm_medium	2 months	This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Docker vs VM

Virtual Machine Application Hosting

A Quick Docker Primer

Docker vs VM – From Comparison to Complimentary

Docker vs VM – A Comparison

When to Use Docker vs VM

Putting It All Together

The Incredibuild Angle

Joseph Sibony

Table of Contents

Shorten your builds

Related Posts

8 minutes Platform Engineering vs DevOps: A Comprehensive Comparison

8 minutes These 4 advantages of caching are a game-changer for development projects

8 minutes Build Cache Today and Tomorrow

Cookie	Duration	Description
_hjSession_2537450	30 minutes	No description
_hjSessionUser_2537450	1 year	No description
AnalyticsSyncHistory	1 month	No description
BIGipServersn-mch-v2-80	session	No description
BIGipServersn02web-nginx-app_https	session	No description
ib_last_referrer	2 months	No description
incap_ses_1319_2167377	session	No description
li_gc	2 years	No description
muc_ads	2 years	No description
nlbi_2167377	session	No description
original_req_url	past	No description
referrer66_00f	1 month	No description
visid_incap_2167377	1 year	No description
visitorId	1 year	No description