What is the right choice for my company: containers or virtual machines?

In our previous blog posts we provided an introduction to containers and discussed the difference between containers and virtual machines. We also talked about the benefits containers have to offer, of which there are many: portability, scalability, cost reduction and flexiblity. But that doesn’t necessarily mean containers are the best solution for every business. In this blog post we’ll try to answer the question ‘How to choose between containers and virtual machines?’.

Security: a reason to avoid containers?

Let’s start with the widely discussed matter of security, since it’s often mentioned as the main reason to avoid containers. Here at Kumina we have a slightly different opinion. Sure, the use of containers brings up some challenges and requires a new approach, but what new technology doesn’t? VMs have been around for years, so there is a great amount of best-practice knowledge about them available, while container security is a relatively new field. Many say container security is an issue since containers are less isolated and share the same OS. That’s true: in theory it’s possible for malicious code to escape from a container and attack the entire OS and therefore all the other containers running on a given machine. But there are lots of measures you can take to avoid such a scenario: Orchestration tools like Kubernetes have many helpful features, and there is no reason to set up multi-tenant container environments, preventing you from having to deal with many security concerns. This makes container security roughly equivalent to VM security.
Security will always be a hot topic in IT; new threats as well as new solutions pop up every week. With the speed at which container technology, tools and security are maturing, the security landscape is changing and improving each month. In our opinion, security is no reason to avoid the use of containers, as long as you make sure your developers as well as your sysadmins or external managed service provider are up to date on the latest best practices and possess the proper knowledge and skills to secure applications and their underlying environment.

The use of containers on top of virtual machines

In practice, at present most companies run containers on top of virtual machines. Security is often mentioned as a reason for them to do so, but it’s not the only or even main reason. Most organisations simply want to run their containers in the cloud, which nearly automatically means running them on a VM. And they do so for good reason: running containers on VMs provides you with more flexibility. They can be added or removed at any given moment, while adding hardware can take hours, or even days. This enables you to act fast, which in turn offers you the possibility to save on costs, for example when your application experiences peak traffic or seasonal traffic. Another benefit of this flexibility is a short time to market, for instance when your company provides a SaaS offering and a potential new big client comes along: if you can’t serve them fast, you could lose them to the competition.

What is the right choice, containers or virtual machines?

The use of containers by enterprises is growing rapidly, and you probably are wondering why we don’t just blindly recommend you use containers since they clearly offer so many benefits and opportunities. An important thing to keep in mind when answering this question, is that the use of containers should not be your end goal. You shouldn’t turn to containers simply because ‘everybody does so’, but only if containers truly help you achieve your strategic business and IT goals. Let’s elaborate with an example of a company that develops web-based applications. Imagine its long-term business goal is to ‘Improve business and operational processes in order to increase employee productivity’. The goal of the IT-manager could be to ‘Improve the workflow and productivity of the IT department’. Should the applications be suitable for conversion into microservices, containers could be a great fit and really improve the developers’ workflow, thereby contributing to the overall business goal. In our opinion, containers are a good fit in most cases and for most business strategies nowadays since they offer so many advantages, but there are some exceptions. Let’s have look at a few technical cases in which VMs seem to be the logical solution, before we dive into the business cases where containers would be a great fit.

Technical reasons to choose virtual machines over containers:

Set-up requires manual steps or cannot be automated

Efficient use of containers almost automatically means needing to have a continuous integration set up to efficiently rebuild containers. If you are not able to automatically rebuild containers, you may be better off using a conventional VM set-up so you can upgrade in place. Your application may not be suitable for automatic testing, your existing methodology may not be easily automatable, or you may lack the capability to set up and maintain this degree of automation infrastructure. One or more of the preceding issues might make your transition to container-based services more difficult than warranted.

Extremely slow starting or monolithic services

A container infrastructure is built with flexibility in mind; you want to be able to move, start and stop containers reasonably fast so you can optimise resource use and re-balance if advantageous or needed. Heavy applications that take over 5 minutes to start are usually not a good fit for containerisation due to the loss of flexibility, one of the most valuable features of container environments. You will probably be better off basing these services on custom VMs, and not trying to force these applications into the reproducible, replaceable paradigm that containerisation technology provides.

Business examples: when containers are the best solution

Speed and flexibility

The main appeals of containerisation are the flexibility and speed it provides. A container platform enables you to (re)balance resources quickly in order to respond to outages, peak or incidental traffic, batch processing and scale-out. Containers also offer you the possibility to scale out only a specific part of your microservice application, resulting in a better use of your resources and enabling you to save on your IT costs. The ease at which you can scale your environment makes containers very attractive to companies that experience dynamic load levels and a great practical solution for start-ups, enabling them to start small and have the flexibility to grow rapidly.

Perfect foundation for continuously integrated/deployed applications

For companies whose core business constitutes web-application offerings, containers are a game-changing technology. According to research regarding container usage, the main reason for most companies to switch to containers is development efficiency. A container platform is a comfortable and natural fit for a microservice-oriented, continuously integrated/deployed application, enabling a less complex and more efficient development pipeline. This leads to competitive advantages like faster time to market and the ability to come up with quick responses when it comes to requests and bugs, something your customers will greatly appreciate.

Accountability and reproducibility

Container technology provides you with simplified, verifiable and reproducible deployments; immutably and versioned container images give you exceptional grip on deployments and codebase versioning. This offers you the peace of mind that your production environment actually reflects the precise state of your test environments and offers you a verified way back should problems arise. This reduces the risks of service outages and human errors in the development and testing process, providing you with more confidence that end users won’t experience problems that were overlooked when testing the app.

Hopefully, we gave you a good idea of how containers can help you keep up with evolving market and business needs. In our next blog post we will discuss the monitoring of containers.

Kumina creates and manages Docker and Kubernetes based container platforms, completed with a wide range of professional services and unlimited support. Don’t hesitate to contact us when you are considering the move to a container-based platform, we love to help you get started with a free consult.

Tags: , , ,


Leave a Reply