Score:-2

Why virtualization still used instead of containers?

in flag

In 2021 era of containers, cloud providers still use hypervisor to make it possible to use more of a system's available resources and provide greater IT mobility since the guest VMs are independent of the host hardware.

Hypervisor, allows a physical server to operate multiple VMs as guests running alongside each other.

Containers are a form of operating system virtualisation.

Both system can achieve same purpose, but containers are much more efficient.

You can say containers are not offer enough security, but zero trust container could be possible.

I still wonder why cloud providers still use hypervisor instead of containerization in their bare metal servers.

anx avatar
fr flag
anx
The term "zero" much like "perfect" is harmful to any security topics in its ability to evade a clear definition. Please use terms that actually convey meaning.
Score:3
za flag

Containers are not "a form of operating system virtualisation". Containers are the way to build multiple user environments in a single OS image. Containers and VMs were never able to achieve the same purpose. Containers are based on technology that was never intended to replace virtual machines at all; it is the way to build jails more secure than, say, chroot (it is like "chroot on steroids").

If you want to see "a form of operating system virtualisation", learn about Xen paravirtual technology; that is the form of OS virtualisation.

There are many tasks which is not possible to do in containers, for example, people often need to run both Windows and Linux apps and god only knows what else, and the only way to do that is virtualisation.

Yet there are many tasks that could be solved either way. Why they still aren't always solved using containers?

Because of inertia in people's minds. VMs are just like computers, which we use for very long time and everybody is accustomised to them. Containers are very different things.

Because of Windows widespread, which doesn't have such a concept. I can even speculate that's because it is hard to enforce licensing restrictions in truly secure containerized environment; Micro$oft licensing terms were always very muddy, but inclusion of containers could make that unbearable even to their most loyal proponents.

Andrew Henle avatar
ph flag
*Containers are the way to build multiple user environments in a single OS image.* Which means that if that OS image gets compromised, every container is compromised. That's a huge advantage for virtualization. Besides, containers are just a (poor) reinvention of 1980/1990s Solaris zones... :-D
Nikita Kipriyanov avatar
za flag
I don't know about Solaris zones, but containers in Linux actually is very rich technology. I suspect they easily could be more advanced than old Solaris technology just because the overall technology level in computing is higher after 30 years of development.
Score:1
in flag

Virtualization is still used because it is extremely flexible despite the numerous advantages that come with containers.

For example, you can have nested virtualization enabled on a VM guest. With this feature enabled, the VM guests have the same virtualization ability that the host system has.

With a set up like this, you can extend your resource footprint much more than just using a host system for only containers or a limited amount of VMs which in turn host containers.

Each individual VM can in theory create a further 3-5 VMs which can then be containerized and used much more efficiently.

Score:0
ye flag
raj

With containers, you need to run the same OS in all containers. But people often need to run different OSes. You may need to run both Linux and Windows systems in the cloud; moreover, you may need to run some specific, old version of either Linux or Windows for a particular application that doesn't work on newer systems. For a cloud provider, the only way to fulfill the needs of different customers (who may need multiple different OSes) is virtualization.

Score:0
ng flag

Because there are lots of use cases which require a full OS install and a kind of persistence that containers just don't have.

This is by Microsoft and obviously Azure-oriented, but still a good comparison: https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/containers-vs-vm.

in flag
we can solve persistence by using network attached storage.
Massimo avatar
ng flag
Yes, and that's very good way to needlessly overcomplicate things when you could just run a VM.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.