Hypervisor and Container
A hypervisor is a piece of software, firmware, or hardware that VMs run on top of. The hypervisors themselves run on physical computers, referred to as the “host machine”.
- Type I Hypervisor: This type of hypervisor is deployed as a bare-metal installation. This means that the first thing to be installed on a server as the operating system will be the hypervisor. The benefit of this software is that the hypervisor will communicate directly with the underlying physical server hardware. Those resources are then paravirtualized and delivered to the running VMs. This is the preferred method for many production systems.
- Type II Hypervisor: This model is also known as a hosted hypervisor. The software is not installed onto the bare-metal, but instead is loaded on top of an already live operating system. For example, a server running Windows Server 2008R2 can have VMware Workstation 8 installed on top of that OS. Although there is an extra hop for the resources to take when they pass through to the VM – the latency is minimal and with today’s modern software enhancements, the hypervisor can still perform optimally.
- Containers: Share the OS kernel of the host and thus are lightweight. However, each container must have the same OS kernel.
What is a Container
Available for both Linux and Windows based apps, containerized software will always run the same, regardless of the environment.
Containers isolate software from its surroundings, for example differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure. The container lives as long as the application process inside of it is running. As soon as the process stops, the container will also stop.
The sandbox, or container, can have access to its host’s resources. You can specify how much compute and memory the sandbox should have access to as well as what kind of networking should occur.
LXC: The original Linux container is Linux Containers, commonly known as LXC. LXC is a Linux operating system-level virtualization method for running multiple isolated Linux systems on a single host. Namespaces and cgroups features make LXC possible.
Windows has two type of containers; Windows Server Containers and Hyper-V Containers
- Windows Server containers containers share the kernel from the host operating system, so they’re lightweight and fast. When you run a process inside a container, the process actually runs on the host and you can see it listed in Task Manager or Get-Process.These containers do not provide a hostile security boundary and should not be used to isolate untrusted code.
- Hyper-V containers or aka “isolated containers” run in a very thin virtual machine on top of the host, the kernel of the container host is not shared with other containers on the same host. When you run a process inside a Hyper-V container, the host doesn’t know about it. Hyper-V containers provide higher isolation, and the VM layer is minimal, so performance is still good. These containers are designed for hostile multitenant hosting with the same security assurances of a virtual machine
vSphere Integrated Containers enables VMware customers to deliver a production-ready container solution to their developers and DevOps teams. By leveraging their existing SDDC, customers can run container-based applications alongside existing virtual machine based workloads in production without having to build out a separate, specialized container infrastructure stack.
Docker started out as an open source project to build specialized LXC, it later morphed into its own container runtime environment. At a high level, Docker is a Linux utility that can efficiently create, ship, and run containers.