Where to Run Containers

There is a never-ending debate on where to run your containers, bare-metal or VMs (virtual machines). At Bigstep we have chosen the raw power of bare-metal and have eliminated the performance overhead caused by the hypervisor. This article is about this already classic debate and we explain the differences and advantages of both cloud technologies.

Virtualization

Virtual machine partitioning exists for a long time, since the 60s, and became really popular when virtualization started on servers in the early 2000s. Virtualization adds a hypervisor layer in an operating system that offers the possibility of running multiple operating system instances on the same physical host, while introducing a performance overhead on the host’s operating system.

One simple example is to have a Linux server and run many other operating systems, like OSX from Macintosh and Windows and maybe a Linux Server at the same time on a single machine. With VMs, if you buy another server and install Linux on it, you can just copy all those 3 VMs that contain OSX, Windows, and Linux on the new server, and so on and so forth.

Bare-metal means running your apps directly in the operating system of the machine, without virtualization.

Containers

Containers are units of software grouped together with all their dependencies and can be easily migrated from one computing environment to another. To oversimplify this definition, containers are groups of software that are organized in a manner that makes them easy to copy or transfer from one server to another.

Having started in 2013, Docker technology is newer, and uses a system that saves resources by running many software containers that access resources inside one operating system. By using the CPU, memory, and other low-level hardware resources managed by cgroups on the same kernel, you can run tens of operating systems in containers on a single machine. In comparison, a hypervisor will create a new kernel instance for each VM instantiation, hence the performance downgrade.

Running apps in containers is usually a good idea, as it makes the apps multi-cloud and serverless-ready. Still, keep in mind that there is a minor loss in performance compared to running the apps directly on bare-metal, but the portability and the other advantages of containers outweigh this loss.

Bare-Metal Containers vs. Containers inside VMs

Containers can be run inside a virtual machine or directly on bare-metal. Compared to running inside VMs, running Docker technology on bare-metal almost fully harnesses the power of the machine and saves precious resources.

Bare-metal containers save resources from emulation.

Resources that are wasted on the actual emulation are saved with bare-metal server containers, as running container-based applications is managed directly by the host operating system or high-level container orchestration engines.

Installing containers on bare-metal is easier for admins

Having a single operating system running demands less work for the admin when something goes wrong or when he wants to distribute resources in another way between containers.

Running containers inside VMs offer some minor portability advantages which we deem negligible as container technology has evolved, and containers are now very easy to port from one bare-metal server to another.

There may also be a minor security increase from the isolation that virtual machines offer, but this is for the most extreme fanatics, and containers on bare-metal are extremely secure as well. The container technology now offers a lot of security hardening strategies that can be implemented to minimize the associated risks when run on bare-metal.

Conclusion

If you decide to purchase cloud computing and have a skillful admin to organize Docker containers, using bare-metal containers extracts more computing power from each single machine, making it cheaper and more efficient.

At Bigstep we use high-performant HP servers with the same hardware configuration on all of our bare-metal servers, but not all cloud providers do. Using different kinds of hardware and running containers inside VMs on those servers leads to a lack in performance and cost optimization.