8 months, 3 weeks

Containerization versus virtualization


There are two main ways that system-level isolation techniques can be used for development purposes:

• Machine virtualization, which emulates the whole computer system

• Operating system-level virtualization, known also as containerization, which isolates complete user spaces within a single operating system


Machine virtualization techniques concentrate on emulating whole computer systems within other computer systems. Think of it as providing virtual hardware that can be run as a piece of software on your own computer. As this is full hardware emulation, it gives you the possibility to run any operating system within your host environments. This is the technology that drives the infrastructure of Virtual Private Server (VPS) and cloud computing providers, as it allows you to run multiple independent and isolated operating systems within a single host computer.


Operating system-level virtualization, on the other hand, does not rely on emulating the hardware. It encapsulates a user-space environment (shared libraries, resource constraints, filesystem volumes, code, and so on) in the form of containers that cannot operate outside the strictly defined container environment. All containers are running on the same operating system kernel but cannot interfere with each other unless you explicitly allow them to. Operating system-level virtualization does not require emulation of the hardware. Still, it can set specific constraints on the use of system resources like storage space, CPU time, RAM, or network. These constraints are managed only by the system kernel, so the performance overhead is usually smaller than in machine virtualization. That's why operating system-level virtualization is often called lightweight virtualization.


Containers are a great alternative to full machine virtualization. It is a lightweight method of virtualization, where the kernel and operating system allow multiple isolated user-space instances to be run. If your operating system supports containers natively, this method of virtualization will require less overhead than full machine virtualization.


There are two leading tools for providing system-level isolation of development environments:

• Docker for operating system-level virtualization

• Vagrant for machine virtualization