Containers Progress in a World of Data Center Virtualization

The rising interest and investment in so-called cloud native data technologies are driving many to build, manage and scale applications in a more robust yet efficient manner. Increasing, more attention is turning to containers.

Container technology is a software innovation that dates back to 1979 but became popular in 2013, which is about a decade after data center virtualization became widely adopted.

Containers give developers the ability to create predictable environments in which to create, run and move applications separately from other critical applications. Different hardware can power these “cloud-native” apps, including on-premises data centers or public cloud services.

The global application container market was estimated at $698 million in 2016 and is expected to reach $8.20 billion by 2025, according to Allied Market Research.

Containers, along with other intertwining innovations, are defining the world of cloud native.

“Cloud native is a bit of a misnomer because these applications run anywhere, not just in the public cloud,” said Greg Muscarella, a vice president of products at Nutanix, where he helps bring the company’s cloud-native portfolio to customers.

By definition, cloud native technologies enable loosely coupled systems that are resilient, manageable and observable, according to the Cloud Native Computing Foundation. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil.

Evolving with VMs and Containers

Virtual machines (VMs) are managed by a hypervisor, which abstracts and isolates the VMs and their programs from the underlying server hardware. This gets more use out of physical resources, simpler maintenance and operations, and can reduce costs, according to Nutanix. 

IT organizations adopted virtual machines (VMs) to manage sprawl and even reduce the hardware footprint in their corporate data centers. This brought great efficiencies and sped server provisioning, the ability to scale up more computing resources were needed. 

For nearly a decade, a growing number of developers have turned to containers as a foundation for building new and update existing applications because containers provide a portable platform.

Containers are now prevalent among large Internet companies that need to develop applications once and run them globally on any number of mobile, cloud and traditional platforms. Muscarella said many IT teams are exploring where to run containers on single-tenant bare metal servers or VMs.

“You get secure isolation between VMs on the same physical machine,” Muscarella explained. This is because each VM uses its own OS while virtualizing the hardware platform.

“So one VM can’t attack another,” he said. “With containers, which share an OS, Container X could see Container Y unless you put some safeguards in place.”

The same issue arises when it comes to the reach of a container OS failure. A given application might require anywhere from a handful of containers, which are pieces of a program or individual microservices, to as many as 500, said Muscarella. 

So if 100 containers shared a single OS kernel and the OS were to fail, all 100 containers would be compromised. However, if a VM supporting a few containers were compromised, a much smaller number would be affected; other VMs running different containers would remain operational.

Muscarella estimated, however, that there’s a 10% to 15% performance tax with VMs, given their many software dependencies, which can get costly when running them in a public cloud infrastructure. 

“In the cloud, you get more useful capacity out of each of your servers with containers and you get more portability from server to server,” he said.

Containerized Apps on VMs

The process of updating container-based applications is lean, according to Muscarella. 

“Rather than the traditional method of creating multiple versions of an app, which can quickly fall out of sync, you simply kill and replace individual containers as needed,” he said. “This approach avoids configuration drift.” 

“Drift,” he explained, refers to discrepancies between primary and secondary software infrastructure configurations that can cause disaster recovery processes to fail.

A few initiatives are bringing VMs and containers closer together. For example, hypervisors supporting container APIs have emerged that allow a container to run inside a VM to simplify management, said Muscarella.

A VM’s dedicated OS can support a container engine, such as the well-known Docker container development platform, and run an array of containers within the VM instance; in effect, collapsing the two infrastructures. 

Operating a container within a VM also brings the VM’s process isolation and security benefits to the containers and limits the vulnerability scope if a problem occurs, Muscarella said.

Muscarella explained that the Prism management system for the Nutanix hyperconverged datacenter environments enables IT to see both VMs and clusters of Kubernetes-managed containers from a single console. Kubernetes is the widely adopted open-source orchestration system for automating the deployment, scaling and management of containerized applications.

Also, the Cloud Native Computing Foundation’s KubeVirt open sandbox technology provides a unified VM-container platform for development teams that wish to run Kubernetes and containers but also must support VMs. There developers can build, modify and deploy applications using a common, shared environment. They can also containerize VMs that are candidates to work in the cloud-native model.

"Containers will become de facto,” Muscarella said. 

“IT ops typically purchase apps as software that comes as an installer that you set up as a VM. Less common but becoming more so is distributing software as a container package that you just run anywhere." 

Joanie Wexler is a contributing writer and editor with more than 20 years’ experience covering IT and computer networking technologies.

© 2021 Nutanix, Inc. All rights reserved. For additional legal information, please go here.