Containers vs Virtual Machines (VMs)
Containers are an evolution of virtualization, virtualizing the operating system rather than the hardware. This allows multiple applications to run isolated on the same OS instance. Here’s a comparison:
| Feature | Containers | Virtual Machines |
|---|---|---|
| Isolation | Lightweight isolation; not as strong as VMs | Strong isolation; complete separation from host OS and other VMs |
| Operating System | Runs only the user-mode portion; minimal resources | Runs a full OS including kernel; higher resource usage |
| Deployment | Docker CLI for single containers; orchestrators (e.g., AKS) for multiple | Windows Admin Center/Hyper-V for single; PowerShell/SCVMM for multiple |
| Persistent Storage | Azure Disks for local storage; Azure Files for shared storage | Virtual Hard Disk (VHD) for local; SMB shares for shared storage |
| Fault Tolerance | Orchestrator can rapidly recreate containers if a node fails | VM failover to another server with OS restart |
Advantages of Containers:
-
Faster development and deployment
-
Easier application testing
-
Higher resource utilization
-
Lightweight and flexible
Azure Container Instances (ACI)
ACI allows running containers in Azure without managing VMs. It is ideal for isolated workloads such as task automation or simple applications.
Key Features:
-
Fast startup (seconds)
-
Public IP and DNS support
-
Hypervisor-level security
-
Dynamic scaling of resources
-
Persistent storage via Azure File Shares
-
Supports Linux and Windows containers
-
Multi-container scheduling (co-scheduled groups)
-
Deployable in Azure Virtual Network
Container Groups
A container group is the top-level ACI resource, similar to a Kubernetes pod:
-
Scheduled on the same host
-
Containers share lifecycle, network, and storage
-
Can expose a public IP and ports
-
Example: 2 containers, one listening on port 80, another on 1433; two Azure file shares mounted
Deployment Options:
-
ARM template: Deploys ACI + additional Azure resources
-
YAML file: Simple, concise deployment for container instances
Resource Allocation:
Resources like CPU, memory, and optional GPU are summed from the containers in the group.
Networking:
-
Share a single IP address and ports
-
Port mapping within a group isn’t supported
-
IP and FQDN released when the group is deleted
Use Cases for Multi-Container Groups:
-
Web app container + content fetcher container
-
App container + logging container
-
App container + monitoring container
-
Front-end + back-end containers
Docker Overview
Docker is a platform for packaging applications as containers. A container includes:
-
Application code
-
Runtime (e.g., .NET Core)
-
System tools
-
Settings
Docker ensures consistency: same container runs locally, in QA, and in production. Containers can be scaled using ACI.
Key Docker Terms:
-
Container: Running instance of an image
-
Container image: Immutable package with dependencies and configuration
-
Build: Create an image from a Dockerfile
-
Pull: Download an image from a registry
-
Push: Upload an image to a registry
-
Dockerfile: Script defining how to build an image
