原文:Docker vs Virtual Machine – Understanding the Differences
【要点归纳及重点翻译自查】
【自行渣翻】
【计算机小白、 Docker小白】
【如有问题恳请大佬指点 p(´⌒`。q)】
总述:lightweight, economical, and scalable.
轻量级、经济、可扩张性(可塑性)
What is a Virtual Machine?
A virtual machine is a system which acts exactly like a computer.
虚拟机是一个就像电脑一样工作的系统
It makes it possible to run what appears to be on many separate computers on hardware, that is one computer.
它将看起来需要在许多独立计算机硬件上运行的东西在一台电脑上实现。
Each virtual machine requires its underlying operating system, and then the hardware is virtualized.
每台虚拟机需要底层操作系统,然后实现硬件虚拟化。
What is Docker?
Docker is a tool that uses containers to make creation, deployment, and running of application a lot easier. It binds application and its dependencies inside a container.
Docker是一个利用容器使得创建、部署、运行程序更简单的工具,它将应用程序和依赖关系都绑定在容器内布。
Docker vs. VM
The significant differences are their operating system support, security, portability, and performance.
核心的不同点在于他们的操作系统支持、安全性、可移植性和性能。
1.Operating System Support
*Infrastructure 基础结构
*Hypervisor 管理程序
Each virtual machine has its guest operating system above the host operating system, which makes virtual machines heavy.
每个虚拟机在主操作系统上都有它的客户操作系统,使得虚拟机很繁重。
Docker containers share the host operating system, and that is why they are lightweight.
Docker容器共享主操作系统,这就是为什么它是轻量级的
make them very light and helps them to boot up in just a few seconds.
轻巧、在几秒内启动
Hence, the overhead to manage the container system is very low compared to that of virtual machines.
因此,和虚拟机相比,管理容器系统的日常开支很低
适用场景
The docker containers : run multiple applications over a single operating system kernel.
Docker:在一个操作系统内核运行多个应用程序
virtual machines :have applications or servers that need to run on different operating system flavors
虚拟机:在不同风格的操作系统上运行应用和服务器
2.Security
The virtual machine
does not share operating system, and there is strong isolation in the host kernel.
不共享操作系统,与主机内核隔离
more secure as compared to Containers.
比容器安全
can’t get direct access to the resources, and hypervisor is there to restrict the usage of resources in a VM.
无法直接访问资源,虚拟机监控程序限制资源的使用。
Docker
A container have a lot of security risks, and vulnerabilities as the containers have shared host kernel.
有许多安全风险,以及容器共享主机内核的漏洞。
docker resources are shared and not namespaced, an attacker can exploit all the containers in a cluster if he/she gets access to even one container.
由于共享和未被命名,攻击者只要能访问一个容器就可以利用集群中的所有容器
3.Portability
Docker
easily portable——do not have separate operating systems
易携带——没有独立的操作系统
can be ported to a different OS, and it can start immediately.
可被移植到不同的操作系统,可以立即启动。
The virtual machine
separate OS, so porting a virtual machine is difficult as compared to containers, and it also takes a lot of time to port a virtual machine because of its size.
有独立操作系统,和容器相比移植更困难,由于体积关系需要很长时间来完成。
For development purposes where the applications must be developed and tested in different platforms, Docker containers are the ideal choice.
对于必须在不同平台上开发和测试应用程序的开发目的,Docker容器是理想的选择。-
4.Performance(主要描述Docker优于Virtal Machine的地方)
lightweight architecture (less resource-intensive feature)
轻量级架构(资源消耗较少的特性)
As a result, of which containers can startup very fast compared to that of virtual machines, and the resource usage varies depending on the load or traffic in it.
因此,与虚拟机相比,哪些容器可以非常快地启动,而资源使用情况则取决于其中的负载或流量。
there is no need to allocate resources permanently to containers.
不需要将资源永久分配给容器。
Scaling up and duplicating the containers is also an easy task , because there is no need to install an operating system in them.
扩展和复制容器也是一项简单的任务,因为不需要在其中安装操作系统。
Conclusion
