Docker on vSphere – Photon OS

There has been a lot of talk about Docker, Containers, vSphere Integrated containers etc.  It can be quite confusing, even to someone who has worked in the industry for a long time.  Before I build on my vSphere VIC install post here, I thought it would be a good idea to explain some of the fundamentals of our ever changing virtual landscape.  Some of this you may know, some it you may not, but it will hopefully be a good refresh either way.

What is a Virtual Machine?

On Wikipedia a Virtual Machine (VM) is defined as an emulation of a computer system which provides the functionality of a physical computer and for that to run it needs to be hosted on a Hypervisor (Type 1 for native or bare-metal – ESXi, Type 2 or hosted on hypervisors – VMware Workstation).  In essence we take a physical machine and move it entirely into software, so that to a degree, the hardware layer ceases to matter, and you can have true mobility and high availability, migrating across compatible hardware.

What is a Container?

A container is defined as a receptacle for holding a product. So for computers it is a lightweight image which is standalone and includes everything that it needs to run, OS, code, tools , libraries and settings which can be developed on one platform and run on another as it is self-contained. It again needs to hosted on a platform.  A cool fact is that each time you start streaming a movie on Netflix, this spawns a container on their back end which is destroyed when you stop watching.

What is Docker?

Docker is a computer virtualization program that is based on features of the Linux Operating system that runs packages called containers and was first developed by Docker Inc in 2013, but is based on Linux Container Technology like Solaris Zones, BSD Jails and LXC.

Docker is run by a process daemon that is on the underlying host operating system and it provides images, registries and containers.

Which is why Containers are commonly referred to as Docker Images.

How does a Container differ from a Virtual Machine?

Here’s the part that confuses most people I speak to, and for good reason, as they are very similar but they do have one major difference.  A container shares the hosts system and kernel with other containers, where as a Virtual Machine has its own resources and is managed by the Hypervisor, which it is why it is common to host a Docker Image within a VM on top of a Hypervisor, so that you gain the benefits of a Container much also managed on a Infrastructure.

This is essentially what vSphere Integrated Containers (VIC) and NSX look to do.  In a pure Docker and container environment, a server/network/security admin has no idea what’s coming in and our of each container, only the developer knows that, or should.  There is very limited control over resources and over which containers might hog resources from other containers impacting their performance.

VIC and NSX for vSphere Environments, or NSX-T alone for none vSphere virtual environments give you that enterprise manageability, performance and security, letting you see the traffic and hardware utilisation, allowing you to apply security policies and implement micro segmentation….. I digress, as you can tell I’m very fond of VIC and NSX!

What is Photon OS?

So Photon OS is a lightweight Linux Operating System which has been optimized to be run on vSphere that allows VMware customers to run containers and it supports Docker and it is also been Open Sourced for people to download https://github.com/vmware/photon

Photon is widely used throughout VMware and our products.  The eagle eyed amongst you will have noticed that the VCSA runs on Photon, and lesser known is that the majority of our TAM tools such as the TAM data collector and VMware Health Analyzer also run on Photon.

I hope you found this useful, thank you for reading

Peter