Virtual machines are great. They’re cool for testing operating systems, and let you deploy machines and add and remove applications and services. But they’re big and resource-intensive.
Containers are the new kids. Think in terms of deploying a virtualized application, rather than a whole OS. The big names here are Docker and Kubernetes, with the latter being a Red Hat technology being absorbed (if the merger goes through) by IBM.
Which should you use? It depends on what you’re doing. Techrepublic reduces it to two bullet points:
- Do you need a full platform that can house multiple services? Go with a virtual machine.
- Do you need a single service that can be clustered and deployed at scale? Go with a container.
If you’re looking at this from an enterprise perspective, see ITWorld’s article, “Containers vs. virtual machines: How to tell which is the right choice for your enterprise. There’s a lot more to it than just how many apps you can put in a box.” https://www.itworld.com/article/2915530/virtualization/containers-vs-virtual-machines-how-to-tell-which-is-the-right-choice-for-your-enterprise.html
So instead of deploying a VM running Oracle, you can deploy the database as a service, that is, a stand-alone virtualized application/service. And Docker in particular allows container clustering, which means a really high degree of fault tolerance and redundancy.
What should system people know? You should study Docker and Kubernetes and how they could save your organization money and resources. One good place to start is by beginning to experiment with Kubernetes: https://github.com/kubernetes/kubernetes/blob/ec2e767e59395376fa191d7c56a74f53936b7653/pkg/controller/volume/persistentvolume/pv_controller.go
What should hackers know? Study the vulnerabilities of these same technologies, because they are going to form a large part of the attack surface you’ll be confronting in the future.