Overview

Docker

Stacks194.2K

Followers143.8K

Votes3.9K

ZeroVM

Stacks2

Followers10

Votes0

GitHub Stars826

Forks77

Docker vs ZeroVM: What are the differences?

Introduction

In this article, we will explore the key differences between Docker and ZeroVM, two popular technologies used for containerization. Both Docker and ZeroVM offer solutions for isolating and running applications, but they have several distinct features that set them apart.

Architecture: Docker is based on a client-server architecture where the Docker daemon runs on the host machine and manages all the containers. On the other hand, ZeroVM follows a peer-to-peer architecture where each container runs independently without the need for a central daemon.
Performance: ZeroVM focuses on providing minimal overhead and high-performance isolation, making it ideal for use cases with strict performance requirements. Docker, on the other hand, offers a more comprehensive ecosystem with additional features such as networking, storage, and orchestration, which can introduce some overhead.
Security: Docker relies on namespaces and control groups to provide basic isolation between containers, but it may still be susceptible to certain security vulnerabilities if not properly configured. ZeroVM, on the other hand, provides strong isolation through the use of a secure hypervisor technique called 'secure execution environments,' making it suitable for handling sensitive workloads.
Size and Footprint: Docker containers typically have larger sizes compared to ZeroVM. This is because Docker containers include a minimal operating system and system libraries, providing a complete runtime environment. ZeroVM, on the other hand, is designed to be extremely lightweight and modular, allowing applications to be deployed in much smaller and faster container units.
Flexibility and Portability: Docker has a vast ecosystem with a wide range of pre-built images and tools, making it easier to package and distribute applications across different environments. ZeroVM, on the other hand, provides a more bare-metal approach, giving developers more control over the execution environment but requiring them to handle more aspects of application deployment.
Community and Adoption: Docker has gained widespread popularity and has a large and active community of developers, which means finding support and resources is easier. ZeroVM, although not as widely adopted, still has a dedicated user base and is known for its unique features and performance benefits.

In summary, Docker and ZeroVM have different architectural approaches, performance characteristics, security measures, container sizes, flexibility/portability options, and levels of community adoption. Both technologies have their strengths and are suitable for different use cases depending on the specific requirements of the application being deployed.

🔥 Trending in Container Registry on StackShare

SpinKube Container Registry

Hyper-efficient serverless on Kubernetes, powered by WebAssembly

Try it View Docs Alternatives

Try

0

6

Advice on Docker, ZeroVM

Florian

IT DevOp at Agitos GmbH

Oct 22, 2019

Decided

lxd/lxc and Docker aren't congruent so this comparison needs a more detailed look; but in short I can say: the lxd-integrated administration of storage including zfs with its snapshot capabilities as well as the system container (multi-process) approach of lxc vs. the limited single-process container approach of Docker is the main reason I chose lxd over Docker.

482k views482k

Comments

Detailed Comparison

Docker	ZeroVM
The Docker Platform is the industry-leading container platform for continuous, high-velocity innovation, enabling organizations to seamlessly build and share any application — from legacy to what comes next — and securely run them anywhere	ZeroVM is an open source virtualization technology that is based on the Chromium Native Client (NaCl) project. ZeroVM creates a secure and isolated execution environment which can run a single thread or application. ZeroVM is designed to be lightweight, portable, and can easily be embedded inside of existing storage systems.
Integrated developer tools; open, portable images; shareable, reusable apps; framework-aware builds; standardized templates; multi-environment support; remote registry management; simple setup for Docker and Kubernetes; certified Kubernetes; application templates; enterprise controls; secure software supply chain; industry-leading container runtime; image scanning; access controls; image signing; caching and mirroring; image lifecycle; policy-based image promotion	Small, Light, Fast - ZeroVM is extremely small, lightweight, and fast. An execution environment can start in as little as 5 milliseconds.;Secure - ZeroVM security is derived from the Chromium Native Client (NaCl) project and is based on the concept of software fault isolation.;Hyper-Scalable - ZeroVM makes it easy to create large clusters of instances, aggregating the compute power of many individual physical servers into a single execution environment.;Embeddable - ZeroVM is designed to be embedded into existing storage systems.;Functional (Deterministic) - Execution inside a ZeroVM environment is functionally pure or deterministic, meaning that for any given set of inputs ZeroVM will always produce the exact same output.
Statistics
GitHub Stars -	GitHub Stars 826
GitHub Forks -	GitHub Forks 77
Stacks 194.2K	Stacks 2
Followers 143.8K	Followers 10
Votes 3.9K	Votes 0
Pros & Cons
Pros 823 Rapid integration and build up 692 Isolation 521 Open source 505 Testability and reproducibility 460 Lightweight Cons 8 New versions == broken features 6 Documentation not always in sync 6 Unreliable networking 4 Moves quickly 3 Not Secure	No community feedback yet
Integrations
Java Docker Compose VirtualBox Linux Amazon EC2 Container Service Docker Swarm boot2docker Kubernetes Docker Machine Vagrant	No integrations available

What are some alternatives to Docker, ZeroVM?

LXD

LXD isn't a rewrite of LXC, in fact it's building on top of LXC to provide a new, better user experience. Under the hood, LXD uses LXC through liblxc and its Go binding to create and manage the containers. It's basically an alternative to LXC's tools and distribution template system with the added features that come from being controllable over the network.

LXC

LXC is a userspace interface for the Linux kernel containment features. Through a powerful API and simple tools, it lets Linux users easily create and manage system or application containers.

rkt

Rocket is a cli for running App Containers. The goal of rocket is to be composable, secure, and fast.

Vagrant Cloud

Vagrant Cloud pairs with Vagrant to enable access, insight and collaboration across teams, as well as to bring exposure to community contributions and development environments.

Studio 3T

It's the only MongoDB tool that provides three ways to explore data alongside powerful features like query autocompletion, polyglot code generation, a stage-by-stage aggregation query builder, import and export, SQL query support and more.

OpenVZ

Virtuozzo leverages OpenVZ as its core of a virtualization solution offered by Virtuozzo company. Virtuozzo is optimized for hosters and offers hypervisor (VMs in addition to containers), distributed cloud storage, dedicated support, management tools, and easy installation.

SmartOS

It combines the capabilities you get from a lightweight container OS, optimized to deliver containers, with the robust security, networking and storage capabilities you’ve come to expect and depend on from a hardware hypervisor.

Clear Containers

We set out to build Clear Containers by leveraging the isolation of virtual-machine technology along with the deployment benefits of containers. As part of this, we let go of the "generic PC hardware" notion traditionally associated with virtual machines; we're not going to pretend to be a standard PC that is compatible with just about any OS on the planet.

Flatpak

It is a next-generation technology for building and distributing desktop applications on Linux

Lima

It launches Linux virtual machines with automatic file sharing, port forwarding, and containerd. It can be considered as some sort of unofficial "macOS subsystem for Linux", or "containerd for Mac". It is expected to be used on macOS hosts, but can be used on Linux hosts as well. It may work on NetBSD and Windows hosts as well.