Containers vs Serverless – What’s the Difference? (Pros and Cons). Containers and serverless computing are two technologies for application deployment. They assist DevOps teams to deploy applications faster and more cost efficiently. In this article we compare containers serverless to understand why DevOps team prefer one technology over the other and vice versa.
Technology is a wonderful thing. Not only can we use it to create systems running on other systems (in the case of virtual machines), but we can also use it to create containerized apps that are largely environment agnostic.
But with serverless that entire dynamic changes: no more virtualization. Instead, a simple cloud based environment where functions can be executed as required. Given the ostensible similarity between containers and serverless, a clearer distinction between the two can help you determine when to use which, or the one as part of the other.
A container is an application and what makes a container different from an app, is that you have it installed on your computer and that it comes bundled with all the operating system components it needs to run. This makes it virtually independent of the host operating system (on top of which it is run), with the only condition being kernel compatibility. As such, you’ll find that containers that virtualize some flavor of Linux can easily be run on other Linux systems, but less so on Windows.
Containers can also be linked to each other. For example, to run WordPress you’d typically require a web server like Apache or Nginx, MySQL as a database management system, and PHP. Each of these applications can run in separate images but, through linking, operate as if installed on a single machine to provide a fully functional WordPress installation.
Containers are applications bundled with the libraries, binaries, and other components needed to run. Because of their small size, they can easily be transferred to and run on other systems and similar OS environments.
Microservices architectures
You’ll often hear talk of ‘monolithic’ applications, which refers to a single application with all its smaller functions and services as an inseparable part of the whole. With a microservices architecture, these smaller services can be individually developed and maintained, optionally using a custom code stack. Josh Pollock provides a practical example of microservice architecture in action here.
Easy automation
Thanks to their lightweight nature, containers can be provisioned on a grand scale using container orchestration software, like Docker Swarm or Kubernetes.
Scalability
In the same breath as automation above comes scalability, which is where containers excel. Heavy application loads can be tamed with relative ease by creating more instances of an application within predetermined resource confines. Their small size (and optional microservices architecture) enables granular resource management.
Security vulnerabilities in either the container or host operating system can make the other vulnerable to attacks. Strict security protocols have to be implemented on both to deliver protection.
No default limits
If resource limitations aren’t specified at runtime, a container will use as much system resources as the host operating system kernel allows. In resource-intensive scenarios, this can lead to performance problems or even system failures.
Little Windows support
Although Windows does support containers, it’s not as widely supported as Linux. And with Microsoft’s release of cross-platform .NET Core, the Windows based container ecosystem is unlikely to catch up.
Not interactive
Configuration changes can’t be made once a container image is running.
We have read about containers and now in this blog article Containers vs Serverless – What’s the Difference? we introduce serverless.
What is serverless?
Serverless is a cloud computing execution model. Unlike containers and virtual machines, it does not rely on virtualization. Instead, serverless provides the compute power necessary to execute code. Think of it as on-demand compute power on a system owned and maintained by someone else.
In serverless a unit of code that can be executed is called a function. A function can be invoked when triggered by an event, such as file uploads, monitoring alerts, HTTP requests, and so on.
One of the key benefits of serverless computing is that it automatically enforces a separation of responsibility since it does not require server or environment configuration, capacity planning, scaling, and so on. The sole purpose of serverless is to provide an environment where a function can be executed. As such, billing is typically based on executions / resource consumption.
The purpose of serverless execution can be best illustrated by a few use cases. These include:
Image processing: When a user uploads a photo of his or her ID, a facial recognition function can be triggered. Alternatively, a function can be triggered where the image is scaled and cropped.
IoT sensor messages: When a motion detecting camera records movement, a function can be triggered which sends out alerts.
New user signup: When a new user signs up to your website, a function can be triggered which sends out a welcome email. Alternatively, a function can also be used to perform SSO.
Video conversion: When a user uploads a video, a function can be executed that transcodes the video into a different format.
Execute resource code quickly on a one off basis.
Run finite amounts of application code in the cloud -no virtual server needed and no payment for ongoing cloud resources.
Given that serverless is billed on used resources as mentioned above, you’ll never pay for idle time, as is the case with virtual machines.
Scalability
The resources required to execute functions are automatically provisioned. Additional function instances can be automatically created depending on the load, and within predefined limits.
Zero maintenance
Developers can focus on mission critical tasks since infrastructure maintenance is exclusively the responsibility of the service provider.
Reliability
Since infrastructure can be scaled behind the scenes as needed, serverless functions tend to enjoy high availability.
Fault tolerance
Fewer moving parts (e.g. configuration, maintenance, etc.) means that serverless functions have a higher fault tolerance than, say, containers or virtual machines.
Run as a microservice
Serverless can run as a microservice of a containerized application to handle a specific function.
One of serverless’ greatest strengths is also one of its greatest weaknesses: less control over the underlying software and infrastructure means greater reliance on the service provider to fix misconfigurations, hardware failures, broken network connections, and so on.
Vendor lock-in
Some service providers provide long term contracts. Others encourage the use of their APIs, databases, and associated services over those of competitors.
Security
You’re dependent on the service provider for adequate isolation from other tenants on the same server. Misconfigurations can result in your data being exposed.
Testing
Running tests on individual functions is easy. Running tests to determine integration with your website or app, less so.
Short-term use
Serverless execution is best suited to functions intermittently triggered by events. When a serverless function is continuously running, it could turn out to be more expensive than running the same code as part of a container or on a virtual machine.
Complex apps can be hard to build
So Containers vs Serverless – What’s the Difference?
Container microservices architecture gives you full control of the whole system that leads to improved security and migration services.
Full control gives you the ability test, sort bugs in code.
Serverless
Dealing with Faas infrastructure your focus more on developing your product and business outcomes. It leads to reduction of the time to market.
Billing
Containers
Docker’s lowest tier is free, which means running one or multiple containers on your local system or in the cloud will simply cost you a little elbow grease. This includes orchestration with Docker Swarm. Paid tiers are available, each with its own unique features – from access control to large scale repository image pulls, vulnerability scans, and more. Other container orchestration services like Google’s Kubernetes also have a free tier, but commonly with a lower paid-tier threshold.
Serverless
Getting started with serverless is free on most platforms. How long it remains free depends on the number of times a function is executed, and also the services employed. Serverless.com, for example, provides 100,000 free transactions (read: code executions). Similarly, AWS also provides free tiers, with varying thresholds depending on the products or services you choose.
Security
Containers
As previously mentioned, container security is a concern given that container and OS vulnerabilities can affect each other. Container Security is a burgeoning discipline focused entirely on protecting containers against attacks. From paloaltonetworks.com:
Container security is the process of implementing tools and policies to ensure that container infrastructure, apps, and other container components are protected across their entire attack surface.
Serverless
Serverless environments may have a smaller attack surface than containers or virtual machines, but that does not mean they are secure. Key serverless security concerns include identity and access management (IAM), and, as previously mentioned, coding practices. To illustrate: event data injection is a common security concern in serverless, where untrusted input is passed to the function.
Portability
Containers
I’ve previously mentioned that containers can be run in similar environments. Specifically, this refers to the fact that containers are typically built on Linux. Linux distributions typically share a common kernel, which enables container portability across distributions.
Serverless
Where serverless is concerned, portability isn’t as straightforward. Vendor lock in described above comes into play here, and if we examine the differences between vendors, simply moving code from one to the other isn’t feasible. Vendors typically differentiate in product scope and how API requests are handled, which potentially means code updates to adapt to a new vendor.
Serverless is almost exclusively relegated to the public cloud on platforms such as AWS Lambda and Azure Functions.
Code stack
Containers
By their very nature, containers come bundled with everything they need. As long as they are run in a kernel-compatible environment, they remain independent of the code stack installed on the operating system.
Serverless
What’s true for containers isn’t true for serverless. You’ll have to check whether your FaaS provider supports your language of choice. Some may provide a runtime API to cater for natively unsupported languages.
Great effort! We finished reading Containers vs Serverless – What’s the Difference? (Pros and Cons).
Containers vs Serverless - What's the Difference? Conclusion
Both containers and serverless allow developers to focus on apps and code without worrying about infrastructure maintenance. The main difference between the two is control – with containers the code stack is included, whereas with serverless it is provisioned, configured, and maintained by the service provider.
Containers are best suited if you require flexibility to install the software with specific version requirements. You have the choice with underlying operating system and you control what programming language will be used.
But containers are not cheap and require a lot of maintenance and set up.
Serverless is a cloud computing model where the cloud provider manages the provisioning of servers. Serverless has many benefits like lower costs, easier scalability and quicker deployment. With serverless you pay as you use the resources. But there is a minus with vendor support and ecosystem lock in.
Containers vs serverless- which one to choose? Pick containers if flexibility is the main factor. Serverless should be your pick if you need speed of development, automatic scaling and much lower runtime costs.
I'm a freelance writer in the tech industry. When I'm not writing about hosting-related topics, I spend my time doing calisthenics or in the ocean doing my level best to stand on a surfboard.
00votes
Article Rating
Subscribe
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.