Journey from Bare-Metal to Containerisation

Question:- Explain something about the Bare-Metal Servers ?

• A Bare Metal Server is a physical computer, that is single tenant only. Once upon a time, all servers were Bare-Metal.
• Bare-Metal gives us complete control over the hardware resources and software stacks to run.

Question:- What are the advantages of using Bare-Metal Servers ?

Answer → Bare-Metal is the option to go for the software-applications that require the absolute highest performance from the Hardware. Bare-Metal Servers are physically Isolated. Here are following advantages of Bare-Metal Servers :-

• It’s not affected by the Noisy-Neighbour problem → This problem occurs when one tenant’s performance is impacted because of the activities of another tenant sharing the same hardware.

• It provides Highest Level of Security → It is not impacted by Side-Channel-Attacks. These attacks take advantage of the design-flaws in modern micro-processors to allow a malicious tenant to steal secrets from its neighbours.

Question:- When should we make use of Bare-Metal Servers ?

Answer → The Strong Security guarantee, is another reason to use Bare-Metal Servers. When an application needs to meet the most stringent security, compliance or regulatory requirements.

Question:- What are some disadvantaged of Bare-Metal Servers ?

• Bare-Metal Servers are expensive, hard-to-manage and hard-to-scale.
• Acquiring new hardware takes time and it also takes a competant team to manage them well.

Question:- Explain something about the Virtual-Machines ?

Answer → A Virtual-Machine is the emulation of a Physical-Computer. This is called as Virtualisation. Many VMs can run on a single piece of Bare-Metal hardware. Below is how the VMs are ran on Bare-Metal-Servers :-

• On top of Bare-Metal-Hardware, runs the host Operating-System.
• Another piece of software called Hypervisor, runs on the top of OS. This is also known as Virtual-Machine Monitor.

Question:- Explain something about Hypervisor ?

Answer → This software manages Virtual-Machines.

• It creates an Abstraction Layer over the hardware, so that multiple Operating-Systems can run alongside each other.
• Each VM has it’s own Guest OS and on top of this Guest OS, runs the applications for a tenant.

Question:- What is the difference between Hypervisor and Bare-Metal-Hypervisor ?

Answer → A Bare-Meal-Hypervisor controls the hardware directly without relying upon the host OS.

• It gives full control over the hardware and provides higher performance.
• However, the hardware that supports the Bare-Metal-Hypervisor, is usually more expensive.

Question:- What is the flexibility available with Virtual-Machines ?

Answer → These days we can choose VMs of pretty much any size to fit our workloads from :-

• General purpose VMs with just a few CPU-cores and a few GBs of memory.
• High performance VMs with hundreds of CPU-cores and terabytes of memory.

Question:- What are some advantages of Virtual-Machines ?

Along with the aforementioned advantages, It’s easy to scale both vertically & horizontally to the VMs :-

Question:- What are some dis-advantages of using Virtual-Machines ?

Answer → Following are some dis-advantages working with Virtual-Machines ?

• Noisy-Neighbour Problem → If our application co-locates with a resource-hog of a neighbour, our own application-performance could suffer. VMs running on the same Bare-Metal-Hardware, share the same physical CPU-cores.
• Vulnerable to Security Attack → Some attacks aim at leveraging design flaws in modern microprocessors. Side Channel Attacks like Meltdown and Spectre are some well known examples.

Question:- Explain something about the Containers ?

• A Container is a standalone and a lightweight package of an application with all its dependencies like Libraries, Frameworks and Runtime.
• Like Virtualisation, here we have a Bare-Metal hardware and a host operating system.

Question:- How is Containerisation different from Virtualisation ?

Answer → Following are the differences between the Containerisation & Virtualisation :-

• Containerisation is considered to be a Lightweight version of Virtualisation.
• Next, Instead of virtualising the hardware with Hypervisor, we virtualise the OS itself with a piece of special software called the Container-Engine.

Question:- What is Containerisation ?

Answer → On top of Container-Engine runs many Containers.

• Each of Containers is its own Application-Environment isolated from each other.
• The Container-Engine provides even faster resource provisioning.
• All the resources needed to run the application, are packaged together, so that applications can run anywhere.

Question:- Whether containers are scalable enough ?

Answer → Containers are Scalable and Portable.

• These are light-weight and require less hardware-resources to run, as compared to VMs.
• A Bare-metal hardware can host significantly more containers than virtual-machines.

Question:- Why containers are faster ?

Answer → Since each container runs as a native process of the host Operating-System, they are much faster to start too. All these containers are even easier to deploy & maintain at a scale too.

Question:- Are containers secure enough ?

Answer → Containers are less secure. They share the same underlying Operating-System and isolation relies on the OS-level primitives. This means that, Containers are vulnerable to wider class of security-vulnerabilities at the Operating System level.

Question:- Is it possible to run containers inside the Virtual-Machines ?

Answer → Yes, It is very much possible to run containers inside the Virtual-Machines. The reason that we may want to do this is because : It offers better Security, by reducing the possible Attack-Surfaces.

That’s all in this blog. If you liked reading this, do clap on this page. We shall see you in next document.