Docker vs OpenVZ
Last updated: October 17, 2017
Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications. Consisting of Docker Engine, a portable, lightweight runtime and packaging tool, and Docker Hub, a cloud service for sharing applications and automating workflows, Docker enables apps to be quickly assembled from components and eliminates the friction between development, QA, and production environments. As a result, IT can ship faster and run the same app, unchanged, on laptops, data center VMs, and any cloud.
OpenVZ is container-based virtualization for Linux. OpenVZ creates multiple secure, isolated Linux containers (otherwise known as VEs or VPSs) on a single physical server enabling better server utilization and ensuring that applications do not conflict. Each container performs and executes exactly like a stand-alone server; a container can be rebooted independently and have root access, users, IP addresses, memory, processes, files, applications, system libraries and configuration files.
Face to face in the news:
2015 - Docker adds new security tools for containers to stand out over OpenVZ
Docker announced three new security tools and features for containers. These tools are meant to make using containers safer without interrupting the usual developer workflow. They include support for hardware signing with a Yubico hardware key, and user namespaces support so Docker containers don’t need to have root access anymore. These two new features are now available in Docker’s experimental release channel. Now, developers who own a YubiKey 4, can automatically sign their containers to ensure the integrity of their apps throughout the pipeline. Docker worked with Yubico to build this touch-to-sign code signing system right into the Docker command line tools. The company also announced that it will now regularly scan all the roughly 90 official repos in the Docker Hub to look for potential vulnerabilities and publish its findings.