Containers and virtual machines are both parts of virtualization systems, where hardware environments are abstracted into a series of virtual or logical components. However, containers and virtual machines are different technologies, and parts of differently arranged virtualization systems.
With a virtual machine system, a hypervisor sits on top of bare metal hardware architectures, and virtual machines are provisioned from that system. Virtual machines are planned individually with their own operating systems and workloads.
With a container system, the operating system gets installed, and then container instances share that host operating system.
The main difference is that since containers do not each have their own operating systems, they are less resource-intensive. This leads to the opportunities offered by container technology. Companies can do more with the system, because they do not have to give each container instance its own operating system. The shared architecture of containers is a large part of the appeal of these alternative systems.
On the other hand, the insular nature of virtual machines, where cloned virtual machines can operate independently of each other, offers more redundant and failsafe results for businesses. Experts talk about a single point of failure that is a vulnerability for container systems. Many types of security concerns about containers go along with this philosophy – like the idea is that a single malware attack can more easily destroy the entire container system.
Both container and virtual machine technologies are fairly new, though container systems have evolved more recently as an alternative, and both of these technologies are being innovated to produce new kinds of results for IT systems.