Lack of Isolation
One of the key worries about containers is that they don’t provide the same level of isolation to applications as virtual machines do. An advantage of using VMs is the abstraction at the physical hardware level that translates to individual kernels; these individual kernels limit the attack surface to the hypervisor. In theory, vulnerabilities in particular OS versions can’t be leveraged to compromise other VMs running on the same physical host. Since containers share the same kernel, admins and software vendors need to apply special care to avoid security issues from adjacent containers.
Operating System Dependency
Since applications running in containers share the operating system of the container host that means that containerized applications must run on a host running the same type of operating system. That means that, unlike with virtual machines, a Linux application in a container can’t run on a Windows container host, and vice versa.
Persistent Data Storage is Complicated
By design, all of the data inside a container disappears forever when the container shuts down, unless you save it somewhere else first. There are ways to save data persistently in Docker, such as Docker Data Volumes, but this is arguably a challenge that still has yet to be addressed in a seamless way.
Management
Solutions such as Docker make container management easier, but many customers still find container management more of an art than a science
Responsive Solutions Globally