A virtual machine virtualizes the hardware itself, so each instance boots and runs its own full operating system on top of a hypervisor. This gives strong, hardware-level isolation and the ability to run a completely different OS from the host, but each VM is gigabytes in size and takes minutes to start.
VMs and containers are complementary rather than competing: cloud providers typically run customers’ containers inside VMs, using the VM as the hard security boundary and containers as the fast, cheap packaging within it.
