top

Docker Vs Virtual Machine: Understand the differences

Virtual machines and Docker containers, both are more than enough in order to get the most out of computer resources available in hardware and software. Docker containers are kind of new on the block, but virtual machines or VMs have been there and will continue to remain popular in data centres of all sizes. If you are looking for the best solution to run your services in the cloud, it is advised that you understand these virtualization technologies first. Learn about the differences between the two, the best way they can be used, and the capabilities each one possesses.Most of the organizations have either moved or are planning to move from on-premise computing services to cloud computing services. Cloud computing allows you access to a large pool of configurable resources that can be shared, for example - computer networks, servers, storage, applications, and services. For the implementation of cloud computing in a traditional way, virtual machines are used. However, these days Docker containers have gained a lot of popularity due to its features, as well as Dockers are considered to be of a lightweight compared to virtual machines which are heavier.According to reports, there will be a rise in the use of application containers of 40% by the end of the year 2020. Docker containers have gained a lot of popularity as it facilitates rapid and agile development. But the question arises - How are Docker containers different from virtual machines? The most important thing to know is that Docker containers are not virtual machines or lightweight virtual machines or trimmed down virtual machines. Let us compare the two and understand the major differences.What is exactly a Virtual Machine?It is said that Virtual machines were born when server processing power and capacity was increased but bare metal applications were unable to exploit the new abundance in resources. Virtual machines were built by running software on top of physical servers in order to match the requirements of a particular hardware system. A virtual machine monitor or the hypervisor is a firmware, software or hardware which helps in creating a virtual machine and runs it. It is a necessary component to virtualize the server and it sits between the virtual machine and the hardware. As cloud computing services are available and virtualization is affordable, a lot of large as well as small IT departments have adapted virtual machines in order to reduce costs and increase efficiency.Understanding Virtual MachinesLet us understand how virtual machines work starting from the bottom-most layer:Infrastructure: This can be anything, your PC or laptop, a dedicated server running in a data centre, a private virtual server used in the cloud such as Amazon EC2 instance.Host Operating System: Just on top of the infrastructure layer lies the host which runs an operating system. While you use your laptop, it will likely be Windows, MacOS or Linux. As we are discussing virtual machines, it is commonly labelled as the host operating system.Hypervisor: It is also called a virtual machine monitor. You can consider a virtual machine as a self-contained computer packed into a single file, but something is required to be able to run the file. Type 1 hypervisors and Type 2 hypervisors are used to do so. In Type 1 hypervisor, Hyper-V for Windows, HyperKit for MacOS and KVM for Linux. Some popular Type 2 hypervisors are VirtualBox and VMWare.Guest Operating System: Suppose you would like to run three applications on your server under total isolation. To run, you will need 3 guest operating systems. These guest operating systems are controlled by the hypervisors. Each guest operating system takes a disk space of around 700 MB, so the total of disk space that you use is 2.1GB utilized by guest OS and it gets more complicated when guest OS uses its own CPU and memory resources as well. This is what makes the virtual machine heavy.BINS/LIBS: Each guest operating system uses its own set of various binaries and libraries in order to run several applications. For example, if you are using Python or Node JS you will have to install packages accordingly from this layer. Since each application will be different than the other, it is expected that each application will have its own set of library requirements.Application Layer: This is the layer where you have your source code for the magical application you have developed. If you want each of these applications to be isolated, you will have to run each application inside its own guest operating system.Types of Virtual MachinesThere are different types of virtual machines, each offering various functions:System Virtual MachinesA system virtual machine is a virtual machine which allows multiple instances of the operating system to run on a host system and share the physical resources. They emulate an existing architecture and are built with the purpose of providing a platform to run several programs where real hardware is not available for use. Some of the advantages of system virtual machines are -Multiple OS environments can accommodate the same primary hard drive with a virtual partition which allows sharing files generated in either the “guest” virtual environment or the “host” operating system.Application provisioning, high availability, maintenance and disaster recovery are inherent in the virtual machine software selected.Some of the disadvantages of system virtual machines are mentioned below:When a virtual machine accesses the host drive indirectly, it becomes less efficient than the actual machine.Malware protection for virtual machines are not very compatible with the "host" and sometimes require separate software.Process Virtual MachinesA process virtual machine is also known as an application virtual machine, or Managed Runtime Environment (MRE). It is used to execute a computer program inside a host OS and it supports a single process. A process virtual machine is created when the process starts and is destroyed as soon as you exit the process. The main purpose of this type of virtual machine is to provide a platform-independent programming environment.Benefits of Virtual MachinesVirtualization provides you with a number of advantages such as centralized network management, reducing dependency on additional hardware and software, etc. Apart from these, virtual machines offer a few more benefits:Multiple OS environments can be used simultaneously on the same machine, although isolated from each other.Virtual machines have the ability to offer an instruction set architecture which differs from real computersIt has easy maintenance, application provisioning, availability and convenient recovery.Popular VM ProvidersHere are some of the selected software we think is best suited for people who want to keep things real, virtually.Oracle VM VirtualboxOracle VM Virtualbox is free of cost, supports Windows, Mac and Linux, and it has the ability to host for 100,000 registered users. If you are not sure about which operating system you should choose to use, Oracle VM VirtualBox is a really good choice to go ahead with. It supports a wide range of host and client combinations. It supports operating systems from Windows XP onward, any Linus level above 2.4, Solaris, Open Solaris and even OpenBSD Unix. It also runs on Apple’s MacOS and can host a client Mac VM session.VMware Fusion and WorkstationVMware Workstation and VMware Fusion are the industry leaders in virtualization. It is one of the few hosts which support DirectX 10 and OpenGL 3.3. It also supports CAD and other GPU accelerated applications to work under virtualization.Red Hat VirtualizationRed Hat Virtualization has more of enterprise users with powerful bare-metal options. It has two versions: a basic version which is included in Enterprise Linux with four distinct VMs on a single host and the other one is a more sophisticated Red Hat virtualization edition.Important features of virtual machinesA typical virtual machine has the following hardware features.The hardware configuration of the virtual machine is similar to that of the default hardware configuration settings.There is one processor and one processor per core. The execution mode is selected for the virtualization engine based on the host CPU and the guest operating system.A single IDE CD/DVD drive is available which is configured after receiving power and detects automatically as a physical drive on the host system when connected.A virtual network adapter is used which gets configured upon power on and uses network address translation (NAT). With the help of NAT networking, virtual machines are able to share the IP address of the host system.It has one USB controller.It has a sound card configured to use the default sound card on the host system.It has one display configured to use the display settings on the host computer.Some of the software features include:The virtual machine is not encrypted.Drag-and-drop, cut and paste features are available.Remote access by VNC clients and shared folders are disabled.What are Containers?A container is a standard unit of software which packages up the code and all its dependencies in order to run the application reliably and quickly from one computing environment to another. A Docker container image is a standalone, lightweight, executable package of the software which includes everything needed to run an application such as system tools and libraries, code, runtime, and settings.Understanding Docker ContainerThere is a lot less baggage compared to virtual machines. Let us understand each layer starting from the bottom most.Infrastructure: Similar to virtual machines, the infrastructure used in Docker containers can be your laptop or a server in the cloud.Host Operating System: This can be anything which is capable of running Docker. You can run Docker on MacOS, Windows and Linux.Docker Daemon: It is the replacement for the hypervisor. Docker Daemon is a service which runs in the background of the host operating system. It also manages the execution and interaction with Docker containersBINS/LIBS: It is similar to that on virtual machines except it is not running on a guest operating system, instead special packages called Docker images are built and finally the Docker daemon runs the images.Application: This is the ultimate destination for the docker images. They are independently managed here. Each application gets packed with its library dependencies into the same Docker image and is still isolated.Types of ContainerLinux Containers (LXC) — LXC is the original Linux container technology. It is a Linux operating system level virtualization method which is used to run multiple isolated Linux systems on a single host.Docker — Docker was first started as a project in order to build single-application LXC containers. This makes the containers more flexible and portable to use. Docker acts a Linux utility at a higher level and can efficiently create, ship, and run containers.Benefits of ContainersIt reduces IT management resourcesIt reduces the size of snapshotsIt reduces and simplifies security updatesNeeds less code in order to migrate, transfer, and upload workloadsPopular Container ProvidersLinux ContainersLXCLXDCGManagerDockerWindows Server ContainersDocker vs Virtual Machines How is a Docker Container different from a Virtual Machine?Containers are user space of the operating system whereas Docker is a container based technology. Dockers are built for running various applications. In Docker, the containers running share the host Operating system kernel.Virtual machines are not based on container technology. They are mainly made up of kernel space along with user space of an operating system. The server's hardware is virtualized and each virtual machine has operating systems and apps which shares hardware resources from the host.Both virtual machines and dockers come with merits and demerits. Within a container environment, multiple workloads can run with one operating system. It also results in reduced IT management resources, reduces the size of snapshots, quicker spinning up apps, less code to transfer, simplified and reduced updates and so on. However, within a virtual machine environment, each workload needs a complete operating system.Basic Differences between Virtual Machines and ContainersVirtual MachinesContainersVMs are heavyweightContainers are lightweightIt has limited performanceIt has native performanceEach of the virtual machines runs in its own Operating SystemAll containers share the host operating systemIt has hardware-level virtualizationIt has OS virtualizationIt takes minutes to startupIt takes milliseconds to startupRequired memory is allocatedIt requires very less memory spaceAs it is fully isolated and hence it is more secureProcess-level isolation takes place in containers, thus less secure compared to VMsUses for VMs vs Uses for ContainersBoth containers and VMs have benefits and drawbacks, and the ultimate decision will depend on your specific needs, but there are some general rules of thumb.VMs are a better choice for running apps that require all of the operating system’s resources and functionality when you need to run multiple applications on servers or have a wide variety of operating systems to manage.Containers are a better choice when your biggest priority is maximizing the number of applications running on a minimal number of servers.Who wins amongst the two?When To Use a Container vs. When to Use a Virtual MachineContainers and virtual machines, each thrive in different use cases. Let us check some of the cases and know when to use a container and when is it a good choice to use virtual machines.Virtual machines take a good amount of time to boot and shut down: This feature is heavily used in development and testing environments. If you have to spin up and power down machines regularly or clone machines, Docker containers are what you should choose over virtual machines.Containers are geared based on Linux: Virtual machines are a better choice when you want to virtualize another operating system.Dockers do not have many automation and security features: Most of the fully fledged virtual management platforms provide a variety of automation features along with built-in security from kernel level to network switches.Virtual Machine and Container Use CasesThere is a fundamental difference between the usage of containers and virtual machines. Virtual machines are applicable for virtual environments, whereas containers use the underlying operations system and do not require a hypervisor.Let us see some use cases:Virtualized EnvironmentsIn a virtualized environment, multiple operating systems are run on a hypervisor which manages the I/O on one particular machine. However, in a containerized environment, it is not virtualized and hypervisor is not used. That does not mean you cannot run a container in a virtual machine.You can run containers in a virtual machine. We know containers run on a single Operating System. As it can run several containers on one physical system, it is like mini-virtualization without a hypervisor. Hypervisors face certain limitations related to performance and it also blocks certain server components like networking controller.DevOpsContainers are used in the DevOps environment for their develop-test-build. These containers perform much faster than virtual machines, they have faster spun up and down and have better access to system resources.Containers are smaller in size and have the ability to run several servers and hundreds of virtual machines. This shows that containers have greater modularity over virtual machines. Using microservices, an app can be split into multiple containers. Due to this combination, you can avoid potential crashes and this will also help you isolate problems.Older SystemsVirtual machines are capable of hosting an older version of an operating system. Suppose an application was built for an operating system many years back, which is quite unlikely to run in a newer generation operating system. In such cases, you can run the old operating system in a virtual machine and without any changes in the app you can run it.More Secure EnvironmentsAs container needs frequent interaction with the underlying operating system or other containers, there is a security risk associated. However, in comparison to containers, virtual machines are ideal and considered to be a more secure environment.
Rated 4.5/5 based on 12 customer reviews
Normal Mode Dark Mode

Docker Vs Virtual Machine: Understand the differences

Susan May
Blog
10th Jun, 2019
Docker Vs Virtual Machine: Understand the differences

Virtual machines and Docker containers, both are more than enough in order to get the most out of computer resources available in hardware and software. Docker containers are kind of new on the block, but virtual machines or VMs have been there and will continue to remain popular in data centres of all sizes. If you are looking for the best solution to run your services in the cloud, it is advised that you understand these virtualization technologies first. Learn about the differences between the two, the best way they can be used, and the capabilities each one possesses.

Most of the organizations have either moved or are planning to move from on-premise computing services to cloud computing services. Cloud computing allows you access to a large pool of configurable resources that can be shared, for example - computer networks, servers, storage, applications, and services. For the implementation of cloud computing in a traditional way, virtual machines are used. However, these days Docker containers have gained a lot of popularity due to its features, as well as Dockers are considered to be of a lightweight compared to virtual machines which are heavier.

According to reports, there will be a rise in the use of application containers of 40% by the end of the year 2020. Docker containers have gained a lot of popularity as it facilitates rapid and agile development. But the question arises - How are Docker containers different from virtual machines? The most important thing to know is that Docker containers are not virtual machines or lightweight virtual machines or trimmed down virtual machines. Let us compare the two and understand the major differences.

What is exactly a Virtual Machine?

It is said that Virtual machines were born when server processing power and capacity was increased but bare metal applications were unable to exploit the new abundance in resources. Virtual machines were built by running software on top of physical servers in order to match the requirements of a particular hardware system. A virtual machine monitor or the hypervisor is a firmware, software or hardware which helps in creating a virtual machine and runs it. It is a necessary component to virtualize the server and it sits between the virtual machine and the hardware. As cloud computing services are available and virtualization is affordable, a lot of large as well as small IT departments have adapted virtual machines in order to reduce costs and increase efficiency.

Understanding Virtual MachinesVirtual Machine

Let us understand how virtual machines work starting from the bottom-most layer:

  • Infrastructure: This can be anything, your PC or laptop, a dedicated server running in a data centre, a private virtual server used in the cloud such as Amazon EC2 instance.
  • Host Operating System: Just on top of the infrastructure layer lies the host which runs an operating system. While you use your laptop, it will likely be Windows, MacOS or Linux. As we are discussing virtual machines, it is commonly labelled as the host operating system.
  • Hypervisor: It is also called a virtual machine monitor. You can consider a virtual machine as a self-contained computer packed into a single file, but something is required to be able to run the file. Type 1 hypervisors and Type 2 hypervisors are used to do so. In Type 1 hypervisor, Hyper-V for Windows, HyperKit for MacOS and KVM for Linux. Some popular Type 2 hypervisors are VirtualBox and VMWare.
  • Guest Operating System: Suppose you would like to run three applications on your server under total isolation. To run, you will need 3 guest operating systems. These guest operating systems are controlled by the hypervisors. Each guest operating system takes a disk space of around 700 MB, so the total of disk space that you use is 2.1GB utilized by guest OS and it gets more complicated when guest OS uses its own CPU and memory resources as well. This is what makes the virtual machine heavy.
  • BINS/LIBS: Each guest operating system uses its own set of various binaries and libraries in order to run several applications. For example, if you are using Python or Node JS you will have to install packages accordingly from this layer. Since each application will be different than the other, it is expected that each application will have its own set of library requirements.
  • Application Layer: This is the layer where you have your source code for the magical application you have developed. If you want each of these applications to be isolated, you will have to run each application inside its own guest operating system.

Types of Virtual MachinesTypes of Virtual Machines

There are different types of virtual machines, each offering various functions:

System Virtual Machines

A system virtual machine is a virtual machine which allows multiple instances of the operating system to run on a host system and share the physical resources. They emulate an existing architecture and are built with the purpose of providing a platform to run several programs where real hardware is not available for use. Some of the advantages of system virtual machines are -

  • Multiple OS environments can accommodate the same primary hard drive with a virtual partition which allows sharing files generated in either the “guest” virtual environment or the “host” operating system.
  • Application provisioning, high availability, maintenance and disaster recovery are inherent in the virtual machine software selected.

Some of the disadvantages of system virtual machines are mentioned below:

  • When a virtual machine accesses the host drive indirectly, it becomes less efficient than the actual machine.
  • Malware protection for virtual machines are not very compatible with the "host" and sometimes require separate software.

Process Virtual Machines

A process virtual machine is also known as an application virtual machine, or Managed Runtime Environment (MRE). It is used to execute a computer program inside a host OS and it supports a single process. A process virtual machine is created when the process starts and is destroyed as soon as you exit the process. The main purpose of this type of virtual machine is to provide a platform-independent programming environment.

Benefits of Virtual Machines

Virtualization provides you with a number of advantages such as centralized network management, reducing dependency on additional hardware and software, etc. Apart from these, virtual machines offer a few more benefits:

  • Multiple OS environments can be used simultaneously on the same machine, although isolated from each other.
  • Virtual machines have the ability to offer an instruction set architecture which differs from real computers
  • It has easy maintenance, application provisioning, availability and convenient recovery.

Popular VM Providers
Popular VM Providers

Here are some of the selected software we think is best suited for people who want to keep things real, virtually.

  • Oracle VM Virtualbox

Oracle VM Virtualbox is free of cost, supports Windows, Mac and Linux, and it has the ability to host for 100,000 registered users. If you are not sure about which operating system you should choose to use, Oracle VM VirtualBox is a really good choice to go ahead with. It supports a wide range of host and client combinations. It supports operating systems from Windows XP onward, any Linus level above 2.4, Solaris, Open Solaris and even OpenBSD Unix. It also runs on Apple’s MacOS and can host a client Mac VM session.

  • VMware Fusion and Workstation

VMware Workstation and VMware Fusion are the industry leaders in virtualization. It is one of the few hosts which support DirectX 10 and OpenGL 3.3. It also supports CAD and other GPU accelerated applications to work under virtualization.

  • Red Hat Virtualization

Red Hat Virtualization has more of enterprise users with powerful bare-metal options. It has two versions: a basic version which is included in Enterprise Linux with four distinct VMs on a single host and the other one is a more sophisticated Red Hat virtualization edition.

Important features of virtual machines

A typical virtual machine has the following hardware features.

  • The hardware configuration of the virtual machine is similar to that of the default hardware configuration settings.
  • There is one processor and one processor per core. The execution mode is selected for the virtualization engine based on the host CPU and the guest operating system.
  • A single IDE CD/DVD drive is available which is configured after receiving power and detects automatically as a physical drive on the host system when connected.
  • A virtual network adapter is used which gets configured upon power on and uses network address translation (NAT). With the help of NAT networking, virtual machines are able to share the IP address of the host system.
  • It has one USB controller.
  • It has a sound card configured to use the default sound card on the host system.
  • It has one display configured to use the display settings on the host computer.

Some of the software features include:

  • The virtual machine is not encrypted.
  • Drag-and-drop, cut and paste features are available.
  • Remote access by VNC clients and shared folders are disabled.

What are Containers?

A container is a standard unit of software which packages up the code and all its dependencies in order to run the application reliably and quickly from one computing environment to another. A Docker container image is a standalone, lightweight, executable package of the software which includes everything needed to run an application such as system tools and libraries, code, runtime, and settings.

Understanding Docker ContainerDocker Container

There is a lot less baggage compared to virtual machines. Let us understand each layer starting from the bottom most.

  • Infrastructure: Similar to virtual machines, the infrastructure used in Docker containers can be your laptop or a server in the cloud.
  • Host Operating System: This can be anything which is capable of running Docker. You can run Docker on MacOS, Windows and Linux.
  • Docker Daemon: It is the replacement for the hypervisor. Docker Daemon is a service which runs in the background of the host operating system. It also manages the execution and interaction with Docker containers
  • BINS/LIBS: It is similar to that on virtual machines except it is not running on a guest operating system, instead special packages called Docker images are built and finally the Docker daemon runs the images.
  • Application: This is the ultimate destination for the docker images. They are independently managed here. Each application gets packed with its library dependencies into the same Docker image and is still isolated.

Types of ContainerTypes of Container

Linux Containers (LXC) — LXC is the original Linux container technology. It is a Linux operating system level virtualization method which is used to run multiple isolated Linux systems on a single host.

Docker — Docker was first started as a project in order to build single-application LXC containers. This makes the containers more flexible and portable to use. Docker acts a Linux utility at a higher level and can efficiently create, ship, and run containers.

Benefits of Containers

  • It reduces IT management resources
  • It reduces the size of snapshots
  • It reduces and simplifies security updates
  • Needs less code in order to migrate, transfer, and upload workloads

Popular Container ProvidersPopular Container Providers

  1. Linux Containers
    1. LXC
    2. LXD
    3. CGManager
  2. Docker
  3. Windows Server Containers

Docker vs Virtual Machines 

How is a Docker Container different from a Virtual Machine?

  • Containers are user space of the operating system whereas Docker is a container based technology. Dockers are built for running various applications. In Docker, the containers running share the host Operating system kernel.
  • Virtual machines are not based on container technology. They are mainly made up of kernel space along with user space of an operating system. The server's hardware is virtualized and each virtual machine has operating systems and apps which shares hardware resources from the host.

Both virtual machines and dockers come with merits and demerits. Within a container environment, multiple workloads can run with one operating system. It also results in reduced IT management resources, reduces the size of snapshots, quicker spinning up apps, less code to transfer, simplified and reduced updates and so on. However, within a virtual machine environment, each workload needs a complete operating system.

Basic Differences between Virtual Machines and Containers

Virtual MachinesContainers
VMs are heavyweightContainers are lightweight
It has limited performanceIt has native performance
Each of the virtual machines runs in its own Operating SystemAll containers share the host operating system
It has hardware-level virtualizationIt has OS virtualization
It takes minutes to startupIt takes milliseconds to startup
Required memory is allocatedIt requires very less memory space
As it is fully isolated and hence it is more secureProcess-level isolation takes place in containers, thus less secure compared to VMs

Uses for VMs vs Uses for Containers

Both containers and VMs have benefits and drawbacks, and the ultimate decision will depend on your specific needs, but there are some general rules of thumb.

  • VMs are a better choice for running apps that require all of the operating system’s resources and functionality when you need to run multiple applications on servers or have a wide variety of operating systems to manage.
  • Containers are a better choice when your biggest priority is maximizing the number of applications running on a minimal number of servers.

Who wins amongst the two?

When To Use a Container vs. When to Use a Virtual Machine

Containers and virtual machines, each thrive in different use cases. Let us check some of the cases and know when to use a container and when is it a good choice to use virtual machines.

  • Virtual machines take a good amount of time to boot and shut down: This feature is heavily used in development and testing environments. If you have to spin up and power down machines regularly or clone machines, Docker containers are what you should choose over virtual machines.
  • Containers are geared based on Linux: Virtual machines are a better choice when you want to virtualize another operating system.
  • Dockers do not have many automation and security features: Most of the fully fledged virtual management platforms provide a variety of automation features along with built-in security from kernel level to network switches.

Virtual Machine and Container Use Cases

There is a fundamental difference between the usage of containers and virtual machines. Virtual machines are applicable for virtual environments, whereas containers use the underlying operations system and do not require a hypervisor.

Let us see some use cases:

Virtualized Environments

In a virtualized environment, multiple operating systems are run on a hypervisor which manages the I/O on one particular machine. However, in a containerized environment, it is not virtualized and hypervisor is not used. That does not mean you cannot run a container in a virtual machine.

You can run containers in a virtual machine. We know containers run on a single Operating System. As it can run several containers on one physical system, it is like mini-virtualization without a hypervisor. Hypervisors face certain limitations related to performance and it also blocks certain server components like networking controller.

DevOps

Containers are used in the DevOps environment for their develop-test-build. These containers perform much faster than virtual machines, they have faster spun up and down and have better access to system resources.

Containers are smaller in size and have the ability to run several servers and hundreds of virtual machines. This shows that containers have greater modularity over virtual machines. Using microservices, an app can be split into multiple containers. Due to this combination, you can avoid potential crashes and this will also help you isolate problems.

Older Systems

Virtual machines are capable of hosting an older version of an operating system. Suppose an application was built for an operating system many years back, which is quite unlikely to run in a newer generation operating system. In such cases, you can run the old operating system in a virtual machine and without any changes in the app you can run it.

More Secure Environments

As container needs frequent interaction with the underlying operating system or other containers, there is a security risk associated. However, in comparison to containers, virtual machines are ideal and considered to be a more secure environment.

Susan

Susan May

Writer, Developer, Explorer

Susan is a gamer, internet scholar and an entrepreneur, specialising in Big Data, Hadoop, Web Development and many other technologies. She is the author of several articles published on Zeolearn and KnowledgeHut blogs. She has gained a lot of experience by working as a freelancer and is now working as a trainer. As a developer, she has spoken at various international tech conferences around the globe about Big Data.


Website : https://www.zeolearn.com

Leave a Reply

Your email address will not be published. Required fields are marked *

SUBSCRIBE OUR BLOG

Follow Us On

Share on

other Blogs

20% Discount