Docker or VM？

VM-based  virtualization and cloud computing have the advantages of isolation,  which is useful for public clouds and server consolidation. Building  applications for the cloud rather than moving them to the cloud reduces  the need to support this level of isolation. Enterprises can host  containers on public cloud VMs, in the data center and even on client  devices. Docker's new orchestration tools deploy container-based  components and combine them to support workflows. These tools can  facilitate hybrid cloud use with easy failover support.
 
Containers  are well suited for applications based on SOA/REST componentization  principles. These apps have components that are relatively small, widely  distributed, move between clouds, scale dynamically or run  sporadically. A decision to run Linux containers is a decision to run  Docker.
 
Unlike VMs, containers do not need to run a full version  of an operating system, opening the door for a new level of  consolidation.
 A lightweight container approach would be especially  appealing to cloud providers because even small efficiency improvements  can make a difference in their ability to provide aggressive pricing to  customers.
 
With container-based virtualization, there isn't the  overhead associated with having each guest run a completely installed  operating system. This approach can also improve performance because  there is just one operating system taking care of hardware calls. A  disadvantage of container-based virtualization, however, is that each  guest must use the same operating system the host uses.
 
(Full virtualization, Paravirtualization, Container-based virtualization,)
Initially,  virtualization options on Linux x86 were limited to full  virtualization, where the virtualization software had to completely  isolate the guest operating system and emulate the hardware entirely. In  fact, hypervisor virtualization is actually baked into the Linux kernel  now in the form of the Linux Kernel Virtual Machine, which is a way to  turn the Linux kernel into a hypervisor by adding a kernel module.

Paravirtualization,  which requires the guest operating systems to be modified.  Paravirtualization allows the guest OS to interact more directly with  the host system's hardware, and it provides a performance benefit for  the guest OS. The downside is that the guest OS has to be modified to be  aware that it's being virtualized.
Container-based virtualization, is also called operating system virtualization

With  container-based virtualization, installing a guest OS is not as  straightforward as hypervisor solutions. That is, you can't just pop in a  DVD or CD to whip up a new guest machine. You'll need to create a  container template, if you're using something like OpenVZ or Parallels  Virtuozzo Containers. Usually you'll not need to create these on your  own, though as OpenVZ provides quite a few templates and Parallels
 
Containers  are especially popular in hosting environments or any scenario where  there's a need to consolidate a large number of Linux instances.provides  supported templates for its users.the container-based solutions should  be able to address as many CPUs and as much RAM as the host kernel.

Docker is a Linux-based, open source application container abstraction and virtualization mechanism.

Traditional  virtualization techniques (as implemented by Xen, VMWare, KVM, etc.)  are deemed to be more secure than containers, since they provide an  extra level of isolation. A container can issue syscalls to the host  kernel, while a full VM can only issue hypercalls to the host  hypervisor, which will generally have a much smaller surface of attack."
 
http://www.quora.com/Zhou-Mingchun/all_posts