Containers: The new building blocks for apps

Moving to containers is in demand and is in tune with the devops trend toward delivering microservices

shipping containers cargo containers harbor industry commerce

Without question, 2014 has been the year of the container, with Docker’s containerization tools adopted by major cloud platforms as well as Red Hat and Ubuntu.

Docker is not alone, with other containerization technologies getting significant attention from the engineering and investment worlds -- and with Microsoft building its own containerization technology into the next release of Windows.

Containing the world, piece by piece

Containerization, as implemented by tools like Docker, is a way of abstracting applications and services from the underlying OS in a way that makes it easy to quickly deploy applications in virtual machines or on physical servers in secure, isolated user spaces. IBM used containers on its mainframes, and ISPs have used them for decades to deliver virtual private servers, sharing expensive compute and storage resources between customers' Web servers.

So why the sudden popularity? It’s because this model is in tune with the devops trend toward delivering microservices, making it easy to encapsulate the components and applications that make a service for both test and deployment.

A decade ago, when virtualization took a turn down the hypervisor path, work on containers continued. Sun built them into Solaris, and Parallel’s ISP software business worked to get its Virtuzzo containers built into Linux with the intent of using them to kickstart an SMB cloud market.

Containers are an ideal tool for deploying microservices, as they allow operations teams to deliver composable services, with separate containers for each major functional element of a service. With a minimal base OS, like the CoreOS Linux distribution, all you need to do is load the containers for the services you want, and a server -- and microservice -- is ready to go. It’s an approach that’s also compatible with the way development teams build modern applications and services, allowing tool chains to deliver deployment-ready containers.

The container market is also shifting rapidly. Parallels will be supporting Docker in its next release. And CoreOS has begun to develop its own container environment (while continuing to support Docker), Rocket, to address issues with Docker’s container implementation. The CoreOS Rocket team is focusing on the container as composable building block, with easy-to-share images and a simple naming convention. Rocket’s new App Container specification is intended to be used by other OSes, with the prospect of wider support.

Containers and the future of the server OS

In the longer term, we’re seeing the birth of a new way of delivering server operating systems, the “Library OS” model that’s been used by research OSes like Microsoft Research’s Drawbridge. Best thought of as a refinement of today’s virtual servers, a library OS works with running applications to only deliver the OS services that each application container needs -- reducing the risk of unintended interactions and security breaches, with the added bonus of needing fewer compute resources.

It’s easy to imagine how a library OS would work with a containerized microservice. An orchestration service, similar to VMware’s or Microsoft’s current hypervisor tooling, would query a container’s manifest, and implement a virtual machine that contained only the OS-level services the manifest requested. The two would then be merged and deployed. The resulting virtual machine could be managed by scripted configuration management tools, like Chef, or Puppet, or DSC, ensuring it would run only the microservice deployed and nothing else.

Microsoft is using elements taken from Drawbridge in Azure already, and it looks set to go further down the library OS route in its cloud offerings. It’s certainly an approach that makes sense. When treating cloud as a compute fabric, simply using those compute resources in an optimum manner improves cloud data center economics -- especially because the current trend is toward low-cost commodity features in IaaS and storage, with those costs being recouped in PaaS services.

Using containers to rapidly deploy efficient PaaS resources means that there’s an incentive for the Azures and Amazon Web Services of the world to move to using these technologies to manage their own services and resources. The ability to set up and tear down services quickly lets cloud platforms maximize the performance of millions of cores of compute, and helps deliver the Facebook-like responsiveness users are coming to expect from their enterprise systems.

Containers on the client

So far, we've been talking about containers on the server side. But as with virtualization, containers are popping up on the client side as well. The primary example: Microsoft's partnership with Docker in Azure and the next Windows Server release is bringing application containers to its servers. But it’s also touting a different sort of container in Windows 10, where applications will be able to work with enterprise data or with personal data (or in some special cases, with both).

On the desktop, and in the phone, these secure containers are used as a way of making sure that corporate data stays under control and can’t leak out the company through personal communications channels. Here they’re best thought of as a set of policies that manage storage based on information source and that control how applications work with stored data -- using centrally managed whitelists and file metadata. As server-side containers become more popular we’re going to need a new name for these tightly controlled client user spaces, focusing on the way they manage applications and how they support secure storage.

A programmable future

The demand for highly scalable, programmable infrastructure is making the move to containers inevitable, at least for public and private clouds.

It’s essential for operations teams to have the ability to use configuration management tools to wrap up the elements that make up a modern application and then quickly replicate it across multiple servers -- either under the control of operations management tools or via self-service portals. It’s a role the modern container has been waiting to play.

Copyright © 2014 IDG Communications, Inc.

How to choose a low-code development platform