Could Docker replace package management?

Linux's package management headaches could be solved by way of containers, but experts warn it's only half a solution

recording package delivery 000005661610

Conventional wisdom holds that containers are fast on their way to remaking everything from application deployment to the design of ultralean Linux distributions. That last part raises a question, though: Could container technologies like Docker be used to solve Linux's long-standing conundrums with package management? Might containers provide a path away from dependency hell and competing (and incompatible) package standards?

In the yes camp: The folks at CoreOS, creators of the Linux distribution that revolves entirely around containers, not packages, as its basic unit of modularity.

CoreOS Senior Engineer and Chief Advocate Kelsey Hightower says the company's offering is "living proof it's not only possible, but can lead to better system design and efficiency." However, he believes package management is still useful, mainly by "building an operating system from a discrete set of components that must play well together. This is an area where Linux package managers shine." CoreOS itself does not use a typical package manager, such as apt or yum, he notes, but rather the Portage system.

Hightower claims that entirely replacing a system's general-purpose package manager with Docker or other container managers would be difficult, in part because Docker doesn't have a dependency resolution mechanism. "Where Docker shines is in packaging and distributing applications," he said. (Docker itself declined to respond for this article, citing time constraints.)

With Red Hat's increased emphasis on containers, it stands to reason the company might also see containers as a replacement for package management.

Lars Herrmann, general manager for Red Hat Enterprise Linux and Red Hat Enterprise Virtualization at Red Hat, believes it's possible to replace package management with containers, "but it isn't the best course of action."

Aside from dependency management, said Herrmann in an email, package management provides three other boons: instructions for where to install software in a system, structured metadata that makes it easy to tell what's installed where, and a mechanism for verifying installed software against the package manager's metadata.

"These values still apply in a container-centric world," he said, meaning that those functions would all need to be replicated by containers. "Additionally, there needs to be an easy way to 'look' inside these containers to verify what's in there and to identify any known problems."

Likewise, package management covers internal functions that containers themselves don't deal with. According to Herrmann, Docker "aggregates the packages for an entire application or microservice; it doesn't help in getting the right components into a container in a way that will work. Obviously, this task doesn't directly require the existing package managers but they do a great job at it -- so why not use them?"

Bryan Cantrill, CTO of Joyent -- yet another company neck-deep in the container world -- also sees containers and package management as serving separate functions, since "a Docker image is at a higher layer of abstraction than an apt or yum package," he wrote in an email.

That said, he thinks Docker can render packaging obsolete as package management itself rendered manually unpacked archives (such as TAR files) obsolete and become a new standard application format. "An engineer that I've known for a long time put it slightly differently: Docker is 21st-century ELF. (ELF is the 'Executable and Linkable Format' that is how binaries are represented on Unix systems.) Either way, Docker seems poised to become the de facto standard for how systems are imaged -- and I think that that's a clear win for both developers and operators alike."

Copyright © 2015 IDG Communications, Inc.