These days nothing can fill a conference session quicker than putting “Containers” in the title. Everyone understands they’re important, but some are still trying to figure out – why?
One of the more interesting conversations I had recently involved Docker, but not for the reason you might think. The conversation and associated research boil down to this: the majority of containers in production today run in Cloud Native apps, and those containers only run for seconds. Not weeks, months and years the way Enterprise IT workloads tend to. With Cloud Native apps only the data, usually stored in a database, is persistent; the execution engine running in a container is ephemeral.
Can containers be used for Enterprise IT workloads? They can, the bitten down finger nails of your disapproving security professionals aside. Still, that’s not how the majority of containers are being used today. When you move from the ephemeral requirements of a developer’s cloud native application to the required persistence of an Enterprise IT workload, the complexity level increases. You now have to provision something, manage it and protect it in some fashion. That’s when approaches such as VMware Photon, Ubuntu LXD and Intel’s Clear Container initiative come into play.
Creating a drastically simplified artificial division plucked straight from my brain I see two categories of containers:
- Application containers such as Docker, rkt and Cloud Foundry Garden.
- System containers such as VMware Photon, Ubuntu LXD and Intel’s Clear Containers initiative.
Application containers are an image management and deployment approach for developers. The primary concerns are how the application is bundled, shipped and executed.
System containers use the hypervisor approach to secure isolation, management and deployment and, as such, are much more IT Administrator focused.
With system containers think of the functionality advantages of a VM environment, but without the CPU, memory and storage burn. While system containers do not boot as quickly as application containers, nor do they use less CPU or memory, they’ll use significantly less than a standard operating system image in a virtual machine.
Photon is optimized for vSphere, Clear Containers for KVM and LXD is built on top of Linux LXC. These hypervisor foundations offer proven security, availability and online migration functionality and they will be managed and monitored with extensions to the same tools virtualization administrators use today. This makes it easy to introduce system containers into vSphere, vCloud Air and OpenStack as they are an evolution of Virtual Machine management and not a software execution design approach.
Are system and application containers mutually exclusive? No. If they don’t already, system containers will soon support use of application containers by default. Today a Photon container may ship with Docker already installed, allowing application developers to continue to ignore the infrastructure their application may run on, while giving administrators the ability to use the unique functionality that infrastructure may provide.
Containers might not be the biggest thing to happen to you, but large scale adoption of persistence will probably be the biggest thing to happen to containers.
Mark Twomey @Storagezilla