The open source project Docker may have its roots in machine virtualization, but in reality it is a hybrid technology built around a ‘containerization’ approach that has grabbed developers’ attention.
Docker’s rapid growth in a very short time highlights how frantically enterprises have been searching for an application portability solution that can span across different clouds and different data center environments during an application lifecycle, notes a whitepaper by Orange Business Services and Orange Silicon Valley.
The container concept
Based on a lightweight concept of virtual machines, Docker for Linux provides is the technological equivalent of shipping containers. Applications are put inside software containers so they can be moved around easily and run on any hardware. Developers love the idea because Docker offers a flexible, modular approach that speeds up application design and deployment, bringing increased agility to business processes.
Practically anything you do today online, from sending a Tweet to doing a Google search, is an app running in the cloud. Developers building apps need to ensure that they can run on any cloud server or device and can be updated quickly, whilst being robust and stable. Docker makes the whole process efficient by bundling the app, all its code libraries and executable files into a single container so they can be developed, swapped out, if necessary, and sent live quickly. Docker claims that its container software has been downloaded over 400 million times and there are over 75,000 Dockerized apps in the Docker Hub. A blockbuster for a product that was only released in March 2013.
Little wonder that big names in the industry are rushing to throw their arms around Docker. Google, for example, has rolled out Google Container Engine (GCE), which launches and managers Docker containers on the Google Compute Engine (GCE) via its open source Kubernetes, designed as a lean, expandable system capable of deployments in multiple public, private and hybrid clouds. The containers can share data providing they are deployed in the same cluster. Google bet early - running containers in its own data centers. It says it now launches two billion container instances across its data center farms every week.
IBM, Red Hat, OpenStack and Vmware are already integrating Kubernetes into their own platforms, which will enable Container Engine clients to shuttle data between multiple clouds.
In addition Microsoft recently launched Windows Server 2016 Technical Preview 3 with support for containers and Docker. Microsoft has also seen the benefits of so called containerization for some time - working with Docker since 2014 to bring the technology to Windows Server.
But what about security? Positive, but could do better, the school report would read. Market research company Gartner has assessed Docker’s security and found that it holds up, but is still in its teenage years. “Linux containers are mature enough to be used as private and public PaaS” but “disappoint when it comes to secure administration and management, and to support for common controls for confidentiality, integrity and availability,” it said.
“In the majority of cases, Docker might be deployed on top of guest servers that are on top of hypervisors,” explained Gartner analyst Joerg Fritsch. “However, except for a further fortification of resource isolation, there is little to be gained from the underlying hypervisor. Docker and containers cannot inherit from the hypervisor what they lack most: secure administration and management features, and support for common controls for confidentiality, integrity and availability. But the hypervisor adds a level of complexity that will need to be managed separately and may cause friction with, for example, evolving SDNs for containerized environments.”
Linux Marches Forward
Docker’s arrival has certainly caused some disruption in the server virtualisation market and is speeding up cloud adoption as enterprises increasingly rush to run applications on Linux containers. Unlike traditional Virtual Machine (VM) images they are smaller, faster and easier to use. This inevitably speeds up the deployment of apps in development and production on any platform, across any on-premises services and also via VMs in the cloud.
But remember containers don’t offer the same level of security as VMs. The net result is that VMs compliment containers by providing isolation units. So for the moment we will see containers and VMs run alongside each other until containers mature to be used as standalone compartments.
At the Linux Collaboration Summit last year Craig McLuckie, senior product manager for Google Compute Engine was quoted as saying Docker had managed to “catch lightening in a bottle”. This is a tall claim and only time will tell, but one thing for sure is that Docker has managed to quickly establish itself as a de facto standard and the industry heavyweights are jumping on board rather than trying to reinvent the shipping container!
To learn more about Docker and app containerisation, read this report by Orange Business Services and Orange Silicon Valley.
Jan has been writing about technology for over 22 years for magazines and web sites including ComputerActive, IQ magazine and Signum. She has been a business correspondent on ComputerWorld in Sydney and covered the channel for Ziff-Davis in New York.