Four years ago, the virtualization industry was blown wide open by the arrival of Docker — a format which made it possible to stage workloads and scale them without the overhead of VMware, Xen, or KVM virtual machines. Last year, Docker Inc. graciously donated its container standard to the Open Container Initiative, run by the Linux Foundation — a neutral governing party. The idea was to end all the bickering over what the container format should be. Instead, what’s happening is a fresh re-opening of the debate over why there should be just one. “I think, a couple of years down the road, people are going to be talking less and less about containers, and people are going to be talking more and more about applications again,” said Ben Hindman, the founder and lead engineer of Mesosphere. What a bank in New York City really wants, said Hindman, is the opportunity to test an application on its data center the same way one of its executives tries out an e-mail client on her laptop. If data center apps became more analogous to mobile or desktop apps, the entire business of serving large enterprises could be revolutionized. “At the end of the day, what people care about. . . is being able to run these sophisticated, distributed applications. At least what I hope, in five years’ time from now, everyone is talking about that as an ecosystem.” What we’ve been calling “container architecture” deals primarily with the packaging and constitution of containers — small, firmly packed virtual machines without the hypervisor. Up to now, a lot of folks thought container architecture and container orchestration were the same topic. They’re not. The critical issue that data centers are facing today is how to network their workloads. In a container network, each container has its own address. Natively, Docker creates a subnet of containers, each of which has its own port number. For data centers where port numbers have specifically designated purposes — like port 80 for Web traffic — that won’t work. They’d already be violating compliance frameworks just for trying this. That’s why Kubernetes and Mesosphere and Docker have all adopted different means of orchestration, where each container is given its own IP address. There are different ways of doing this through network overlays, some of which scale better than others. But this does solve the problem with Docker’s native networking. However, it also solves a broader class of problem, because VMs have their own IP addresses too. As long as IP addresses provide a layer of abstraction between virtual components and their orchestrators, the substance to the argument in favor of a single container format, disappears.
Four years ago, the virtualization industry was blown wide open by the arrival of Docker — a format which made it possible to stage workloads and scale them without the overhead of VMware, Xen, or KVM virtual machines. Last year, Docker Inc. graciously donated its container standard to the Open Container Initiative, run by the Linux Foundation — a neutral governing party. The idea was to end all the bickering over what the container format should be. Instead, what’s happening is a fresh re-opening of the debate over why there should be just one.
“I think, a couple of years down the road, people are going to be talking less and less about containers, and people are going to be talking more and more about applications again,” said Ben Hindman, the founder and lead engineer of Mesosphere.
What a bank in New York City really wants, said Hindman, is the opportunity to test an application on its data center the same way one of its executives tries out an e-mail client on her laptop. If data center apps became more analogous to mobile or desktop apps, the entire business of serving large enterprises could be revolutionized. “At the end of the day, what people care about. . . is being able to run these sophisticated, distributed applications. At least what I hope, in five years’ time from now, everyone is talking about that as an ecosystem.”
What we’ve been calling “container architecture” deals primarily with the packaging and constitution of containers — small, firmly packed virtual machines without the hypervisor. Up to now, a lot of folks thought container architecture and container orchestration were the same topic. They’re not. The critical issue that data centers are facing today is how to network their workloads. In a container network, each container has its own address. Natively, Docker creates a subnet of containers, each of which has its own port number.
For data centers where port numbers have specifically designated purposes — like port 80 for Web traffic — that won’t work. They’d already be violating compliance frameworks just for trying this. That’s why Kubernetes and Mesosphere and Docker have all adopted different means of orchestration, where each container is given its own IP address. There are different ways of doing this through network overlays, some of which scale better than others. But this does solve the problem with Docker’s native networking. However, it also solves a broader class of problem, because VMs have their own IP addresses too. As long as IP addresses provide a layer of abstraction between virtual components and their orchestrators, the substance to the argument in favor of a single container format, disappears.