It's impossible to read about cloud without reading about hypervisors and virtual machines; virtualization is at...
the heart of cloud. And for most, that means hypervisor-based full virtualization -- where a host operating system and hypervisor run VM partitions, like independent servers, with their own OS and middleware. However, virtualization casts a wide net that can be valuable in the cloud. And that net contains a popular virtualization model -- container technology.
In the container model, a server runs an OS that creates semi-autonomous containers to load applications. These apps share the OS or host, so servers don't run a new OS copy for each VM. Containers stand between independent VMs and simple multi-programming and offer some application isolation -- but not full separation.
Containers often are a better approach for private cloud and some public cloud applications. Docker, the most popular container architecture, may be the perfect platform.
Docker-mania hits the cloud
Docker is a container management system that automates the process of creating containers to run applications/components. In its basic form, a set of APIs manage these containers, which can be built from templates or commands. Docker is evolving, and now provides orchestration tools for component deployments.
It's possible to create container-based systems on any OS that supports container-like partitioning, but Docker uses Linux container tools. Therefore, Docker containers run Linux-specific applications and components. It can run in a VM hosted by a different OS, but it needs a Linux guest OS within the VM to serve the containers. And these must run Linux applications.
Windows' Docker support uses the Docker-in-a-VM approach. Using Docker outside of Linux hosts is complex and many users feel the added complexity defeats the ease of use. Even if users run Docker containers on a non-Linux host OS, they're still limited to Linux applications. The ability to host Docker containers on Windows' servers can be valuable to users with large Windows server commitments that want to add Linux-based applications.
VM-based virtualization and cloud computing have the advantages of isolation, which is useful for public clouds and server consolidation. Building applications for the cloud rather than moving them to the cloud reduces the need to support this level of isolation. Enterprises can host containers on public cloud VMs, in the data center and even on client devices. Docker's new orchestration tools deploy container-based components and combine them to support workflows. These tools can facilitate hybrid cloud use with easy failover support.
Containers are small and agile, which makes them ideal for dynamic applications that scale with load or add and remove features on demand. The machine images needed to load container architectures onto bare-metal or into a VM are easy to develop and highly portable. The application images that load into containers -- since they rely on host OS and middleware services -- are also easy to develop and deploy.
Container craze continues, but it's not perfect
Despite its growing popularity, containers aren't perfect. VMs are best suited for public cloud multi-tenant applications because it's harder to hack across the VM boundary to attack adjacent applications than between containers. Additionally, there is less protection against one container grabbing excess resources and affecting others. To resolve some of these problems, run containers and Docker inside VMs, the basis of the Docker / VMware alliance.
There are also proposals to evolve VMs to behave in more container-like ways; these often are called Mini-VMs. For example, Xen Mirage uses a shim kernel that provides some application isolation, but completely avoids OS and middleware replication.
For enterprises trying to decide between container technology and VMs, the deciding factor is likely the application structure and source. Monolithic applications created by server consolidation are large and persistent, so the apps gain less from containerization. Containers are well suited for applications based on SOA/REST componentization principles. These apps have components that are relatively small, widely distributed, move between clouds, scale dynamically or run sporadically. A decision to run Linux containers is a decision to run Docker.
Container technology and Docker's role in cloud computing likely will continue to grow, particularly as new cloud-specific applications are developed. Over time, there will be more cooperation between Docker and VMs. Higher-level orchestration tools will enable users to launch components into either containers or VMs -- or to containers inside VMs. One technology won't replace the other; they'll coexist and build mutual value.
About the author:
Tom Nolle is president of CIMI Corp., a strategic consulting firm specializing in telecommunications and data communications since 1982.
What Docker 1.0 means for virtualization
IBM joins the Docker fray
Docker gains Google support, goes commercial
Learn where containers fits in microservices