Common Container standards:
Past, Present & Future
Vincent Batts @vbatts
$> finger $(whoami)
Login: vbatts Name: Vincent Batts
Directory: /home/vbatts Shell: /bin/bash
Such mail.
Plan:
OHMAN
$> id -Gn
devel opencontainers docker appc redhat golang slackwareSo,
Why, Containers?
Single Application
Full System
But Not a VM
Except Maybe a VM
Pods of applications
Labels of services
Non-root
Non-root Full systems?
Desktop Applications
But Wait,
What does "container" mean to you?
STANDARDS!
Standard
/ˈstandəd/
noun
something used as a measure, norm, or model in comparative evaluations
STANDARDS!
Areas to Standardize:
-
Packaging
-
Runtime
-
Networking
-
Cloud
Past
Packages
tar archives
*.deb or *.rpm
jar
gem
pod
module
egg
zip archives
tar archives
tar archives
tar archives
Past
*.dmg
*.msi
Runtime
Past
binaries?
ELF binaries?
WAR files
SysVinit
shell scripts
so many shell scripts
Network
Past
Hardware
shell scripts + telnet
custom
SDN
Cloud
Past
REST
SOAP
APIs of APIs
SOA
Present
Runtime
LXC
- 2008
- lxc specifc config
Docker
- 2013
- Docker specifc config and APIs
Present
Runtime
Application Container Spec (github.com/appc/spec)
- December 2014
- App Container Executor (ACE)
- Several implementations, with rkt as the flagship
- Specification
Present
Runtime
OpenContainer Runtime-Spec (github.com/opencontainers/runtime-spec)
- June 2015
- Several Implementations, with runc as flagship
- Specification
- Currently v1.0.0-rc2
Present
Network
Container Networking Interface
- Used by RKT, kubernetes, OpenShift, Kurma, Cloud Foundry, RancherOS, usable with runC, and more
- Simple to integrate with a process based workflow
- December 2014
- Specification and Library
Present
Network
Container Network Model
- Used by Docker Engine
- April 2015
Present
Packaging
- Docker specific format
Docker Image
- Tight coupling with daemon version
- Signing requires Docker notary integration
- Image naming is Docker specific and bound to registries
Present
Packaging
- December 2014
- A number of independent tooling
Application Container Spec (github.com/appc/spec)
- App Container Image (ACI)
- Addresses Fully-Qualified-Naming, image discovery, signing, content addressibility, and versioned schema
Present
Packaging
- April 2016
- Pulled from Docker-1.10 and Registry v2 format
- Content addressibility
OpenContainer Image-Spec (github.com/opencontainers/image-spec)
- Signable. Possibility to have naming and discovery.
- Currenly releasing v1.0.0-rc1
- Gaining support from rkt, flatpak, skopeo, cri-o and more
Present
Cloud
Cloud Native Computing Foundation (https://cncf.io)
- Kubernetes orchestration donated by Google
- Prometheus monitoring donated
Why More Standards?!
Really great question. Thought you might ask ...
The package wars of deb vs rpm set back the broad adoption of Linux
Future
Continued adoption
Verification and certification of integrations/implemenations
Tooling to further distribution and discovery
Call to Action!
Define your use-cases first
Ensure your container integration touchpoint stay generic,
to avoid lock-in to a particular platform.
PoC tooling for your integration