Container standards on the Horizon

 

 

Vincent Batts  @vbatts

$> finger $(whoami)
Login: vbatts                           Name: Vincent Batts
Directory: /home/vbatts                 Shell: /bin/bash
Such mail.
Plan:
OHMAN
$> id -Gn
devel opencontainers docker appc redhat golang slackware

So,

Containers?

STANDARDS!

Standard

/ˈstandəd/

noun

something used as a measure, norm, or model in comparative evaluations

STANDARDS!

Areas to Standardize:
  • Packaging
  • Runtime
  • Networking
  • Cloud
    

Runtime - Implied standards

LXC

  • 2008
  • lxc specifc config

Docker

  • 2013
  • Docker specifc config and APIs

Runtime - Specifications

Application Container Spec (github.com/appc/spec)

  • December 2014
  • App Container Executor (ACE)
  • Several implementations, with rkt as the flagship
  • Specification

Runtime - Specifications

OpenContainer Runtime-Spec (github.com/opencontainers/runtime-spec)

  • June 2015
  • Several Implementations, with runc as flagship
  • Specification
  • Currently v1.0.0-rc3

Network

Container Networking Interface

(CNI - github.com/containernetworking/cni)

  • Used by RKT, kubernetes, OpenShift, Kurma, Cloud Foundry, RancherOS, usable with runC, and more
  • Simple to integrate with a process based workflow
  • December 2014
  • Specification and Library

Network

Container Network Model

(CNM - Docker libnetwork)

  • Used by Docker Engine
  • April 2015

Packaging - Implied Standard

  • Docker specific format

Docker Image

  • Tight coupling with daemon version
  • Signing requires Docker notary integration
  • Image naming is Docker specific and bound to registries

Packaging - Specification

  • December 2014
  • A number of independent tooling

Application Container Spec (github.com/appc/spec)

  • App Container Image (ACI)
  • Addresses Fully-Qualified-Naming, image discovery, signing, content addressibility, and versioned schema

Packaging - Specification

  • April 2016
  • Originated from Docker-1.10 and Registry v2 format
  • Content addressibility

OpenContainer Image-Spec (github.com/opencontainers/image-spec)

  • Signable. Possibility to have naming and discovery.
  • Currenly releasing v1.0.0-rc3
  • Gaining support from rkt, flatpak, skopeo, cri-o, docker, docker-registry and more

Cloud

Cloud Native Computing Foundation (https://cncf.io)

  • Kubernetes orchestration donated by Google
  • Prometheus monitoring donated
Why More Standards?!

Really great question. Thought you might ask ...


The package wars of deb vs rpm set back the broad adoption of Linux

Horizon

Continued adoption

Verification and certification of integrations/implemenations

Tooling to further signing, distribution and discovery

Increasing number of container runtimes

Increasing number of kubernetes distributions

Wishes

  • Image Distribution

  • Image Signing

  • Orchestration

  • CNI (networking) to be in OCI

Call to Action!

Define your use-cases first

Ensure your container integration touchpoint stay generic,

to avoid lock-in to a particular platform.

PoC tooling for your integration

Thanks!

Vincent Batts

@vbatts| vbatts@redhat.com