Beyond Docker: Other Types of Containers
Docker containers are getting lots of press. But they are not the only type of container available today. This article discusses alternative types of container and their use cases.
Not all of the technologies summarised below are mature enough to use in enterprise production environments, and are not necessarily direct replacements for Docker containers; instead, they are containers designed to handle other types of workloads. Still, understanding the diversity of container technologies available today is important because it can be easy to forget that Docker containers are not the only game in town.
(But interested in who is using Docker? Check out our blog on Who's Using Docker).
Before looking at different types of containers, let’s define what a container is.
In essence, a container is a lightweight, virtualised, portable, software-defined environment in which software can run in isolation of other software running on the physical host machine. The software that runs inside a container is usually designed as a single purpose application; but as we will see below, it is also possible to run a complete bootable operating system inside a container. We've covered elsewhere how containers compare to virtual machines and what their different use cases are.
The popularity of containers is due to the fact that they facilitate modularity, portability and simplicity when provisioning virtual infrastructure. They are managed with a common toolset, offer dramatically reduce boot times (from minutes to milliseconds) and significantly better resource utilisation than traditional virtual machines, i.e. they offer better efficiency and density on the host OS.
Developers love containers because they enable fast paced iterative development/test cycles.
Ops love containers because they can focus on runtime tasks such as logging, monitoring, lifecycle management and resource utilisation rather than deployment and dependency management.
The technology used in containers has been available since 2008. The recent hyper interest in Docker containers is due to 2 events: a growing need for the technology emerging from web scale companies like Google that is now becoming mainstream; and the simple tooling made popular by the Docker open source project. Timing and simplicity are everything. Docker containers can only run Linux workloads but can run on both Linux or Windows hosts (refer to Windows Server Containers later in this article). Docker containers have enabled huge efficiencies in the development of software but require runtime tooling such as Swarm or Kubernetes that is still evolving, for use in the enterprise.
Containers other than Docker
So, what are some container platforms other than Docker? Here’s a list:
- Java containers: Jetty, Tomcat, Wildfy and Springboot are all examples of container technologies that enable standalone Java applications. They have been used for years to incorporate parts of the Java runtime into the app itself. The result is a Java app that can run without requiring an external Java environment, making the app containerised. While Java containers are indeed container technologies they are not a variant of the Linux containers that are associated with the Docker hype.
- Unikernels: Applications that you commonly find running in a Docker container may require only a fraction of the advanced capabilities offered by the virtualised environment they run in. Unikernels as designed to optimise the resources required by a container at runtime: by mapping runtime dependencies of the application and only packaging the system functionality that is needed at runtime into a single image. Unlike Docker containers, Unikernels can boot and run entirely on their own, without a host OS or external libraries. That’s different from Docker containers, which rely on external resources and a host environment to run. Unikernels can reduce complexity, improve portability and reduce the attack surface of applications however they require new development and deployment tooling which is still emerging.
- LXD: a container platform from the company behind Ubuntu Linux. LXD containers are built and operated with the same tools as traditional VMs but can achieve similar runtime performance to containers and better improved utilization over VMs. That’s different to Docker containers which give order of magnitude better density but require a container orchestration platform like Swarm or Kubernetes to manage them at scale.
- OpenVZ: A container platform for running complete operating systems. OpenVZ is different to a traditional virtual machine hypervisor because it requires both the host and guest OS to be running Linux but because it shares the host OS kernel (like Linux containers) OpenVZ containers are much faster and more efficient than traditional hypervisors. OpenVZ also happens to be one of the oldest container platforms still in use today, with roots going back to 2005.
- Rkt: Rocket containers emerged from CoreOS to address security vulnerabilities in early versions of Docker. In 2014 CoreOS published the App Container specification (appc) in an effort to drive innovation in the container space which spawned a number of open source projects. The early vulnerabilities in Docker have long been addressed and Docker containers are compatible with Docker so can run side by side.
- Windows Server Containers: The recent launch of Windows Server 2016 has brought the benefits of Linux containers to Microsoft workloads. Microsoft has re-engineered the core windows OS to enable container technology and worked closely with Docker to ensure parity in the Docker management tooling. There is still some work to do on optimising the size of the container images and they will only run on Windows 10, Server 2016 or Azure but this is great news for Microsoft based engineering teams.
- Hyper-V Containers: Greater security can be achieved by hosting Windows Server Containers in a lightweight “Hyper-V” virtual machines. This brings a higher degree of resource isolation but at the cost of efficiency and density on the host. Hyper-V containers would be used when the trust boundaries on the host OS require additional security. Hyper-V containers are built and managed in exactly the same way as Windows Servers Containers and therefore Docker containers.
The container technologies outlined above are all marketed as production ready but scepticism remains about which are ready for enterprise production loads.
Windows Server Containers are new and there will no doubt be teething problems but new adopters will get great support from Microsoft. In early 2016, Docker acquired Unikernel Systems but so far there has been no indication that Docker plans to make Unikernels available for enterprise use. LXD, OpenVZ are also yet to see widespread commercial adoption. This means that Docker’s Linux containers dominate production environments today.
It’s worth observing that Docker have yet to saturate the market for containers. Docker as a company is barely three years old and containers are only now starting to penetrate the enterprise production environments.
Contino have successfully deployed Docker into enterprise production environments and we believe Docker containers and the supporting orchestration platforms such as Kubernetes are ready for specific types of workloads such as stateless websites and distributed web services that have high availability. However, configuring and deploying these orchestration platforms is complex and many companies make mistakes in their own private implementations. (We've talked elsewhere about how to create enterprise container strategies that last!)
In 2015, The Open Container Project (OCP) was announced as a shared initiative to promote a set of common, minimal, open standards and specifications around container technology. OCP was later rebranded as the Open Container Initiative (OCI) as counts Google, Docker, RedHat and Microsoft as members. Indeed, the OCI was a key driver in the development of Windows Server Containers. These companies will work together to continue to expand the technology to new use cases bring even greater resource efficiencies.
All of the above means that the container landscape as a whole is still evolving. Docker containers may be dominating the headlines today, but if you want to understand how to leverage containers over the long term, you need to know about more than just Docker.
Want to learn more? Ask us! At Contino, we’re thinking not just about the hottest container technologies of today, but also where they fit into the larger picture, and what’s coming next.