Why is Docker's container approach so important?
The name has become synonymous with containers, but there are other container management tools available.
Docker isn't container virtualization. Docker's container approach is an open source platform that can help administrators automate application deployment in isolation on a shared OS kernel.
Container isolation tools -- Docker included -- rely on a container layer implemented in Linux through components that include LXC (Linux Containers), libvirt or systemd-nspawn. Docker includes its own library for containerization called libcontainer. Other container approaches include cgroups, Checkpoint/Restore in Userspace for Linux and Kubernetes, which focuses on container orchestration and automation.
Docker's container platform has garnered so much attention across the industry because it provides a single tool that can effectively assemble and manage an application and all of its dependencies into a single package; called a container image file or a Docker file, it can be placed into a container and run on any Linux server or Windows Server with Microsoft's container products.The way Docker packages the application enables it to run on premises, in a private cloud and in the public cloud. Containers also are generally less resource-demanding and faster to spin up than VMs. So, Docker provides enormous application flexibility and portability. It's these attributes that have attracted the attention of so many enterprise adopters.
For example, Docker is integrated into major cloud platforms, such as AWS, Google Cloud Platform and Microsoft Azure. It works with leading cloud infrastructure tools, like Cloud Foundry Diego container management, OpenStack Nova provisioning and OpenSVC cluster and configuration management. It's also compatible with configuration automation tools, such as Chef and Puppet. Docker is also integrated into Red Hat's OpenShift platform.
Containers need orchestration and automation. While a platform such as Docker can create and run container images, the sheer number of image files presents a potential nightmare for management. Tools like Kubernetes have also evolved substantially to support Docker and other containers so that administrators can automate and manage complex environments.
Although Docker's container platform was originally only focused on Linux environments, Microsoft's Windows Server and Hyper-V containers natively run Docker Windows container images. Projects such as the Open Container Initiative (OCI) aim to create a vendor-neutral standard that supports multiple OSes. CoreOS Rkt, Apache Mesos and Amazon Elastic Container Registry are among the projects that support OCI. The idea is to create a single uniform container environment rather than create multiple competing -- and incompatible -- environments. A software developer should be able to package an application for containers and know that it will run with Docker, Rkt from CoreOS or other projects, such as the Jetpack runtime for FreeBSD, Cloud Foundry and Apcera's Kurma container environment. OCI v1.0.0, released in July 2017, includes an image specification that defines how to create, assemble or bundle a container image. The standard also includes a runtime specification that stipulates how to unpack and run a container image file. A certification process is being developed to outline the process and requirements for OCI-based software for multiple OSes and environments.
An alternative to Docker's container approach
The Rkt platform, a competitor to Docker's container approach, appeared in late 2014 and gained some traction as an application container engine intended for cloud-native environments. Red Hat acquired CoreOS in early 2018. The Rkt approach is based on pods, which are a collection of apps running in a shared environment, similar to Kubernetes' orchestration scheme. The Rkt platform can execute Docker and OCI containers. In March 2017, CoreOS and Docker proposed adding Rkt and the containerd engine to the Cloud Native Computing Foundation, enabling Rkt and containerd to garner the same attention as Kubernetes and other platforms.
Containers offer new opportunities for software developers and data center administrators, but they also pose new challenges. The good news is that, while Docker's container approach has caused great disruption, container technology is not exclusive. Containers are simply another tool in the virtualization toolbox. They can coexist with current hypervisor-based virtualization in the same environment, even stacking containers onto VMs, which gives administrators and developers freedom to experiment with and embrace containers at a comfortable pace as new application development and deployment tasks emerge.