Live from the Summit: Docker, Atomic, and application-centric packaging

riek-herrmann-docker-session

Lars Herrmann, senior director of Product and Business Strategy and Daniel Riek, senior director of Systems Design and Engineering–both from Red Hat–entertained a capacity crowd during their afternoon session addressing Docker, Linux containers, and packaging.

In a series of short skits, Riek and Herrmann assumed enterprise IT roles as an applications owner (Herrmann) and the person that manages infrastructure (Riek). They demonstrated a common scenario in many IT organizations:

Herrmann: I have a project. It’s going to make us millionaires. I need a couple servers.
Riek: You’ll need hardware. That’ll be 3-4 months.
Herrmann: My developers need a library that’s not in the standard build.
Riek: I think we’ll get that in the next update–maybe 6 months from now?

The new library might satisfy the needs of development, but applications that needed the old library would require updating.  Moving applications to production requires security testing, a maintenance window, approval from IT, and more.

Then they took their scenario forward–to the years of virtualization.

Herrmann: I need to start a new project. It’s going to make us billionaires.
Riek: It’s self-service. Pick an image that works for you.
Herrmann: That sounds easy.
Riek: You just have to make sure you adhere to these management and security requirements.

DOCKER AND CONTAINERS

Though application developers can set up their own servers, it does leave them responsible for compliance and security–something that takes time away from innovation. Things have gotten better, but there’s room for improvement.

This is what Docker (and Atomic–more about that in a moment) can bring. “The infrastructure is just the infrastructure,” said Riek.

Hermann: I have a trillion-dollar application. What do I have to do so my developers can work on it?
Riek: Take your Docker image, build your stuff on it, then hand it over when its done.
Herrmann: What if I have a custom dependency for something?
Riek: Create a new layer, add that to your image, and we can roll that into the next gen of your container image.

Linux containers provide lightweight isolation of process, network, and filesystem spaces. Docker is a toolchain that builds on Linux containers, aggregating packaging, adding an API, an image format, and a delivery and sharing model.

Containers can replace virtualization where containers are more applicable, such as for:

  • Horizontal application isolation
  • Lightweight delegation
  • Application virtualization
  • Density

“What really makes this work is the introduction of the concept of layering,” said Riek. “You start with a base image and can then specialize the image by adding a differential layer on top.  From an operational point of view, this is very agile.”

RED HAT ENTERPRISE LINUX ATOMIC HOST

Project Atomic, the upstream community for Red Hat Enterprise Linux Atomic Host, works to integrate many technologies that work together, including:

  • Docker
  • SELinux
  • cgroups
  • namespaces
  • RPM
  • yum

Red Hat Enterprise Linux Atomic Host contains:

  • A minimal host with atomic updates
  • systemd for process management
  • Generic container orchestration primitives
  • Integration with OpenShift GearD for cross-node PaaS orchestration
  • Shared services and management agents deployed as privileged containers

Red Hat Enterprise Linux Atomic Host intends to take technical risk out of the infrastructure. Updates are made all at once. When something breaks, you can roll back to the last known-good version.

“With this, you have a generic atomic image and you can deploy exactly the same binary container image that you deploy in-house, in the cloud. It gives an abstraction layer for aggregate package deployment,” said Riek.

“We actually believe that this is fairly disruptive. We are not here announcing the end of something, but the beginning of something.”

FUTURE BENEFITS

Container certification gives ISVs a new way to deliver value to customers and creates new opportunities for interaction. “The enthusiasm we see on the Red Hat side around Docker is because it solves our own problems as an ISV to Red Hat Enterprise Linux,” said Riek.

Other benefits of application-centric packaging include:

  • Portable and reliable application deployments
  • Lightweight footprint and minimal overhead
  • Rapid and efficient application delivery
  • Simplified application development life cycle
  • Isolated and secure deployments
  • Fine-grained control

“As you might have noticed, we’re really excited about this stuff,” said Herrmann. “It’s about portable deployments. It’s about applications moving in the open hybrid cloud. It’s about efficiency in delivery, in packaging and maintenance, and organizationally. It’s about speed, agility, the promise of cloud and big data. This reduces the time it takes to get something created, copied, deployed, and updated.  We’re not talking days, hours, weeks–we’re talking seconds.”

“This is really a big deal.”

 

More information

 

Event: Red Hat Summit 2014
Date: 4:50 p.m., Tue April 16, 2014
Type: Session
Track: Cloud readiness (Cloud deep dive)
Technical difficulty: 3
Title: Application-centric packaging with Docker and Linux containers
Speaker: Daniel Riek (Red Hat), Lars Herrmann (Red Hat)