Application containerization is an operating system level (OS-level) virtualization method for deploying and running distributed applications without launching an entire virtual machine (VM) for each app. Instead, multiple isolated systems are run on a single control host and access a single kernel. The application containers hold the components such as files, environment variables and libraries necessary to run the desired software. Because resources are shared in this way, application containers can be created that place less strain on the overall resources available [[i]].
The following figure compares application deployment using a hypervisor and a container. As the figure shows, the hypervisor-based deployment is ideal when applications on the same cloud require different operating systems or OS versions. The abstraction must be at the VM level to provide this capability of running different OS versions. With containers, applications share an OS (and, where appropriate, binaries and libraries), and as a result, these deployments will be significantly smaller in size than hypervisor deployments, making it possible to store hundreds of containers on a physical host (versus a strictly limited number of VMs). Because containers use the host OS, restarting a container doesn’t mean restarting or rebooting the OS [[ii]].
Containerization, provides additional benefits to existing, traditional, virtualisation technologies which open up new use cases that threaten to revolutionize the IT industry. In particular they provide: [[iii]], [[iv]]
- A lightweight system; containers start instantly and use less RAM. Images are constructed from layered filesystems and share common files, making disk usage and image downloads much more efficient.
- An improved process for Continuous Integration and Delivery; developers are able to develop, test, and deploy applications to a large number of servers.
- An easy to migrate solution; each container is an isolated instance that doesn’t hold a guest operating system, it’s very easy to migrate to from one deployment to another. The container stack allows for great portability.
- A secure environment; containers isolate applications from one another and the underlying infrastructure, while providing an added layer of protection for the application.
In order to overcome the biggest obstacle to the adoption of the container-based deployments, the Open Container Initiative (OCI) formed under the auspices of the Linux Foundation in 2015. OCI is a lightweight, open governance structure (project) for the express purpose of creating open industry standards around container formats and runtime [[v]]. The OCI currently contains two specifications: The Runtime Specification (runtime-spec) and the Image Specification (image-spec).
Many of the organisations that work on Cloud technologies are part of the Open Container Initiative, so the Public Authorities can be confident that we will increase cross-container support and flexibility going forward.
The STORM CLOUDS approach
The STORM CLOUDS project will follow the containerization approach in order to create a faster, more resource-effective, and more secure setup for the SCP components and services. The Docker Engine will be used in order to create containers to deliver some of the Smart City Services. A developer will be able to use Docker locally, or on a different cloud infrastructure, and then deploy into the selected production environment with no major issues.
Docker is an open-source engine which automates the deployment of applications as highly portable, self-sufficient containers which are independent of hardware, language, framework, packaging system and hosting provider [[vi]]. With Docker, you can separate your applications from your infrastructure and treat your infrastructure like a managed application.
Docker is the most popular and advanced platform today, which provides access to a set of high-quality core tools and additionally to a community and a whole ecosystem of third-party products and services that help developers from the very first steps of developing their application through every incremental deployment of it.
At its core, Docker provides a way to run almost any application securely isolated in a container. The isolation and security allow you to run many containers simultaneously on your host. The lightweight nature of containers, which run without the extra load of a hypervisor, means you can get more out of your hardware.
For both developers and operators, Docker offers the following high-level benefits, among others:
- Deployment Speed/Agility – Docker containers house the minimal requirements for running the application, enabling quick and lightweight deployment.
- Portability – Because containers are essentially independent self-sufficient application bundles, they can be run across machines without compatibility issues.
- Reuse – Containers can be versioned, archived, shared, and used for rolling back previous versions of an application. Platform configurations can essentially be managed as a code.
Although Docker is a way of managing multiple containers on a single machine, the capability to be used behind Nova (OpenStack’s Hypervisor Engine) makes it much more powerful since it’s then possible to manage several hosts, which in turn manage hundreds of containers. The current Docker project aims for full OpenStack compatibility. [[vii]]
As containers don’t aim to be a replacement for VMs but they are complementary in the sense that they are better for specific use cases the Public Authorities should evaluate both solutions to find which fits better to their needs and requirements.
[i] Definition: Application containerization, viewed June 23, 2016 <http://goo.gl/hOzurx>
[ii] D. Bernstein, 2014, Containers and Cloud: From LXC to Docker to Kubernetes, IEEE Cloud Computing, vol. 1, no. 3, pp. 81–84
[iii] Claus Pahl, 2015, Containerization and the PaaS Cloud, IEEE Cloud Computing, vol.2, no. 3, pp. 24-31, May-June 2015, doi:10.1109/MCC.2015.51
[iv] CodeShip, 2016, Why Containers and Docker are the Future, White paper
[v] Open Container Initiative, viewed June 23, 2016 <https://www.opencontainers.org/>
[vi] What is Docker, viewed June 23, 2016, <https://www.docker.com/what-docker>
[vii] Using Docker with OpenStack, viewed June 23, 2016, < https://wiki.openstack.org/wiki/Docker>