Docker Opens Up with Containerd Container Runtime

by Sean Michael Kerner

After months of conversation and debate, Docker is making a dramatic move by extracting the core container runtime from the Docker Engine and spinning it off into a separate independent project.

Solomon Hykes, the founder of Docker and the pioneer of the modern application container revolution, really wants to make sure that the Docker community and the container revolution will continue to grow in 2017 and beyond. To that end, Docker Inc announced on Dec. 14, the newly re-focused containerd (Con-tay-ner-D) initiative that will see the core container runtime from the Docker Engine spun-out into its own separate community project, with open, vendor-neutral governance.

The move to open up the Docker Engine with containerd comes after months of debate and conversation in the container community. Docker Inc. isn't doing containerd on its own either, but rather is being joined by multiple cloud vendors including Alibaba Cloud, Amazon Web Services (AWS), Google Cloud, IBM Bluemix and Microsoft Azure, in support of the new project.

"Docker is giving the community what they want after we've spent several months gathering feedback," Hykes told eWEEK. "We think that containerd is a big deal for the container ecosystem at large and it will take the market to a new phase where there is less drama around undifferentiated plumbing and more focus on getting containers more widely used."

The new containerd effort to open up Docker is not the first attempt at opening up the Docker Engine. In June 2015, multiple vendors including Docker Inc. helped to launch the Open Container Project at the Linux Foundation, which has since been re-branded as the Open Container Initiative (OCI). A core goal behind the OCI was to unite rivals in the container community to create a common baseline and standards for containers.

Among the OCI's primary achievements to date is the runC project, which is a low-low-level container runtime based on OCI standards. The Docker Engine 1.11 release that debuted on April 13 was the first to implement runC, which was done within Docker's first iteration of containerd.

Containerd is More Than Just OCI

In Hykes view, the OCI's runC initiative is helpful, though it doesn't solve the whole challenge of creating a stable reference implementation for a container runtime.

"What we heard from the community is that the OCI specification was limited, meanwhile we heard that there was demand for a feature complete container runtime and basically runC is just too small," Hykes said. "That is where containerD comes in, where we're carving out more code from the Docker platform."

Hykes added that containerd needs to be bigger than what runC is today, and yet smaller then what the Docker Engine provides. The containerd effort is not, however, abandoning OCI's standard.

"Containerd will be based on runC as a default OCI execution layer, but that execution layer is also swappable," Hykes said.

The existing containerd project on Github that had been used by Docker as its open-source code base for a runC implementation will now undergo a dramatic change as the scope of the effort broadens. The containerd project had previously defined itself as, "a daemon to control runC, built for performance and density."

"The early version of containerd was too small, so now we're adding things like image support," Hykes said.

He emphasized that the goal with containerd is to give a platform builder the core elements that will enable an operator to run containers successfully.

Following the Linux Model

With the new containerd approach, Hykes is aiming to have Docker follow a Linux model for how upstream development and downstream vendors work. With Linux, multiple groups of individuals, projects and vendors collaborate and contribute code to the upstream Linux kernel project. There are then many different downstream open-source projects and commercial vendors that make use of the Linux kernel as part of a Linux distribution.

"As new versions of containerd are released upstream, the Docker platform will adopt it," Hykes said. "We're absolutely looking to the example of the Linux kernel that provides a stable interface, that does not break the layers above it."

While containerd is set to become the core runtime, the full Docker platform does more than just run containers. Hykes explained that Docker assembles all the pieces of a distributed application platform. Components include container build, overlay networking and orchestration among other elements.

"Containerd will be one of dozens of elements that we integrate into the Docker platform," Hykes said. "What we're trying to emphasize is that our value is in picking the right components and integrating them in a way that developers love and solves enterprise problems."

Containerd is Looking for a Home

A goal of the containerd project will be to have an open governance and contribution model that is operated by a third party foundation of some sort, though at this point it's not clear which foundation that might be. What is clear is that unlike the initial runC effort, containerd is not likely to become part of the Linux Foundation's OCI project.

"Our intention is to donate container by the end of the first quarter of 2017," Hykes said. "What we're not doing is specifically choosing a home for containerd and that's simply because we don't want to rush the work of getting it right."

"What we do know is it will not be OCI," Hykes emphasized.

He noted that OCI in his view is a standards body and Docker is looking for a home for an open-source project. Potential options including joining an existing foundation or even creating a new foundation.

"The over-riding focus with containerd is to demonstrate to the container community that we're listening and we get it," Hykes said. "We want stable, reliable plumbing that we can build on top of to differentiate."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist

Originally published on eWeek.
This article was originally published on Wednesday Dec 14th 2016
Mobile Site | Full Site