VMware may consider abandoning its stance that containers are better when used together with virtual machines, and instead develop a standalone container management system if customers want that, the company hinted to this column last week.
Kit Colbert, VMware's VP and CTO, Cloud-Native Apps, said that although customers are prepared to manage their containers using VMWare's virtual machine management tools, "if demands shift, we will be there to meet them…"
For now though, VMware's strategy is strictly that the best way to manage containers is by popping them into virtual machines.
The most obvious reason to do that is to provide security, thanks to the better isolation that virtualization technology provides. But that's far from the only reason.
For example, Colbert says that by putting a container in a virtual machine, you can "operationalize" it. What's meant by that is that VMware's infrastructure allows you to manage your virtual machines — in terms of availability, disaster recovery, performance, configuration and so on.
When a container is in a virtual machine you can manage those containers in the same way.
VMware recently unveiled Project Photon, a paired-down Linux distribution suitable for running containers. It's also unveiled Bonneville, which in technical terms is a Docker daemon with custom VMware graph, execution and network drivers that delivers a fully-compatible API to Docker clients.
"What [Bonneville] does is expose a Docker API from vSphere, so a developer using a Docker client can set it against it and do Docker commands: docker run and so on."
What then happens is that Bonneville creates a virtual machine to hold each container pulled from the hub. "When you go back to VSphere you don't see the container but you see the VM which represents the container," Colbert explains. "You can then back it up, or get performance data, or whatever. All the tooling you use for VMs works for containers — they all just have a virtual machine wrapping."
Bonneville uses instant cloning to bring a new virtual machine into existence to wrap each container in a half second or so. Instant Clone enables a running VM to be cloned so when a new VM is created it is exactly identical to the original. This is powerful because you can get a new, running, booted-up VM going in less than a second.
"When you are done running the container, the VM goes away, so you are using VMs in a different way to normal, " says Colbert. "You are not creating a VM, installing an OS, patching it and keeping it. The virtual machines are transparent, and created on the fly."
Why Would Customers Choose to Use VMware for Managing Containers?
But why should anyone use VMware's ecosystem — which was after all designed for the managing of virtual machines — to manage containers? Why not use a project like Google's Kubernetes (or CoreOS's Tectonic, which is built on Kubernetes) that is specifically being designed for container management?
"Don't forget that we have been building management products for 10 years," says Colbert. "New ones won't have the same level of robustness — that's just a general statement.
"Also people need enterprise-grade tools today, and the container stuff that's available is not at that level yet," he adds.
And it's at this point that Colbert hints that if customers show a preference for straight container management products — rather than fudging the issue by managing their containers through virtual machines — then that is what they will get. It wasn't a statement of fact, or an expression of intent, mind: just a tantalizing hint.
But if you think about it though it makes perfect sense: containers aren't a threat to VMware if they get into the container business too. For now the company can leverage its virtual machine management tools to dip its toes into the container waters.
But if necessary, VMware can focus its engineering might and management expertise garnered over the course of a decade to build a container management system too. If that's what customers want, of course.
Paul Rubens is a technology journalist and contributor to ServerWatch, EnterpriseNetworkingPlanet and EnterpriseMobileToday. He has also covered technology for international newspapers and magazines including The Economist and The Financial Times since 1991.