Docker's Quest for Simplicity with the Evolution of Containerd
Key Takeaways
Docker's evolution towards simplification with Containerd, a key part of its mission to build tools of mass innovation, and its impact on the industry with features like security and standardization
Full Transcript
Oh hello welcome to the new stack makers a podcast where we talk about at scale application development deployment and management we'd like to thank cloud native computing foundation for sponsoring our podcast from cloud native Khan Kubek on Berlin thanks very much for the support here we've had a great show [Music] hey it's alex williams the new tech here at cloud native con Kubek on in berlin and i'm here with patrick shadow zone of docker how are you and Ike very well thanks excited yes so I want to talk about if I want to talk about container d and i want to discuss its evolution but in the context of dockers mission which I've always been intrigued by from its beginnings when it became really apparent to me that Solomon and you and you as well really hit it on the head when you're talking about the need to program the internet and if you're going to program the internet then it's going to require a lot more simplicity because there'll be a lot more people developing for it right and W at you know there'll be lots of different applications and things will need to be configured differently and I think we're really seeing that now really with like this you know the physical manifestation of the Internet where we're seeing like bicycles that are that you don't have to bring to a station if you rent them you can just you know that they're connected via GPS these are the kind of things that we're starting to see in our physical reality so I'm curious on your perspective then you know we can talk about gatinha d but when we first talked about how we've gotten here yeah yeah definitely so so as you said our mission a docker is to build tools of mass innovation that that's how we cream it and what we mean by that is that there are lots of new technologies that are coming out but some are really hard to use and what we're trying to do is to make them simple to use so that the massive people can use them to innovate and what we identified as our first target is programming the internet and what we mean by that is that the the best d heiko for innovation right now is software tied to all these devices that are getting connected to the internet so you are mentioning bicycle but here I'm thinking as well as like industrial equipment right robot drones I I've seen some customers doing some really crazy stuff with docker and all these today require a different tool chain different artifacts with like adding things different operating systems and so coding for them requires a lot of specialized knowledge and what we try and plus building a system that is composed of an industrial equipment sensor a gateway inside of the factory and then a cloud platform to process all these data and then web app to analyze all this and mobile app with that in order to build that end-to-end system for a single company use case requires a lot of very specific talent and a lot of very specific workflows and 2 Chainz as well as a distributed computing fabric so I docker we're trying to build that layer to program the internet that that's what it's about and that goes with a lot of simplification and as you said one of the successes of doctor was really about the ease of use developers had updated because it made them more productive and it was very easy to use so a lot of opinions are going into the user experience that we provide a darker and then there's a second movement to that which is as we so we will like this big like customer focused company consumer companies like Google or Facebook or Apple who focus on the end user first they build a product and then they shed out open source components that people can reuse for other stuff like WebKit for apple or tensorflow aku banaras for google a docker we do the same so one of the thing I presented this morning is you see this ramp up of adoption of docker through the number of poles in the hub going from 1 billion to 1 billion to 1 1,000,000 to 1 billion to 11 billion today and as we ramp up in adoption we're shedding out components that can be reused so things like lib network and later on run see the the reference implementation for the OC i spec swan kit in frak it that we announced that linux can here in Berlin back in October and then continually the last of these components that can be used independently by software plumbers who are building their own systems and so the the Cooper nudist community is one of them so tell us about container day and you know and how that fits into this story perhaps you could explain what container t is for yes our listeners out there yeah definitely so docker is a full platform to build ship and run applications and build visited applications and so it is made of lots of different components that there are components to manage infrastructure it's called intricate one component of orchestration it's called swamp yet there's the build system to build your images and all that but at the heart of it there's this component that we call the core component runtime and that's containers and what we've done is that continuity already was running containers we just designed it with a roadmap to 10 version of it to extract all the cork on your runtime call container runtime functionality so that it can be used separately outside of docker so we are refactoring the darker codebase to extract on energy and we're designing continuity in a way so that you can be used by Cooper naraz and I think the best characterization I've seen of continuity is by Tim Hawking one of the techniques for the Cabana test project from google when we did the continuity summit a darker a month ago he expressed it we really well he said continuity had all the stuff that we want from darker with none of the things that we don't want cuscus coronitas he's using darker today but they prefer something smaller and that's that core runtime component called container d so how does that then evoke that that quest for simplicity that that we started this conversation with ya so continuity is one of the plumbing components and what it provides is the possibility so container d will run on linux microsoft will work on it to make it work on windows as well so it will like run containers everywhere then the sim container d itself doesn't provide simplicity provide api's for higher level systems to build however they want and so when you're looking at the cubanelle acpi there's a lot of knobs and complexity in there it's a technology that's really designed for system operations our seaside means who really want all the configurability in a product on the darker side we're building simplicity out of it so when you're running darker its continuity who's running your containers behind the scenes and but you can use docker in a very easy way with very easy commands and we try to make the things we need to use and more complicated things possible more complicated things possible so what might that be oh so what might that be security for example right i forgot the name of the speaker there was a speaker from Red Hat Clayton coal mine I think oh yeah yeah so Clayton gave a talk after apana this morning I found super interesting where he said security is a very big concern for ku Banaras and then he had to slide with on on one side all the things that we have for security in khuvon a test today and on the other side it was all the things we want in insecurity for cuva nilesh tomorrow and actually if you're looking at that slide the right part the thing they want for tomorrow you can have it today in darker so we implement some security features like a node identity for example or automatic tea pls between the different nodes in your swarm while secrets management with secrets that are encrypted at rest so we have all that in dr today it's very interesting you know the the evolution of his story that started with you know the the creation of oci and I know that's been there's been some lot of discussion about oci and you know and how it's how it's progressing is taking longer for it to get to one point oh this container d make it easier to get to one point 0 for oci no I wouldn't say so container g is on top of oci so container g actually includes run c which is the oci reference implementation of the runtime stack so o CI has two specs runtime runtime and the image format so container g will implement both ok Anna and actually the same people working on both projects so Michael Crosby on our side is working on runchy and the Red House back will that help it progress faster or now no the spike is nearly ready I think they have a cut of the 10 off c4 the spec for the runtime and they made lots of progress on the image format right i'd say maybe container g will help the image formats back progress because it would be an implementation of rat but all that stuff is progressing pretty fast in my opinion like will have 10 versions of the spectra soon and continually 10 is slated for the end of june yeah right so we're really getting to that world that we describe two years ago when we started all that is taking care of those very low level issues that that's good for the community to isn't it oh it's awesome it's good for everybody as for the community is good for customers because then they can have true possibility between different implementations of the specs does that make it does that make it possible for darker to think more about how if they offer crew benetti's to its own customer base yeah we'll see about that we'll see if they demanded right now we see a lot of demand for our commercial products and what they like in there is both the simplicity as well as full-featured ness and some differentiation in security for example so until they ask for it maybe we could provide that but for now we don't see a need for that so that so it seems like the community has has grown up a lot over the past I'd say six months or so would you agree with that the community the Cuban a desk and you really send the doctor community oh yeah both of them like dr. community has been growing at Berlin during growing but there seems to be a better sense of themselves right there's a better there's more clear identity of who they are oh definitely and that seems to be helping relations which you know in a very competitive environment can can can restrain it at some point yeah what's up what happened in other industries happening here where you have a lot of innovation and then at some point there are some lower layer layers were everybody agree on how it should be done so these ones are ripe for Standardization that's what happened with oci and then at higher levels you may have layers where it's good to standardize on a single implementation and then everybody works on the same code way that's what's happening with container G but then there are some upper layers where there's still lots of competition and and we can see that in orchestration right now where differentiation is happening in terms of security for example so what's the story moving forward 4444 docker you know container as a relates to container game well how how how do you have should customers view what can how should customers juice container day yashas the community you contain container d how does doc review developing container d going forward yeah so for I'd see photo for the community container G is kind of the de facto implementation of a container run time and because the whole industry is going to collaborate on it like all these sites loud providers who join it when we announced it you'll have a stable core code base that everybody can rely on so it will make all the systems more resilient and more solid so so that's stable core container runtime everybody can innovate on top of that then in terms of a vehicle system I'd say everybody will be able to innovate faster on top of that including us and then for customers it's a gauge of stability because they'll have a whole community evolving that Co container run time together I think it's we do win for everybody well Patrick thank you very much for taking some time to talk today about container d and soccer and its roots and and the community and going forward thank you yeah thanks for having me Alex and have fun at the conference again to great community [Music] we'd like to thank cloud native computing foundation for sponsoring our podcast from cloud native Khan Kubek on Berlin [Music] you
Original Description
On today's episode of The New Stack Makers, we caught up with Docker Technical Staff member Patrick Chanezon at CloudNativeCon/KubeCon EU. As technology continues to evolve, more devices than ever are being connected to the internet via software. Running that software are applications backed by tools such as Docker's containerd.
Recently, Docker began the process of extracting containerd out of the Docker codebase to enable its use with Kubernetes, independent of the rest of the Docker suite. We also discussed how the community's evolution has and will continue to impact the container ecosystem, and what's next on containerd's project roadmap.
Listen on SoundCloud: http://soundcloud.com/thenewstackmakers/dockers-quest-for-simplicity-containerd
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from The New Stack · The New Stack · 44 of 60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
▶
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
What's Next for the Cloud Foundry Foundation in 2017 with Executive Director Abby Kearns
The New Stack
How Unikernels Can Better Defend against DDoS Attacks
The New Stack
Weaveworks is Bringing Horizontal Scaling to Prometheus
The New Stack
TNS Analysts Thanksgiving Special: The Evolution of Kubernetes and the Container Ecosystem
The New Stack
How Rancher Labs is Seeing Kubernetes Put to Work in Production
The New Stack
SAP Tests Kubernetes for Cloud-Native Enterprise Software Deployments
The New Stack
Event Marketing for Today's Developer Evangelists and Community Managers
The New Stack
NodeSource Introduces Certified Modules to Improve Node.js Security
The New Stack
How Lightstep is Illuminating the Case for Distributed Tracing
The New Stack
How OpenStack Aims to be More Inclusive without being Exclusive
The New Stack
How Shuttlecloud Saves Time and Money by Monitoring with Prometheus
The New Stack
Creating Analytics-Driven Solutions for Operational Visibility
The New Stack
Understanding the Application Pattern for Effective Monitoring
The New Stack
Building On Docker's Native Monitoring Functionality
The New Stack
The Importance of Having Visibility Into Containers
The New Stack
How Getting Your Project in the CNCF Just Got Easier
The New Stack
Tectonic Summit Pancake Breakfast: How to Sell Kubernetes to the Hypervisor-Minded
The New Stack
The Buzz at Tectonic Summit 2016 in New York City
The New Stack
Bringing Clarity to the Future of Node.js Modules
The New Stack
How FluentD Can Help Monitor Microservice Architectures Through Unified Logging
The New Stack
Reshaping Front End Development with Warehouse.ai
The New Stack
2016 Year End Wrap-Up: Discussing Docker, OpenStack, and Open Source
The New Stack
Here's Why You Should Build a Robot Using Node.JS: Because You Can
The New Stack
How the Node.js Foundation is Utilizing Participatory Governance Models
The New Stack
Set Up an MongoDB Replica Set in Less Than an Hour Using Bitnami Packages
The New Stack
Determining Who Bears the Burden of Ensuring NPM Module Security
The New Stack
How Intel Snap uses Telemetry and Kubernetes to Drive Enterprise Efficiency
The New Stack
How the NFL Scored a Touchdown with its Open Source React Framework Wildcat
The New Stack
Aporeto CEO Dimitri Stiliadis: When it Comes to Security, Context is King
The New Stack
The Buzz at Node.JS Interactive
The New Stack
Why Going Serverless Doesn't Mean 'No Ops'
The New Stack
How Node.js is Transforming Today's Enterprises
The New Stack
JJ Asghar Interview
The New Stack
How Capital One is Using APIs to Streamline Auto Financing
The New Stack
SXSW 2017: How Machine Learning Differs From Regular Programming
The New Stack
SXSW 2017: Data-Driven Applications with Capital One DevExchange's Hydrograph
The New Stack
SXSW 2017: How Good Engineers Make Bad Business Decisions
The New Stack
CloudNativeCon & KubeCon EU Pancake Breakfast 2017: Kubernetes and the Multi-Cloud
The New Stack
CNCF Executive Director Dan Kohn: What's Next for CNCF in 2017
The New Stack
Exploring the Latest Container Runtime Projects in the CNCF
The New Stack
Exploring the Future of the Kubernetes Ecosystem
The New Stack
Kubernetes and Continuous Deployment
The New Stack
Kris Nova of Deis at CouldNativecon/Kubecon in Berlin
The New Stack
Docker's Quest for Simplicity with the Evolution of Containerd
The New Stack
Developers First: The Cloud Foundry Service Broker API and Kubernetes
The New Stack
Mapping the Future of CoreOS's rkt in the CNCF
The New Stack
Red Hat and Dell EMC: Two Perspectives from DockerCon
The New Stack
Capital One Opened its APIs to Third-Party Developers — Here’s What They Learned
The New Stack
SUSE Joins the CNCF, Brings Kubernetes to OpenStack Cloud 7
The New Stack
How Capital One Brings Open Source To The Banking Industry
The New Stack
OSCON Is Coming Back To Portland, A Show Wrapup With Co-Chair Kelsey Hightower
The New Stack
Dev Or Ops Doesn’t Matter, You Need Observability
The New Stack
Taking The Next Steps In Developing An Open Source Culture
The New Stack
SXSW 2017: How Capital One Became Technology-First With Open Source
The New Stack
Apcera Old Apps Spanning New Clouds
The New Stack
Provenance: The Peace of Mind Chef Habitat Seeks to Deliver
The New Stack
InSpec: Human Readable, Automated Compliance
The New Stack
The Evolution of SAP HANA Express
The New Stack
Women Engineers Who Inspire And Never Give Up
The New Stack
Three Perspectives on the Evolution of Container Security
The New Stack
More on: Docker & Containers
View skill →Related Reads
📰
📰
📰
📰
Every Build Tells a Story: Integrating Harness CI with Splunk
Medium · DevOps
When ArgoCD Chokes: Targeted Syncs in Jenkins Pipelines
Medium · DevOps
Securing Your Terraform Infrastructure with Checkov and GitHub Actions
Dev.to · Cristhian Carlos MAMANI CORI
Title: The Signal Nobody Tells You About: Thread Dumps via SIGQUIT During a Production Outage in…
Medium · DevOps
🎓
Tutor Explanation
DeepCamp AI