When talking about containers, the first thing that comes to mind is the concept of containers as they were introduced by Virtuozzo: minimal instances of operating systems that all ran on top of the same kernel. With the release of Red Hat Enterprise Linux 7 (RHEL 7), the word "container" has taken on a completely new meaning.
Linux Containers (LXC) are created by running specific processes in an isolated environment, but on the same kernel. With LXC, all containers need to run the same operating system and Linux distribution. That is because Linux containers run on top of the same kernel. This approach is very efficient for hosting providers, allowing then to offer a dedicated operating system to customers with minimal use of system resources. However, with the upcoming release of RHEL 7, containers take on a new meaning.
When Red Hat talks about containers today, the company is referring to application containers. This takes containers one level higher in the stack by virtualizing applications rather than complete operating systems. Without application containers, every application needs to be installed on a specific operating system. This is because applications have dependencies. You cannot run a specific application if an operating system or distribution does not contain the same libraries that were present on the operation system the application was designed for. This makes it hard to deploy an application across different Linux platforms, and it makes it even harder to deploy it to other operating systems.
Red Hat adds support for Docker
With the release of RHEL 7, Red Hat is offering application containers in cooperation with Docker. Docker's idea is to package an application as a self-contained box -- or container -- that includes everything needed to run the application. In this approach, there is no need to install an application on an operating system; it can simply be deployed as a container. This means that an administrator can simply copy the application files to the environment where the application will be used.
The cooperation with Docker makes it easy to deploy applications. Running it on top of Red Hat Enterprise Linux adds some proven technology to the application container. The most significant of these technologies are the use of cgroups and SELinux.
Cgroups make it possible to grant system resources to specific applications. So, if you run a critical database, you can define the exact amount of RAM that will be available to that database at all times. This can happen as an absolute number (this application has access to least 4 GB of RAM), or it can happen as a percentage, which makes it easy to use the application on different kinds of hardware.
SELinux takes care of securing the application. SELinux allows you to define application profiles. In this case, a profile defines exactly what an application can and cannot do, preventing unwanted functions and improving security.
Apps in the cloud
By offering Docker application containers in RHEL 7, Red Hat is specifically looking at cloud environments where there is a need to use the same application across heterogeneous platforms. However, this assumes that other cloud vendors are also including support for this type of applications. In fact, it looks as this will be the case.
Red Hat's most important Linux competitor SUSE -- which is releasing SUSE Linux Enterprise Server 12 in September 2014 -- has already announced it will support Docker. With these two Linux leaders offering Docker, other vendors are sure to follow. This will certainly change the way applications are offered in the cloud.
Dig deeper on Open source virtualization
Sander van Vugt asks:
Will you use Docker containers in RHEL 7?
0 ResponsesJoin the Discussion