Container Myths Debunked at OpenStack Silicon Valley

Containers don't mean the end of the private cloud - or do they?

Alex Polvi, CEO of CoreOS, has heard a lot of different myths about what containers can't do and in a session at OpenStack Silicon Valley event on August 26. So he set out to debunk them.

Polvi is more knowledgeable than most about containers, having built a purpose-designed Linux operating system with CoreOS just to run Docker containers. After seeing some shortcomings with Docker, CoreOS started the appc container specification effort and the Rocket container runtime projects. CoreOS is now helping to unify standards around containers with the Open Container Initiative at the Linux Foundation, which includes the participation of Docker Inc, AT&T, ClusterHQ, Datera, Kismatic, Kyup, Midokura, Nutanix, Oracle, Polyverse,, Sysdig, SUSE, Twitter, Verizon Amazon Web Services, Apcera, Cisco, EMC, Fujitsu, Goldman Sachs, Google, HP, Huawei, IBM, Intel, Joyent, the Linux Foundation, Mesosphere, Microsoft, Pivotal, Rancher Labs, Red Hat and VMware.

In Polvi's view there are four primary myths when it comes to containers.

1)Containers Replace Virtual Machines (VMs)

Polvi explained that fundamentally a virtual machine takes a physical server and carves it up into lots of little virtual servers. A container can work with a VM to provide an additional layer of isolation and security if needed, which is what CoreOS is now doing with Rocket. The latest Rocket 0.8 release leverages Intel's Clear Containers technology which provides a hypervisor VM for containers.

2) Legacy Apps Don't Work

In Polvi's experience, which is based largely in Linux, any application that will run in Linux will run in a container. He admitted that perhaps a Microsoft Sharepoint deployment, for example, might not run effectively in a container, though he did note that Microsoft is now working with Docker to fully enable container deployment on Windows infrastructure.

Beyond that, he's not aware of any technology, legacy or otherwise that won't run in a container, including SAP and Oracle workloads.

3) You Can Only Run Stateless Apps

Polvi said that, in his view, with any type of application an organization always needs to manage state. That's why backups exist and data replication is part of any proper application deployment plan.

"You have to manage state, replication and backups with containers, just like you do with your non-container application deployments," Polvi said.

4) Containers are Not Secure

In Polvi's view, containers are in fact a step forward for security. Prior to containers, applications would just run on bare metal or in a virtual machine, such that if the bare metal machine or VM is hacked, everything on those devices gets compromised.

In the container world there is a higher degree of isolation, which helps to mitigate expanded risk.

"When a single container is hacked, the attacker will get a smaller view of the world then they would if they hacked a normal server," Polvi said.

hadoop and big data

Alex Polvi, CEO of CoreOS

Sean Michael Kerner is a senior editor at Datamation and Follow him on Twitter @TechJournalist

Graphic courtesy of Shutterstock.

Tags: Linux, VM, OpenStack, containers

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.