Alex Polvi, CEO of CoreOS, has heard a lot of different myths about what containers can’t do and in a session at OpenStack Silicon Valley event on August 26. So he set out to debunk them.
Polvi is more knowledgeable than most about containers, having built a purpose-designed Linux operating system with CoreOS just to run Docker containers. After seeing some shortcomings with Docker, CoreOS started the appc container specification effort and the Rocket container runtime projects. CoreOS is now helping to unify standards around containers with the Open Container Initiative at the Linux Foundation, which includes the participation of Docker Inc, AT&T, ClusterHQ, Datera, Kismatic, Kyup, Midokura, Nutanix, Oracle, Polyverse, Resin.io, Sysdig, SUSE, Twitter, Verizon Amazon Web Services, Apcera, Cisco, EMC, Fujitsu, Goldman Sachs, Google, HP, Huawei, IBM, Intel, Joyent, the Linux Foundation, Mesosphere, Microsoft, Pivotal, Rancher Labs, Red Hat and VMware.
In Polvi’s view there are four primary myths when it comes to containers.
1)Containers Replace Virtual Machines (VMs)
Polvi explained that fundamentally a virtual machine takes a physical server and carves it up into lots of little virtual servers. A container can work with a VM to provide an additional layer of isolation and security if needed, which is what CoreOS is now doing with Rocket. The latest Rocket 0.8 release leverages Intel’s Clear Containers technology which provides a hypervisor VM for containers.
2) Legacy Apps Don’t Work
In Polvi’s experience, which is based largely in Linux, any application that will run in Linux will run in a container. He admitted that perhaps a Microsoft Sharepoint deployment, for example, might not run effectively in a container, though he did note that Microsoft is now working with Docker to fully enable container deployment on Windows infrastructure.
Beyond that, he’s not aware of any technology, legacy or otherwise that won’t run in a container, including SAP and Oracle workloads.
3) You Can Only Run Stateless Apps
Polvi said that, in his view, with any type of application an organization always needs to manage state. That’s why backups exist and data replication is part of any proper application deployment plan.
“You have to manage state, replication and backups with containers, just like you do with your non-container application deployments,” Polvi said.
4) Containers are Not Secure
In Polvi’s view, containers are in fact a step forward for security. Prior to containers, applications would just run on bare metal or in a virtual machine, such that if the bare metal machine or VM is hacked, everything on those devices gets compromised.
In the container world there is a higher degree of isolation, which helps to mitigate expanded risk.
“When a single container is hacked, the attacker will get a smaller view of the world then they would if they hacked a normal server,” Polvi said.
Alex Polvi, CEO of CoreOS
Sean Michael Kerner is a senior editor at Datamation and InternetNews.com. Follow him on Twitter @TechJournalist
Graphic courtesy of Shutterstock.