Richard Bucker

Container host marketplace is gearing up

Posted at — May 30, 2015

I don’t know when Joyent entered into the market but it only hit my radar in the last few months; maybe 6. At the time I was watching a demo on SmartOS and their containers. I do not fully grock what they are offering but it appears to be something based on OpenSolaris and some sort of Linux container/VM tech. Since they are in the VPS business this layer is critical to their success.CoreOS, is about to hit their 2 year anniversary. They have a free product that is as bare metal as you can get. There are some moving parts that make clustering, scheduled updates and configuration easier. They have also created a commercial version of Kubernetes which is the orchestration layer above the bare metal (without the multi-tenant features). They are also active in the APPC and container definition projects as thet believe that Docker is not secure enough.ProjectAtomic and it’s related projects are still active.Snappy and Docker from Ubuntu.Rancher, RancherOS, RancherVM are also making progress.Panamax, Mesosphere, Apcera, and so on and so on….However, as I watched a brief demo of the Android M from a 20-something from TechCrunch I find myself wondering if my father felt the same thing about me and my tech when I was up and coming. It remains that so much of these projects offer an interesting and exciting glimpse into the future but what they are lacking is a crystal view. Too many companies have picked up that ball and tried to cross the finish line only to drop the ball short of the end. And many had good products…So here is my vision:CoreOS constrains the operator with very clear but somewhat undefined guardrails. Containers can be airtight or they can be porous. In the later case you might need sidekicks or ambassadors. Networking is a clear pain in the ass. VPN and other segmented networks are even worse. The tools simply do not exist… I think there is an intent to implement some sort of policy feature similar to Apcera. In Rancher there is some sort of intra container feature. Rancher also provides it’s own sidekicks. But all of Rancher’s orchestration is manual. Discovery services though etcd, consul, zookeeper is not secure, encryption is meaningless, and the APIs are just more work for the user.All of these projects are weak. They lack adjacent and simple tools for monitoring, orchestrating, operating, integrating, managing. It’s too easy to say “it’s your profession so learn it”. In fact it’s a cop-out. Yes you need to know your tools but in this case you also need to get work done and not many freshmen or journeymen are going to hack special purpose one off scripts in production. Just ask Knight Capital.