
Google Embraces Docker, the Next Big Thing in Cloud Computing - spahl
http://www.wired.com/2014/06/eric-brewer-google-docker/
======
WestCoastJustin
Google has plenty of experience with containers already, since they heavily
use cgroups and the concept of containers in their production environment for
isolation and resource control, never mind the fact that two of their
engineers had written much of the initial cgroups code. I talked about this in
my "Introduction to Containers on Linux using LXC" screencast [1]. Briefly,
Google is in the process of open sourcing their internal container code [2],
there was a Wired article that talked about their container orchestration
system [3], and finally, there was John Wilkes (Google Cluster Management),
who talks about the container management system [4].

Docker adds very interesting filesystem ideas and software for the management
of container images. Personally, I think we are on the cusp of a transition
from VPS (xen/hvm) to VPS (containers). I also hope that Google throws some of
their concepts at the Docker project. Interesting times for this space.

[1] [http://sysadmincasts.com/episodes/24-introduction-to-
contain...](http://sysadmincasts.com/episodes/24-introduction-to-containers-
on-linux-using-lxc)

[2] [https://github.com/google/lmctfy](https://github.com/google/lmctfy)

[3] [http://www.wired.com/2013/03/google-borg-twitter-
mesos/all/](http://www.wired.com/2013/03/google-borg-twitter-mesos/all/)

[4]
[http://www.youtube.com/watch?v=0ZFMlO98Jkc](http://www.youtube.com/watch?v=0ZFMlO98Jkc)

~~~
jacquesm
> Personally, I think we are on the cusp of a transition from VPS (xen/hvm) to
> VPS (containers).

I'm not so sure of that. I think a lot of the use-cases for VMs are based on
isolation between users and making sure everybody gets a fair slice. Something
like docker would work well with a single tenant but for multi-tenant usage
docker would give you all the headaches of a shared host and very little of
the benefits of a VM. For those use cases you're probably going to see
multiple docker instances for a single tenant riding on top of a VM.

The likes of Heroku, AWS, Google etc will likely use docker or something very
much like it as a basic unit to talk to their customers, but underneath it
they'll (hopefully) be walling off tenants with VMs first. VMs don't have to
play friendly with each other, docker containers likely will have to behave
nicely if they're not to monopolize the underlying machine.

~~~
pling
I want option 3. A 4U rack with 32 completely isolated embedded stand alone
quad core ARM or PPC systems, a network switch and an FPGA on each connected
to the switch fabric.

Then we can start doing some interesting stuff past finding new ways to chop
computers up.

~~~
fanf2
That does not sound very high density compared to what you can get from a
company like Baserock -
[http://www.baserock.com/servers](http://www.baserock.com/servers)

~~~
pling
I want a hefty FPGA attached to the CPU bus and switch backplane. That will
take a lot more power than the ARM core.

------
mark_l_watson
For at least the last 15 years I have almost always done 'devops' myself
(before it was called that). Managing deployment goes with designing and
building systems.

My problem is that I am sort of stuck in the past. Whether I am using VPSs,
AWS, or rented physical servers, I have only a partially automated way to set
up servers. This scales to small numbers of servers just fine, and that is
mostly the world I live in, but I need to improve my workflow. This really hit
home yesterday when I had to upgrade a Haskell GHC/platform because I tweaked
a Haskell app making incompatible with an old GHC 7.4.* setup on an older
server, and ended up wasting some time before fixing things.

Working as a contractor at Google last year was an eye opener. I really loved
their infrastructure. Eye opening experience.

Docker seems like my best path forward.

~~~
contingencies
You have hit the nail on the head. The thing people want in the real world is
improved workflow.

In the real world, everyone wants infrastructure to have the same sexy
qualities: automated deployment (CD/CI), automated scaling, automated
failover/high availability, automated service discovery (read: functional
service topology dependency resolution), security, resource and capacity
planning support, real time least-cost-overhead provider selection for third
party infrastructure providers meeting some disparate set of performance
requirements, etc. Unfortunately, it's not an easy problem area to deliver a
one size fits all solution to.

Docker doesn't really have most of that stuff in scope yet, even vaguely.
Actually, it seems to have a really weird scope: it wants to wrap different
LXC implementations and other container-style unix environments (potentially
supporting non-Linux platforms) but doesn't want to deal with managing the
host systems themselves, having - kind of, for practical reasons (though not
entirely!) - outsourced this to CoreOS (ie. some particularly specific
configuration of a Linux host system).

Whether all of this recent Redhat/Google docker bandwagon jumping will amount
to any real solution remains to be seen .. Google AFAIK effectively runs its
services on fat clusters made of commodity hardware, organized in to segments
('cells'), running highly customised Linux distributions, and so does Redhat
where HA is required. I'm pretty familiar with these configurations as I do
this myself. So will we ever see meaningful support for other OSs? Other
distros? Physical systems via PXE to support these clusters? Hypervisor guests
managed with the same developer and operations workflow?

My wager is not soon, at least in a manner that everyone agrees on... Google
will keep doing its thing (using its unlimited supply of internal, world-class
nerds to deliver and manage services on their custom OS in a custom way
because saving 1/2c a month per machine pays ten world class nerd salaries at
their scale), Redhat will keep doing its thing (selling prebuilt systems at
expensive prices that still comfortably undercut the likes of IBM, pretending
they are manageable, but actually rejigging the whole infrastructure every
system release leaving little in the way of realistic upgrade paths without
expensive consulting) and you and I will be left wondering where that magical
docker solution went that everyone was talking about in early 2014.

~~~
tzm
Google values devops / solutions, so I think we'll see some interesting
announcements over the next 12 months.

Here are a couple of notes..

Deployment manager - [https://developers.google.com/deployment-
manager/](https://developers.google.com/deployment-manager/)

Saltstack integration -
[https://www.youtube.com/watch?v=0dOXbhenFl0](https://www.youtube.com/watch?v=0dOXbhenFl0)

~~~
contingencies
I agree, but that's like saying "I think the world will continue turning".
Obviously, yes!

The deployment manager sounded interesting but I'm not seeing any support for
arbitrary platforms (in the OS sense), or infrastructure providers (in the
'run it on my own hardware, or someone else's' sense), nor the opsier side
(like business concerns separate to technology) of the ops part.

Some thoughts roughly summarised at
[http://stani.sh/walter/pfcts/](http://stani.sh/walter/pfcts/)

~~~
tzm
Thanks for sharing your thoughts. Great points and insights.

Following up a bit.. Google just announced Kubernetes[1], an open source
container manager. Also, Eric Brewer is now on Docker's Governance
Committee[2] to help push for open container standards.

Seems like a good step forward.

[1]
[https://github.com/GoogleCloudPlatform/kubernetes](https://github.com/GoogleCloudPlatform/kubernetes)
[2] [http://googlecloudplatform.blogspot.com/2014/06/an-update-
on...](http://googlecloudplatform.blogspot.com/2014/06/an-update-on-container-
support-on-google-cloud-platform.html)

------
sp332
Is Docker one of those things that works better for big projects than small
ones? I tried using it for 3 little projects, just to see what all the fuss
was about. But every time it ended up being easier to use bare LXC.

~~~
general_failure
Docker is a superset of lxc.

~~~
sp332
But it behaves differently. For example, if you shut down a Docker container,
changes are not saved.

~~~
FooBarWidget
That's not true, and it has got nothing to do with the pause/unpause feature.
You can see stopped containers with `docker ps -a`, and you can restart them.

------
jestinjoy1
I have few questions about docker

1\. When I need to move application between different systems running Ubuntu,
Debian etc, now I use Virtual box. Can I use Docker now on?

2\. A quick reading about docker tells me that instead of running a guest OS
as in Virtual box docker only holds application related things. Then how could
it handle deployment between Debian Squeeze and Ubuntu 14.04. I mean old and
new Linux version

3\. Compared to virtual box how easy it is to install and use Docker

4\. Can you please tell some places where you people use docker

5\. How many of you have migrated to Docker from virtual box and related
things?

Disclaimer: Noob detected :)

------
ladzoppelin
Does the complexity of using containers bother anybody? It just seems like
this adds so many more attack points by removing the virtual machine which was
a good way to organize services.

~~~
dragonwriter
> Does the complexity of using containers bother anybody?

It doesn't seem all that complex; sure, its (in the typical cloud use case)
another level of organization, but done right it should actually simplify
organization and deployments.

> It just seems like this adds so many more attack points by removing the
> virtual machine which was a good way to organize services.

Containers are different than VMs, but using them doesn't mean "removing the
virtual machine". Particularly in the use cases that Google is embracing
(e.g., on a cloud platform where the containers are for use _on_ VMs.) How,
specifically, does it add "attack points"?

------
blazespin
Increasing parallelization has been done in evolutionary steps for the last 10
years. This is a great step, but I'm sure your amazons and rackspaces of the
world will soon be building docker++ (and docker really is just ec2/AMI++)

~~~
nickstinemates
Rackspace and Amazon are heavily involved in the Docker ecosystem.

