All Posts By

Kristen Evans

Open Container Initiative Welcomes Alibaba Cloud as Newest Member

By | Announcement

Chinese cloud giant joins OCI efforts to help drive global container standardization

SAN FRANCISCO, Calif. – August 29, 2018 ​– The Open Container Initiative (OCI), an open source community for creating open standards around containers, today announced that Alibaba Cloud, the cloud computing arm of Alibaba Group, has become a member of the Initiative.

As the largest provider of public cloud services in China, according to IDC, Alibaba Cloud runs one of the world’s most extensive cloud native applications on top of millions of container instances and processes up to 325,000 transactions per second.

“With cloud investments throughout China set to boom in the coming years, the region and beyond will undoubtedly benefit from investments in a set of common, open containers standards from global leaders like Alibaba Cloud,” said Chris Aniszczyk, Executive Director of the OCI. “We’re happy to have the Alibaba team lend its massive-scale expertise to this community as we work to drive improvements to our projects and the availability of our Distribution Specification later this year.”

“Container standardization allows the entire world to speak the same language and benefits hosting providers, ISV, developers and end users alike,” said Junjie Cai, Chief Architect of Elastic Compute Service, Alibaba Cloud. “As we believe that common specifications give customers more value from the cloud, we’ve adopted the OCI v1.0 specifications – both in our internal infrastructure as well as the public container service available in Alibaba Cloud. We also contribute to leading container projects like containerd and recently open-sourced our own container project, Pouch. Alibaba Cloud is thrilled to join OCI and offer our deep container experience to the Initiative, while collaborating with the community to standardize the space.”

As an active member and advocate for open standards, Alibaba looks forward to furthering OCI’s efforts throughout the container ecosystem – making the cloud infrastructure layer more democratic to better serve end users and enable cloud vendors to avoid duplicate efforts while focusing on higher-value innovations.

To learn more about Pouch, the open source project from Alibaba Cloud, read this blog.

About the Open Container Initiative (OCI)

The Open Container Initiative is an open governance structure for the express purpose of creating open industry standards around container formats and runtime. Projects associated to the Open Container Initiative can be found at https://github.com/opencontainers. Learn more about joining the OCI community here: https://www.opencontainers.org/community

The Open Container Initiative is a Collaborative Project at The Linux Foundation. Linux Foundation Collaborative Projects are independently funded software projects that harness the power of collaborative development to fuel innovation across industries and ecosystems. www.linuxfoundation.org

Additional Resources

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact

Kristen Evans

The Linux Foundation

kevans@linuxfoundation.org


Open Container Initiative(开放容器计划)欢迎Alibaba Cloud(阿里云)作为最新成员加入

中国云巨头加入OCI,助力推动全球容器标准化

加州旧金山—2018 年8 月29 日—创建容器开放标准的开源社区,开放容器计划(OCI)今天宣布,阿里巴巴集团的云计算部门阿里云加入该计划。

根据IDC,阿里云是中国公共云服务规模最大的提供商在数百万个容器实例顶端,运行着世界上最广泛的云原生应用,每秒处理多达325,000 件事务。

OCI 执行董事Chris Aniszczyk 表示:“随着中国区域云投资在未来数年的蓬勃发展,该地区内外无疑将得益于阿里云等全球领导者对一套通用、开放容器标准的投资。”“我们很高兴,阿里巴巴团队能够向这个社区提供大规模的专业知识,我们正在努力改进项目,并在今年晚些时候推出分布规范。”

阿里云弹性计算服务的首席架构师蔡俊杰表示:“容器标准化让全世界都可以说同样的语言,且托管提供商、ISV、开发人员和最终用户将同样受益。”“我们深信,通用规范能让客户从云中获得更多价值,现已在内部架构以及阿里云提供的公共容器服务采用OCI v1.0 规范。我们也大力投入领先的容器项目,例如,containerd和我们自己的最新开源容器项目,Pouch。阿里云对于加入OCI 深感高兴,将为该计划提供深入的容器体验,同时与社区合作,从而规范这一空间。”

作为开放标准的积极成员和倡导者,阿里巴巴期待着在整个容器生态系统中深入OCI 的工作——使云架构层更加民主,以更好地服务于最终用户,并使云开发商能够避免重复劳动,同时专注于更高价值的创新。

若要了解有关阿里云开源项目Pouch 的更多信息,欢迎阅读本篇博客文章

关于开放容器计划(OCI)

开放容器计划是一种开放的治理结构,其明确的宗旨是,围绕容器格式和运行时创建开放的行业标准。可在https://github.com/opencontainers了解与开放容器计划相关的项目。在此处了解加入OCI 社区的更多信息:https://www.opencontainers.org/community

开放容器计划是Linux 基金会的协作项目。Linux 基金会协作项目是独立资助的软件项目,利用协作开发的力量推动跨行业和生态系统的创新。www.linuxfoundation.org

其他资源

###

Linux 基金会拥有注册商标,并使用商标。有关Linux 基金会的商标列表,请参见商标使用页面:https://www.linuxfoundation.org/trademark-usageLinux 是Linus Torvalds 的注册商标。

媒体联系人

Kristen Evans

Linux 基金会

kevans@linuxfoundation.org

CRI-O: How Standards Power a Container Runtime

By | Blog

By Joe Brockmeier, Red Hat

The CRI-O project (part of the former Kubernetes incubator) is busy working on the upcoming 1.11 release, which will be released in conjunction with the Kubernetes 1.11 release. It will have some interesting new features, but won’t lose sight of its stated No. 1 goal: to never break Kubernetes. Parallel to that goal is to run any OCI image from any registry (when the OCI distribution specification is finalized).

Historically, Kubernetes has worked with container runtimes that were designed to do many things: build container images, manage container security, manage container orchestration, inspect container images, etc. CRI-O, on the other hand, was designed just to support the functions Kubernetes needs to actually run containers.

Depending on Standards

CRI-O moves in lock-step with Kubernetes’ Container Runtime Interface (CRI), the API for container runtimes to integrate with a kubelet. CRI-O is aligned with the upstream Kubernetes releases, so any changes to the CRI in Kubernetes are supported in the matching release of CRI-O for that release. For example, the most recent CRI-O 1.10 release matches Kubernetes 1.10. CRI-O 1.11 will release with Kubernetes 1.11, and so forth.

Most users these days are using Kubernetes with a version of Docker, but some organizations with different business needs might want to use new container types that haven’t been implemented yet, or others like Kata Containers. CRI-O opens the door for this by supporting any OCI images and runtimes.

Here’s how it works:

  • Kubernetes asks the kubelet to start a pod
  • The kubelet talks to the CRI-O daemon using the CRI
  • CRI-O uses a library that implements the OCI standard to pull the image from a registry
  • CRI-O uses another standard library to unpack the container image for use
  • CRI-O then generates a JSON file that describes how the container is to be run
  • Next, CRI-O launches an OCI-compatible runtime (currently runc or the Clear Containers runtime) to run the container processes
  • A common process handles logging for the container and monitors the process

You might also be wondering about networking. Again, the idea is to have flexibility within a standard interface, so CRI-O uses the Container Networking Interface (CNI) to set up networking. Any CNI plugin can be used with CRI-O, giving users flexibility over their container networking stack as well.

CRI-O helps achieve what the OCI specifications and CRI API set out to do – make the container runtime an implementation detail that the end user doesn’t have to worry about. Worry about how Kubernetes works with your application, not how Kubernetes works with the container runtime.

Learning More about CRI-O

Want to learn more about CRI-O? Of course you do! For now the best resources on CRI-O are the README on GitHub, the accompanying tutorial, and be sure to watch the CRI-O blog.

OCI Member Spotlight: OpenStack (Kata Containers)

By | Blog

The OCI community is comprised of a diverse set of member organizations that are committed to creating open industry standards around a container image format and runtime. This blog series highlights OCI members and their contributions to building an open, portable and vendor neutral specification.

Name: Xu Wang
Title: CTO + Kata Architecture Committee member
Company: Hyper.sh + Kata Containers

What is Kata Containers?

Kata Containers is an open source project hosted by the OpenStack Foundation that provides lightweight virtual machines that feel and perform like containers, while providing the workload isolation and security advantages of traditional VMs.

Why did OpenStack (Kata Containers) join OCI?

The Kata Containers project runs containers specified by OCI runtime spec in virtual machines. We joined OCI to guarantee the compatibility between Kata Containers and OCI runtime specs, and to help to improve the OCI specifications – enabling more efficient Kata Containers. We look forward to collaborating around tooling, compatibility and interoperability testing.

How can OCI community members contribute to Kata Containers? 

Many of the Kata community members come from the OCI community, so we look forward to more collaboration on use case sharing, specification discussion, testing and toolchains. See Github for more information: https://github.com/kata-containers/community

How do you anticipate OCI changing the container technology landscape? 

The OCI specs guarantee that container technology can be open, vendor neutral and a cornerstone of future computing infrastructure.

What is the benefit of open standards like OCI for users of Kata Containers?

The open and unified container spec gives users more options and helps Kata to be adopted in more cases.

More and more applications are shipped and run under OCI specs. With OCI, Kata could enable users to launch unified container applications no matter if the runtime isolation technology is namespace or VM.

For cloud providers, if a user application has been developed for OCI specs, they could run the application with Kata Containers directly which introduces fewer layers than running a container orchestration system on a VM pool.

On the other hand, for those users who have already invested in VM technology, they could apply their existing tools to Kata Containers and move their application to microservice with OCI containers.

Teaming up with Docker to Support a Diverse Container Ecosystem

By | Blog

With a commitment to driving inclusivity in the community, OCI is proud to be an official Diversity Scholarship sponsor for DockerCon 2018.

By actively seeking ways to increase the ecosystem’s diversity, OCI + Docker’s collective goal is to make DockerCon a safe place for everyone to learn and collaborate.

The scholarship program will provide under represented members across the global container community with a scholarship to attend the annual event.

To learn more, make sure to check out the selection process, scholarship details and requirements below + don’t forget to submit an application by Wednesday, April 25, 2018 at 5:00PM PST!

Apply Now!

Selection Process:

A committee of Docker community members will review and select the scholarship recipients. Recipients will be notified by the week of May 7, 2018

What’s included:

Full Access DockerCon Conference Pass

Requirements:

Must be able to attend DockerCon US 2018

Must be 18 years old or older to apply

ZDNet: “​Open Container Initiative nails down container image distribution standard”

By | News

The Open Container Initiative (OCI), the open-source community in charge of creating container standards, has announced the launch of the Distribution Specification project to standardize container image distribution. This new standard is based on the Docker Registry v2 protocol. It standardizes container image distribution, which supports the pushing and pulling of container images. READ MORE.

Container Journal: “OCI Standardizes Container Registry Protocol”

By | News

The Open Container Initiative (OCI) announced today that the way which container images are distributed is about to become standardized using the Docker Registry v2 protocol.

Chris Aniszczyk, executive director of the OCI, says the protocol will now serve as the specification for the new distribution-spec OCI project that will foster interoperability across different container registries. READ MORE.

Open Container Initiative Announces Distribution Specification Project

By | Announcement

OCI creates distribution specification to standardize container image distribution

SAN FRANCISCO, Calif. – April 9, 2018 ​– The Open Container Initiative (OCI), an open source community for creating open standards around containers, today announced the launch of the Distribution Specification project to standardize container image distribution based on the specification for the Docker Registry HTTP API V2 protocol, which supports the pushing and pulling of container images.

Having a solid, common distribution specification paired with conformance testing will ensure interoperability throughout the cloud native and container ecosystem. The Docker Registry HTTP API V2 protocol has become a defacto standard across implementations of container registries and will serve as the specification for the new distribution-spec OCI project.

“With the booming development in container and cloud native technologies, the community needs a reliable industry standard for distribution to allow for increased interoperability along with a neutral home to evolve the specification,” said Chris Aniszczyk, Executive Director of OCI. “OCI contributors and maintainers have been hard at work to collaboratively drive the adoption of specifications for the container standards community and will start the journey for container distribution.”

The release of this project is the result of extensive work from key maintainers Derek McGowan, Stephen Day and Vincent Batts, with backing from more than hundreds of OCI contributors and organizations committed to container standardization.

Comments from OCI Members

“Docker’s contribution of the Docker Registry V2 specification aligns with our history of making key open source projects available to the community,” said Michael Crosby, Docker engineer and maintainer and chairman of the OCI Technical Oversight Board (TOB). “As with the runtime and image specification, Docker’s registry protocol has become a defacto standard with over 40 billion images pulled using this protocol. We are excited by the support that the distribution spec project is getting from the members of the community and we know their backing of resources will fuel the growth of this collaborative project and evolve the specification to provide the underpinning of all container registries on the market.”

“Now that the OCI image and runtime specifications have reached v1.0, it is time to collaborate on developing the OCI specification for distributing those images” said Vincent Batts, principal software engineer, Office of the CTO, Red Hat. “Building on existing industry experience and contributions from the community, we look forward to a distribution standard to complement our ability to create and launch standard OCI images.”

“We are happy to see the community working together to define a container image distribution standard, and AWS is excited to participate actively in these discussions to represent our customers. While ECR supports the Docker Registry v2 today, we believe that working toward open standards will help maintain interoperability between specifications while supporting customers adopting containers and overall ecosystem growth,” said Deepak Singh, Director, Compute Services, AWS.

“As production use of containers increases, our customers need to rely on consistent distribution and provenance. Google Cloud is pleased to see the industry coalescing around the OCI specifications including the newest Distribution Specification. As these specifications continue to evolve, we look forward to evaluating them to determine how they can be applied to Google technology and better serve our customers,” said Sarah Novotny, Open Source Strategy Lead, Google Cloud.

“We believe that customers should not worry about choosing a container technology for its portability, which is the primary goal of establishing OCI – to create industry-wide container standards. Thanks to the OCI, customers can consume different container engines based upon different scenarios on Huawei Cloud. The standardization of container distribution will build a better ecosystem around containers, and make both Huawei and customers more confident about offering and having more choices on container technologies,” said Xiaoli Jiang, General Manager of Cloud Open Source Ecosystem, Huawei.

“IBM is proud to have been a founder, contributor and early adopter of OCI’s standardization work for our enterprise-grade Cloud Container Service,” said Todd Moore, VP of Open Technology, Digital Business Group at IBM. “The creation of the Distribution Specification project is the next logical step in standardizing open container technologies that offer the cloud native ecosystem a unified industry approach. Our clients trust IBM to help them ensure freedom of choice throughout their entire container management life-cycle.”

“With the distribution specification joining the Open Container Initiative all three core components of containers – runtime, image format and distribution – are on the path to standardization, ensuring continued interoperability across the ecosystem. The Azure Container Registry was implemented using the open source Docker Registry v2, which now serves as a foundation for the OCI distribution spec,” said Taylor Brown, Principal Lead Program Manager, Cloud and AI, Microsoft.

“The delivery of container images is an important aspect of the container ecosystem and flow. SUSE is glad that OCI is now driving the distribution standard, and we’re excited to help further extend the proposed specification alongside the rest of the OCI community” said Alan Clark, Director of Industry Initiatives, Emerging Standards and Open Source at SUSE.

“Defining common standards for containers is incredibly important for our enterprise customers, many of whom use them to move HPC workloads to the cloud so they can repeatedly deliver a consistent application or service implementation. The OCI distribution specification demonstrates a new level of maturity in the container ecosystem, and will help ensure interoperability and protect our customers’ technology investments,” said Rob Lalonde, Univa Vice President and General Manager, Navops.

More information about the OCI Distribution Specification project can be found at https://github.com/opencontainers/distribution-spec.

About the Open Container Initiative (OCI)

The Open Container Initiative is an open governance structure for the express purpose of creating open industry standards around container formats and runtime. Projects associated to the Open Container Initiative can be found at https://github.com/opencontainers. Learn more about joining the OCI community here: https://www.opencontainers.org/community

The Open Container Initiative is a Collaborative Project at The Linux Foundation. Linux Foundation Collaborative Projects are independently funded software projects that harness the power of collaborative development to fuel innovation across industries and ecosystems. www.linuxfoundation.org

Additional Resources

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

 

Media Contact

Kristen Evans

The Linux Foundation

kevans@linuxfoundation.org