All Posts By

Open Container Initiative

PouchContainer: How OCI Specifications Power Alibaba

By | Blog

By Allen Sun, Alibaba Group

PouchContainer is an open source container project created by Alibaba Group to be enterprise ready and promote OCI container standards. The project is a fundamental piece of software in Alibaba’s infrastructure, it helps process transactions smoothly on millions of containers.

To become a general container engine for every scenario in production, PouchContainer seeks ways to support several OCI-compatible container runtimes. This action makes container service totally out of box:

* runc: container runtime based on Linux cgroups and namespaces;
* katacontainers: container runtime based on hypervisor; and
* runlxc: container runtime based on LXC especially on legacy kernels.

Architecture Based on OCI and Open Source Components


Three OCI-compatible runtimes are listed in the middle right part of architecture.

Features

PouchContainer’s most important features are:

  • Rich container: Besides the common ways of running container, PouchContainer includes a rich container mode, which integrates more services, hooks, and many others container internals to guarantee containers running like usual.
  • Strong isolation: PouchContainer is designed to be secure by default. It includes lots of security features, like hypervisor-based container technology, lxcfs, directory disk quota, patched Linux kernel and so on.
  • P2P distribution: PouchContainer utilizes Dragonfly, a P2P-based distribution system, to achieve lightning-fast container image distribution.
  • Kernel compatibility: Enables OCI-compatible runtimes to work on old kernel versions, like linux kernel 2.6.32+.
  • Standard compatibility: PouchContainer keeps embracing container ecosystem to support industry specifications such as CNI, CSI and so on.
  • Kubernetes Native: PouchContainer has natively implemented Kubernetes Container Runtime Interface (CRI).

Learn more about PouchContainer

PouchContainer brings many additional features to end-users. Want to learn more? Please visit the PouchContainer GitHub, where the PouchContainer community is currently busy preparing the 1.0.0 GA release.

OCI Member Spotlight: Kontena

By | Blog

The OCI community is comprised of a diverse set of member organizations that are committed to creating open industry standards around a container image format and runtime. This blog series highlights OCI members and their contributions to building an open, portable and vendor neutral specification.

Name: Miska Kaipiainen
Title: Founder & CEO
Company: Kontena, Inc.

Why did you join OCI?
We see OCI as the most important organization in the container ecosystem driving vendor neutrality, standardization and making this amazing technology accessible globally. Just like many other companies working with containers, we are strong believers in open source, open APIs and open ecosystems in general. We joined OCI to contribute to its mission which helps us and everyone else in this industry to be successful.

How is your organization involved in OCI?
We plan to take an active role in collaboratively on improving OCI specifications, tooling and look forward to being more engaged with other members.

What are the aspects of the runtime spec and/or image format spec that you are looking forward to most for your company?
We enjoy vendor neutrality and collaboration for developing container runtimes that are based on open standards.

How do you plan to use the runtime spec and/or image format spec?
We want to incorporate and support the runtime spec in our Kontena Platform open source project, via runC. Soon, we also plan to support the image spec in our own hosted image registry service.

How will these specifications help your business?
These specifications will provide our users with the confidence to get started with containers while having the promise of no vendor lock-in. In addition, these specifications have stabilized some of the core technology components we use.

How do you anticipate OCI changing the container technology landscape?
OCI has already shown its ability to create solid standards and specifications for an industry that’s moving at the speed of light. This community’s work has already produced amazing results through increased interoperability, recognition and adoption. However, there are still so many things we can accomplish with collaboration to help ensure open standards, interoperability and vendor neutrality.

What do you believe the benefits of using a runtime and image spec based on the OCI standard are for hosting providers? For small ISVs, application developers? For end users?
The benefit of using a runtime and image spec based on OCI is the ability to develop and package once, distribute, deploy and run anywhere. We predict that more vendors will be bringing out runtimes that do their own magic to benefit their specific end users. We’ve always been believers in this market not being a “one solution for all” type of situation, as there are a multitude of users, use cases and needs that no one solution can single handedly meet. Open APIs and standards will enable more vendors to build meaningful solutions that will then benefit the end user with more choice and less lock-in through easier interchangeability of components.

What advice would you give to someone considering joining OCI?
Get on-board and help shape the industry from the inside rather than staying out!

OCI Member Spotlight: InfoSiftr

By | Blog

The OCI community is comprised of a diverse set of member companies that are committed to creating open industry standards around a container image format and runtime. This blog series highlights OCI members and their contributions to building an open, portable and vendor neutral specification.  

Name: Tianon Gravi
Title: SVP of Operations
Company: InfoSiftr

Why did you join OCI and how is your organization involved?
The Open Container Initiative (OCI) is a critical open source organization helping ensure compatibility and interoperability for the basic components of containers. We believe in the mission of the OCI and, as contributors and maintainers in the container ecosystem, will continue to lend expertise and effort to further the group’s goals. On an individual level, I have been involved since the foundation of OCI and am a member of the OCI’s Technical Developer Community (TDC), having worked on the container runtime specifications since the foundation of the OCI.

What are the aspects of the the runtime spec and/or image format spec that you are looking forward to most for your company?
By encouraging standardization and interoperability, the specs help enable differentiation further up the stack, where it benefits all users.  Additionally, companies can feel safer in adopting containers knowing that at a foundational level, they aren’t locked into any one vendor’s solution (which is all thanks to these low-level standards).

How do you plan to use the runtime spec and/or image format spec?
Any development work we do in the container space will adhere to OCI specifications, and encourage their use and furtherance within the ecosystem.

How will these specifications help your business?
The specifications will help all businesses with an interest in containers, whether they are contributing to the container ecosystem or just consuming container-based technology.  This flexibility helps us in our own day-to-day operations, but also helps our clients as they evaluate and commit to container-based solutions and deployments.

How do you anticipate OCI changing the container technology landscape?  
The OCI’s standards create a “baseline for competition.”  Now that we have an agreed upon foundation, companies can proceed to innovate and compete in more interesting ways.

What do you believe the benefits of using a runtime and image spec based on the OCI standard are for hosting providers?  For small ISVs, application developers? For end users?
If you’re doing anything in technology, it’s useful to adhere to standards. Much of the container ecosystem is still new and evolving, and we’re bound to see changes to technology stacks going forward. Adhering to the specifications set forth by the OCI means we all agree the underlying details of our tooling and products will be compatible and interoperable, whatever higher-level changes may come.

What advice would you give to someone considering joining OCI?
Contributing to the underlying specifications of the container ecosystem is sometimes difficult and involved work, but it can be very rewarding. Joining the OCI is a great way to start doing exactly that: https://www.opencontainers.org/join

 

 

OCI Member Spotlight: EasyStack

By | Blog

The OCI community is comprised of a diverse set of member companies that are committed to creating open industry standards around a container image format and runtime. This blog series highlights OCI members and their contributions to building an open, portable and vendor neutral specification.  

Name: Guohui Liu
Title: Co-founder and CTO
Company: EasyStack

Why did you join OCI?
Trends in cloud native computing are still on the rise. Businesses are evolving faster than ever before as applications require more agile and scalable infrastructure, and container technology is right at the center of it all. Unified standards are imperative for container technology to evolve and develop, with input and participation from the entire ecosystem. We believe the Open Container Initiative (OCI), with its runtime and image format specifications, plays a leading role in actualizing the ability to “package once, run anywhere” for applications.

Openness is a part of EasyStack’s DNA. We believe container technology will fill the gap between traditional IT and cloud native IT. We are among the first to release a converged infrastructure cloud platform featuring both containers and OpenStack cloud, and are looking forward to sharing our rich experiences with enterprise cloud native infrastructure offerings with the global OCI community.

How is your organization involved in OCI?
EasyStack is an active participant in the broader open source community, and we believe it is equally important to contribute to upstream open source projects to help address enterprise customer needs. Today — based on OpenStack, Kubernetes, Docker, Ceph and other open source technologies– EasyStack provides an open, secure, stable, reliable, and high-performance cloud computing capability for 200+ enterprise customers for their cloud infrastructure. As part of OCI, we are sharing our enterprise cloud and application model experience with the upstream community.  

What are the aspects of the runtime spec and/or image format spec that you are looking forward to most for your company?
The runtime spec and image format spec provide container standards, which is very important to both vendors and users. Trends in cloud native are encouraging more and more enterprise users to deploy containers, and many of them are already in production. This means reliability and consistent upgrades are extremely important. Additionally, API compatibility and scalability is imperative, especially in customized enterprise scenarios.

How do you plan to use the runtime spec and/or image format spec?
We leverage OCI v1.0 the runtime spec in our ESContainer Linux already, providing a reliable and stable container runtime. This allows us to focus on the development of true application-oriented orchestration, leveraging additional technologies such as Kubernetes.

How will these specifications help your business?
These specifications provide standardized and reliable image format and runtime specifications, allowing us to better and more efficiently develop ESContainer, shortening the development cycle. With these standards, the infrastructure provided by different vendors is of the same API so this avoids vendor lock-in, which helps our business to reduce risk (as well as costs, which in turn yields higher profits).  

What do you believe the benefits of using a runtime and image spec based on the OCI standard are for hosting providers?  For small ISVs, application developers? For end users?
OCI’s runtime and image format specs help all types of customers. The use of one standardized spec enables container applications to be deployed, run, and updated in a multi-cloud environment (e.g. public cloud, private cloud or community cloud) more quickly and efficiently. This is extremely helpful in today’s hybrid cloud environment and both the hosting providers and the end users will benefit from it.

ISVs and application developers now have standards to follow, which can help reduce the risk of going in the wrong direction while avoiding vendor lock-in as they build container applications.

What advice would you give to someone considering joining OCI?
If you and/or your organization’s vision align with current cloud native trends, just join OCI. Today, it is almost impossible for one company to really dominate one hot technology and at the same time keep it active and advanced. Open technologies have proven successful for rapid development, and OCI is a great example of this. New members to the OCI community can get started quickly with shared resources and support from across the community, in addition to having fun by contributing back.