Container networking and storage is hella-complicated. Check out this conversation with Usha Ramachandran, Richard Seroter, and myself on the topic, including a discussion of why it’s so complicated and how Cloud Foundry addresses the problems.
With DockerCon this week, there’s no end of Docker quotables and items. Here’s my collection
Once landed in an account, Docker usage grows their CEO says:
There has also been expansion within customers, with organizations that start with Docker expanding their usage on average by five times within six months
Way back in 2015, the (now annual?) DataDog study of Docker usage among their customers said that 2/3 of companies that try Docker adopt it. Which is all to say: once it gets in, it spreads.
A toolkit for putting together docker stacks:
In essence, Moby is the build system that creates Docker Community Edition, which is akin to Fedora, and Docker Enterprise is derived from Moby and is akin to Red Hat Enterprise Linux. Link
People got all freaked out. I’d even say “freaked the fuck out.” Competitors, of course, gloated, if only in silence. Criticism of handling the announcement aside (ideally, you wouldn’t like to kick up a stink), I feel like it was more like a tempest in a teapot.
Docker momentum/penetration and types of applications/workloads
Global 2000 customers have somewhere on the order of thousands to tens of thousands of applications, and across these major firms, less than 5 percent of the applications have been containerized so far. While somewhere between 5 percent and 10 percent of the applications that are being containerized are net-new, microservices-style applications that everyone is talking about all the time, the other 90 percent to 95 percent are just lifting and shifting legacy applications from bare metal or virtual machines to containers. Link
VMware threat…or just legacy gobbling?
Docker bounces back and forth between “replacement for VMware” and “a different thing, so don’t worry about VMware.” In this round of Docker news, there’s been some strong pull towards the “replacement for VMware” camp. To be fair, it’s more like doing both:
In general, says Johnston, customers who move from bare metal or VMs to Docker containers can provision, scale, and deploy applications up to 75 percent faster, and those moving from bare metal to containers can save 50 percent on compute and those who are moving from VMs will save around 25 percent. Link
This might also come from the obvious move to start gobbling up legacy (more accurately “existing”) applications. Here, Docker had two customer reference:
Northern Trust, a leading international financial services company, experienced deployment times that were 4X faster and noted a 2X improvement in infrastructure utilization
And, Microsoft IT:
Microsoft is not only a partner in this program; their IT organization is also a beta customer. Microsoft IT increased app density 4X with zero impact to performance and were able to reduce their infrastructure costs by a third.
There was also a story of Visa using Docker:
Kocherlakota said Visa is aiming to move as many workloads at it can to the container model to help improve overall efficiency.
Other tech companies are often cautious about working with Docker. They’re not really certain about how it helps or threatens their position in the IT stack and, therefore, their ability to sell higher profit margin products and services. No one wants to become the x86 manufacturer of the cloud (read: low margin, commodity).
I’ve noticed this cautiousness slightly melting as more and more vendors are at least putting their stuff in Docker images and, on the public cloud front, supporting the use of Docker. My company, Pivotal, ingests Docker images.
A brief whack at why Microsoft cares, from Christopher Tozzi:
Although there remains work to do to get Docker on Windows ready for prime time, the platform will be important in helping Windows Server stay as nimble as Linux environments in hosting the workloads of the future…. Microsoft’s interest in Docker may seem strange. Microsoft already offers traditional virtual machine products, most notably Hyper-V. In some respects, Docker containers compete with virtual machine platforms…. But that’s not necessarily the case. Depending on how they’re used, containers can complement virtual machines, rather than replace them. If you use virtual machines to host the environment in which Docker runs, your Docker environment becomes more scalable and portable than it would be if it ran on bare metal. That’s likely the type of use case Microsoft envisions for containers on Windows.
More from Nick Martin on Microsoft and Docker.
Oracle becomes the latest enterprise IT vendor to jump on the Docker container bandwagon as it seeks to expand its reach in the public cloud market. Among the container-based application, middleware and development tools made available on the container platform are Oracle’s MySQL database and its WebLogic server. Those tools are in addition to the more than 100 images of Oracle products already available on Docker Hub, its cloud-based image registry.
So, what’s going on here? Staking a claim on The New Stack
I’m often asked to explain all the various cloud stacks, to help Pivotal buyers sort out what CaaS, PaaS, cloud-native, and “cloud strategy” means. They’re trying to figure out their planning for building out new IT, for “doing DevOps.” It’s a mess out there w/r/t to figuring all this out if you’re not a vendor or analyst who’s steeped in this shoggoth every day.
In all the Docker, container, and cloud-native wars, the revenue battle for vendors is mostly about two things:
- The pool of money in simply migrating the VMware workload to a new, more efficient layer, hence the ongoing attention to “the VMware threat” that Docker poses). I’m not sure how big this market is because, as a disruptive shift (cf. Linux vs. UNIX vs. Windows vs. z) part of it is reducing the overall spend through lower prices and more efficient usage. But, the existing virtualization market is best described as “fucking huge.”
- Fighting over who “owns” (and therefore collects the most profit from) the stack that companies are using to build and run their software. By my estimate, this is something like around a $20-25bn market in the future. You can see a Spanish Civil War like precursor going on in the Java application server market; it’s spreading to a “World War” with respect to all custom software stacks.
On that second point, here’s my latest attempt to describe how things are shaking out category/definition wise:
Of all the SPI cloud categories, PaaS is the most problematic place as all us vendors hate the PaaS term and are trying to re-define what it means. I would break PaaS into two categories currently: (1.) container orchestration, and, (2.) cloud platform.
Container orchestration takes an IaaS and manages the installation and configuration of container images on your new cloud. By “images” here, I mean that you’ve chosen to put your software (probably custom written software, not packaged software) into containers (or the delegated way we do it with buildpacks in CF), specified how all the different nodes are wired together with all the ACLs and configuration, and then given it over to the orchestration software to deploy those containers, set the configuration, and do the ongoing health-checks/remediation.
Ideally, the orchestration platform should also have “day 2” tools to help you monitor and manager (“fix”) problems that happen in production. I assume things like kubernetes, the Docker/Moby constellation of things, Mesosphere, etc. fit here.
People are obsessed with container orchestration now and it’s pretty much all anyone talks about. I think all this is what’s becoming known as “CaaS” – Containers as a Service.
(On this next section, I’m extremely monetarily biased, of course:) A cloud platform either has or depends on an orchestration layer, but adds in integrated middle-ware, ALM tools (from basics like “cf push”, and an overall programming and deployment model with all the tools and enforcements. Heroku is the classic example here in public cloud, and now Cloud Foundry (CF) has taken over this model in public and private cloud, the second (it seems) where most of the usage and money is, at least in the enterprise space. I’d argue, that CF is the enterprise market-leader (by revenue at least, but increasingly penetration in the F500 – while Pivotal has impressive numbers, throw in the other CF distros and it’s even larger, no doubt); at the very least, “the highest growth and in enterprise production usage.” That all depends how you slice it, and of course my slicing favors me.
A cloud platform “pulls together” everything into a fully working “cloud” that deploy and provisions the servers, builds/maintains/deploys the containers, takes care of your networking configuration and concerns (inc. firewalls, etc.), and configs/manages all the middleware needed (e.g. “I want a database” means you just ask for it, instead of having to configure it and make container images of it and specify how it all works together).
The end goal of a cloud platform is the original end-goal of a PaaS: developers don’t have to “setup” any of the infrastructure or, really, middleware (databases, queues, etc.) that they use: they just write the “business logic” of their applications.
All this standardization is technically “restrictive” (developers can’t just install anything they download off the Internet, it has to be integrated into the platform). This is why we often call this model “opinionated,” but it follows the same contract/promises model that Google SREs follow: we promise we can support your applications in production if you use only the things we support, otherwise it’s all on you.
However, the benefit of such opinions is a huge jump in productivity as we see at all our customers: one Pivotal customer manages 1,000+ applications (all angles toward very frequent, DevOps-style releases for fast feedback loops and all that small batch stuff) with just 4 PCF operations staff, etc.
Our DIY white paper makes the case that snow-flaking this all out is a bad idea. At the very least, if you build your own platform, you should try to just have one used organization wide.
In comparing CaaS and cloud platform, the key distinction to me is that a cloud platform bundles and integrates together all your middleware and “services” frameworks. For example, if you want to do microservices with all the bulk-heads and such, that functionality should be built into the cloud platform – you should have to go read-up how to set most of that up. PCF, of course, has Spring Cloud and more for that. All of the systems management tools (thing used in production to detect and fix problems) should also be built in, or the cloud platform should be instrumented so deeply that third party tools can do the managing as well.
Now, these two categories are likely to converge, and then the discussion will just be which cloud platforms are more featureful and better. It’ll be like battling Java application servers.
I haven’t made one of my own “burger” stacks of all this in a long time, but I think (again, highly biased) the ones we use for PCF are pretty good:
- A simple, cartoon one.
- More detailed stack, emphasizing “the value line,” i.e., “all things below this line have no differentiating business value and you should therefore buy instead of build them.”
- A pretty good, fancy-pants one.
- Some general analysis of Docker being used for mixed workloads and “hybrid cloud,” from Rhett Dillingham at Moor Insights & Strategy.
- As a reminder, 451’s container market-sizing: Container market to be $2.7B by 2020, from $762m in 2016.
- And, Microsoft’s purchase of Deis recently is another good example of stuff going on in this space.
In case you don’t know, working at Pivotal, I obviously have a stake in how all this turns out, so I’m biased on multiple angles of the above whether I want to be or not.
A round-up of the news and some context around Microsoft burrowing down further into Kubernetes-land by acquiring Deis:
The deal & market
- Microsoft: “Deis gives developers the means to vastly improve application agility, efficiency and reliability through their Kubernetes container management technologies…. We expect Deis’ technology to make it even easier for customers to work with our existing container portfolio including Linux and Windows Server Containers, Hyper-V Containers and Azure Container Service, no matter what tools they choose to use.”
- Deis: “We look forward to making Azure the best place to run containerized workloads.”
- Deis is/was part of EngineYard, right? – Notable that EngineYard (on April 10th, 2017, day of announcement) doesn’t mention it on their blog, or press release list. And that Deis and Microsoft don’t really either. See 451’s Jay Lyman’s coverage of that deal in 2015.
- No deal-size was disclosed, of course, but Deis was small and I’m guessing it didn’t fit into EngineYard’s overall strategy, or what (little?) cash they got was a nice to have versus synergies of keeping Deis.
- Containers are rising in usage, as 451’s Donnie said: “Our latest data says production use of containers has doubled from 10.2% to 22.5% of orgs between Q1 and Q3 2015. Amazing.”
- 451’s January 2016 container market TAMs and forecast:
The technology: not so much PaaS anymore, but Kubernetes management
- Jan 2016 diagram of the Deis stack, above – so, pretty much a “cloud platform” competitor. Compare to Pivotal’s most recent snazzy-burger.
- “Creator at CTO at Deis”: “Best to think of Deis as a Kubernetes company. We are much more than the PaaS solution many folks know us for.”
- CNCF exec director: “their Workflow product (also open source), is basically the smallest piece of software that lets you run Heroku buildpacks on top of Kubernetes. So, you can get a 12-factor PaaS workflow, and still have the full Kubernetes API underneath if and when you need it.”
Microsoft likes Kubernetes
- Seems like Microsoft has gone all k8-crazy. So this is adding k8 support and some cloud-native services/middleware (package mgmt, routing, etc.) to Azure?
- Back in July of 2016, Microsoft hired a k8 big-wheel (and other, “small wheels,” I’d assume), so they’re obviously into the thing…or at least the thinking behind the think. This leave, once again, Amazon as the last major cloud hold-out on k8.
- That said, I think Microsoft’s new thing is to like everything that layers on-top, below, or around them. As long as you’re in every deal, you make a lot of money even if you’re not all of every deal. It’s pretty hard, now, of course, to compete with the big clouds.
- Or, put another way: “Satya is like the Pope Francis of software,” says Alex Polvi, founder and CEO of CoreOS, a company that plays in the same area as Deis. “He took this old institution and made it cool again.”
From 451’s report on Google Next:
Google believes that a hybrid architecture will persist in the coming years as enterprises continue to migrate workloads to various clouds. Its hybrid cloud architecture revolves around its virtual private cloud. Google VPC is an instantiation of GCP that can dedicate compute, storage and network resources to an enterprise. It is built upon Google’s proprietary private global network designed for high reliability, low latency and hardened security. Kubernetes acts as the orchestration and operational backplane for hybrid implementations. Elasticity and scale are achieved by linking to Google public cloud services.
It also has many numbers on market-share, SI/channel development, and geographic foot-print.
From Jay Lyman:
Mesosphere says it is adding enterprise customers and building up deal sizes. The company has also grown its number of employees to 200, up from 150 in March. Mesosphere declined to comment, but 451 Research estimates its annual revenue is in the $25m range.”
And, from a recent survey on container usage:
Our Voice of the Enterprise (VotE) Software-Defined Infrastructure, Workloads and Key Projects survey, conducted in April and May, indicates that out of 718 enterprise IT decision-makers polled 23.7% have implemented containers. By comparison, 25.1% have implemented Software-Defined Networking, 26.7% have implemented Software-Defined Storage and 92.9% have implemented server virtualization.
When we’re talking with customers about the value that Puppet brings to them, invariably we talk about the future, and the future in their mind in some ways includes containers. There’s a lot experimentation going on. There’s a lot of Docker work being done and container work being done, Kubernetes work being done on their laptops. The conversations we have with them is how does Puppet help you bring it into production, into mission-critical production? How do you keep it secure? How do you operate it? All of those things that we know how to do and have done with various kinds of infrastructure, whether it was OpenStack, whether it was virtual machines, whether it’s just server configuration. For us, we take the same approach to containers and are evolving our road maps to make sure that customers have the same benefits they’ve have had over the years now with containers or other technology.
From an interview with Puppets CEO, Sanjay Mirchandani.
The wider Cloud Native ecosystem is, however, a very disparate and confused place. We anticipate a significant level of consolidation over the next twelve to eighteen months with some clear winners emerging. The emergence of several opinionated distributions of Kubernetes is hardly a surprise and this space will expand a little further before settling down.
A round-up of all sorts of container stacks, and some advice on what to do:
Therefore, the key lessons learned from this event (from developer’s perspective): Do not focus on developing code for the container under the hood. Care instead about the business logic. Implement your microservices in a vendor agnostic way.
Do not make the same fault as we all did with J2EE / Java EE where all vendors used the same standard specifications, but still offered many vendor-dependent features and “added value” in their specific “standard implementation”. Migration, i.e. deployment to another Java EE application server was a lot of efforts (re-development, testing, …); sometimes a complete re-write was easier and faster.
There’s a lot of fragmentation in container land now. This is what Linux must have felt like back in the late 90s.
Our advice at Pivotal, of course, is to focus on using Spring and other services towards the top of the stack for that layer of lock-in protection.
I keep wanting to write up the recent Cloud Foundry Foundation container survey, mixing it in with other recent container surveys. Yup, “keep wanting to.” Meanwhile, Abby wrote-up a brief overview over in O’Reilly land.
During his talk, Xiong discussed the growing use of containers in China. In 2016, Huawei found that 14 percent of companies were using containers in production, and another 23 percent were using them for test and development. About 44 percent had plans to adopt container technologies within the next six months.
While 14 percent is still fairly low, it is growing rapidly. It is up 250 percent in the past year. “To me, that means the tools are maturing,” Xiong said.
Of those using containers in production, about 42 percent were using a formal orchestration tool, such as Kubernetes, compared to 51 percent who were using scripts and other homebuilt tools.