Cloud // Platform as a Service
News
7/1/2014
11:05 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

What Docker Needs From PaaS: Apprenda's Take

Enterprise platform-as-a-service provider discusses Docker's role in a future, developer-driven, Linux-container world.

Cloud Contracts: 8 Questions To Ask
Cloud Contracts: 8 Questions To Ask
(Click image for larger view and slideshow.)

Many observers see the emergence of Docker's container format as disruptive to virtual machine systems. That will be true in some cases; others, not so much. But Docker is also likely to disrupt platform-as-a-service, says Rakesh Malhotra, VP of product at enterprise PaaS vendor Apprenda.

Malhotra has his eye on Docker developments, even though Apprenda is a Microsoft partner and the main PaaS system with built-in Windows and .Net compatibility. In April, Microsoft began hosting Apprenda on its Azure cloud service and linking to enterprise Apprenda users, even though Azure, in its first iteration, was also PaaS and continues to compete with Apprenda. Malhotra is the former product manager for Virtual Machine Manager in Microsoft Systems Center; he spent 10 years as a software executive inside Microsoft.

That makes it all the more impressive that Apprenda has decided to support Docker in a release that will be out before the end of the year. There is no direct equivalent to Linux containers in Windows, so of course Docker doesn't run directly on Windows Server, although Malhotra says Windows APIs can be used to do some container-like things. Apprenda serves Java developers as well, and many Java apps are built to run under Linux.

Apprenda itself has been using Docker "for several months" because Malhotra recognizes that developers like what can be accomplished with it and it's likely to be part of developers' outlook in the future. The developer "momentum and excitement around containers is very real," he tells us.

[Are you getting what you expect from your cloud investment? See Cloud ROI: 4 Critical Considerations.]

Virtual machine systems are a tool of IT governance. They come from IT and are good for managing datacenter resources. Developers, however, don't need IT to put their finished code into a Docker container, and that means they can finish their workloads for various runtime scenarios without further intervention by IT.

"Why do developers flock to Docker?" asked Malhotra, then answered his own question: "It's empowering. Instead of meeting with IT for servers and a software stack to run their application, you put it in a container. Developers like to get things done quickly. They're not interested in meetings and other bureaucracy."

Docker changes in some ways the things that developers do, and Apprenda can ease the difficulty of those changes on its PaaS system.

Some existing PaaS systems apply their own packaging and workload preparation as part of the final steps of producing an application on them, Malhotra notes. If they do, it will collide with the strict file format that Docker wants to impose. Apprenda does not do the packaging step. With the future release of Apprenda, Java developers will be able to turn their code over to Docker at the finish line to get a containerized version, capable of being deployed into various clouds or enterprise environments, without further IT or developer configuration.

(Source: Wikimedia Commons)

A container-sensitive PaaS can also play a role in helping either the developers or the target operations group decide how much efficiency they want versus how much isolation and security they need. Linux containers are closer to a bare-metal way of running applications because they don't each require their own version of an operating system; they use the host's. But they're still believed to be less secure than virtual machines.

In the future, a PaaS system will have "a sliding scale" of efficiency versus security, and where the workload falls on that scale will determine whether it will be finished as a container system or a virtual machine, says Malhotra. Because there are fewer barriers between them, an active malicious agent on the same container host might be able to play havoc with other containers. Virtual machines are more severely cordoned off.

"Even the folks at Docker have been good about not over-promising on security. The only thing worse than no security is the illusion of security."

At the same time, containers do away with the overhead associated with virtual machines. They not only don't need a copy of the operating system, they use only the memory they need, as opposed to being overprovisioned for comfortable operation. Because of that, they boot quickly and can be concentrated in the hundreds on four-way x86 servers. Joyent CTO Bryan Cantrill reports running 800 and "could run thousands" at a time.

Containers do other things as well, not all of them efficient in light of the way developers are used to doing things. "There'll be trade-offs," he warns.

For example, if a container connects to multiple services and applications outside itself, a developer may find that shutting one of the services -- say, a database server -- and changing its IP address can jeopardize how the workload will run. The layers of software images in containers want to think of the IP address as immutable, and a whole series of connections may be misaligned if it changes.

What's needed, says Malhotra, re-inserting the possible future role of PaaS into the discussion, is an outside service, like the DNS system on the Internet. The Domain Name System lets the physical location of a website change, but its address remains the same to users. PaaS can do that for containers, and Apprenda hopes to do it for many Docker users in the future.

Private clouds are moving rapidly from concept to production. But some fears about expertise and integration still linger. Also in the Private Clouds Step Up issue of InformationWeek: The public cloud and the steam engine have more in common than you might think. (Free registration required.) 

Charles Babcock is an editor-at-large for InformationWeek, having joined the publication in 2003. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive Week. He is a graduate of Syracuse ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
sschuller
50%
50%
sschuller,
User Rank: Apprentice
7/6/2014 | 9:26:22 AM
Re: Microsoft friendly means no containers, doesn't it?
Li & Laurianne,

Apprenda is PaaS software - not a PaaS. That means we can take a bunch of operating system instances and turn it into a PaaS on the fly. Those operating system instances could be sitting behind the firewall in a customer's datacenter, or can come from public clouds like Azure, or both. When I say both, I mean that a large enterprise can build a private PaaS (using resources from their own datacenters) and then incorporate resources from Azure or any other public IaaS to create a federated, hybrid PaaS instance.

The reason I go into this level of detail is that we didn't "chose" Azure in the sense that you describe. We partnered with Microsoft to create a special solution to deliver a turn-key instance of a hybrid PaaS to customers that want it. Additionally, we have some interesting integrations with things like System Center for managing Apprenda on-premises. Our customers can choose to build a hybrid PaaS using any IaaS provider, including AWS.

 

I hope this clears things up.
Li Tan
50%
50%
Li Tan,
User Rank: Ninja
7/2/2014 | 9:48:07 AM
Re: Microsoft friendly means no containers, doesn't it?
@Laurianne, here I would like to echo you -  frankly speaking I did not see clear points why Apprenda chose Azure? Is it just because Azure is PaaS like Google AppEngine? There must be something more behind but simply I am not able to tell.
Laurianne
50%
50%
Laurianne,
User Rank: Author
7/1/2014 | 3:09:08 PM
Re: Microsoft friendly means no containers, doesn't it?
Interesting context and it makes me wonder: Why did Apprenda choose Azure? What is the advantage, Charlie?
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
7/1/2014 | 12:38:37 PM
Microsoft friendly means no containers, doesn't it?
How can Apprenda, known for being the Microsoft friendly PaaS for the enterprise, plan to play a role in containerization, a strictly Unix/Linux construct? "We see ourselves as supplying the application server for the cloud," said Rakesh during the interview. That is PaaS is just about developing in the cloud and deploying in the cloud. It's the package of things that allows the application to run in the cloud, with all its dependencies. With that attitude, it's shifting its attention to containers and how its system can work with them..                                                                        
Google in the Enterprise Survey
Google in the Enterprise Survey
There's no doubt Google has made headway into businesses: Just 28 percent discourage or ban use of its productivity ­products, and 69 percent cite Google Apps' good or excellent ­mobility. But progress could still stall: 59 percent of nonusers ­distrust the security of Google's cloud. Its data privacy is an open question, and 37 percent worry about integration.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.