Amazon's Container Strategy, Examined - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud // Infrastructure as a Service
Commentary
11/17/2014
10:05 AM
Charles Babcock
Charles Babcock
Commentary
Connect Directly
Twitter
RSS
50%
50%

Amazon's Container Strategy, Examined

Amazon believes it can win developers with new AWS Container Service, despite Google's big headstart.

IT's 10 Fastest-Growing Paychecks
IT's 10 Fastest-Growing Paychecks
(Click image for larger view and slideshow.)

Amazon Web Services launched an EC2 Container Service last week at its Re:Invent conference, once again proving that the company can respond to industry needs with a light-footedness that belies its size.

It also illustrates a new battleground in cloud services, one that pits Amazon against Google and Microsoft for developer loyalties. "Developers love containers," said CTO Werner Vogels from the stage at Re:Invent.

Google has been leading the charge, having used containers for its internal systems for a decade. It launches 2 billion containers a week and has offered, as open-source code, the only sophisticated container management system available. Google announced on Nov. 4 that Google Container Engine will help developers deploy Linux containers on App Engine.

Microsoft's response to Linux container popularity has been to recruit Docker to allow Windows applications to run natively in Docker containers. I'm not sure a Docker container for Windows will work exactly the same way that it does for Linux. Windows doesn't have the same modular structure that Linux does, but Microsoft says it'll make it work.

[Want to learn more about what Amazon revealed at Re:Invent? See Amazon Cloud: 10 New Insights.]

Amazon has refused to ignore the container hit parade or let it pass by unnoticed. In the past, it concentrated on providing core infrastructure services, moving up to background systems such as Relational Database System, Elastic Map Reduce, and Elastic Load Balancer. It's left it to third parties, such as Engine Yard or Heroku, to build out the development tools, platform, and supporting plumbing. At Re:Invent, Amazon changed that stance and plunged into the midst of developers' deployment concerns with the EC2 Container Service.

(Source: Amazon)
(Source: Amazon)

Amazon's container service, however, will not run containers where they run best, natively on a bare-metal machine. It will run customers' containerized workloads inside Amazon's version of a Xen virtual machine, so they'll lose some of the efficiencies associated with large-scale container use. Each virtual machine has its own operating system. Sans virtual machine, many containers are designed to run alongside each other under the host's operating system.

In contrast, Google's operations speed is based in part on running hundreds or thousands of containers together, natively on bare-metal servers with no virtual machine layer. But that's strictly for its own systems. When it comes to running customers' containerized workloads, Google App Engine runs them inside a virtual machine, using the KVM hypervisor. The virtual machine provides a necessary boundary from the next customer's containerized workload.

"All the cloud providers at this time run containers inside a virtual machine," said Alex Polvi, CEO of CoreOS, which produces the slimmed-down CoreOS version of Linux expressly for running containers.

That will eventually change as we learn more about the characteristics of isolation at the operating system level. The great wave of virtualization that's swept over enterprise data centers, led by VMware, has been based on workload isolation at the hardware level -- a hypervisor lifts the workload off the hardware and lets it move around, talking to the hardware where it lands through the hypervisor. Right now, container isolation as we know it poses too many risks of one workload inadvertently (or otherwise) glimpsing data or communications of another. In effect, containers are moving parts in the server memory, now occupying this address space and now that. They operate in a dynamically altering landscape. It would be about as easy for the human brain to manage this landscape as for the eye to maintain boundaries in a turning kaleidoscope.

That containers effectively maintain isolation is a tribute to their design and the abilities of the operating system. Will this process work in all circumstances, including when a knowledgeable intruder wishes to introduce malicious code to disrupt it? No one has come up with a definitive answer to that yet, and Docker itself cautions against running multiple containers that are of a sensitive nature in production. Someday, the answer is likely to be yes, and a fuller realization of container efficiencies will result. For now, every cloud relies on the hard, logical boundaries of a virtual machine.

But containers give developers a way to hand off their work from the coding table to the test and quality assurance lab. It gives them a way to move the fully tested system out of the data center where it was developed into a different one, with a high degree of probability that it will run there. It gives them the means to troubleshoot one part of a workload without disrupting others; they can modify one layer in the container. And if the new configuration doesn't work, a container management system can roll back changes to a version that's known to work. All of these things mean developers will have more time to focus on new code and spend less time on just getting things running.

Google Container Engine, which observers believe is based on Kubernetes open-source code, can do these things. So can Amazon EC2 Container Service, Vogels said onstage at Re:Invent.

CoreOS's Polvi believes that Google Container Engine will resemble OpenStack, with a large number of companies and contributors collaborating on developing it and, in the long run, many different services relying on it. Amazon's EC2 Container Service, on the other hand, is an Amazon product, and its source code, like most of Amazon's systems, will remain as a private domain. CoreOS, by the way, is supported on Amazon's EC2, and Docker containers are currently running under it there.

Sebastian Stadil, CEO of Scalr, a cloud front-end management firm, believes Google has too much knowledge and too much of a lead on Amazon for the latter to catch up overnight. Both Amazon EC2 Container Service and Google Container Engine can receive and schedule a container workload on a host, assigning the CPU, memory, and storage appropriate to the workload, he said. But Google is capable of doing more after that, in monitoring the container cluster and managing it for the benefit of the workload.

"It feels like Amazon rushed EC2 Container Service out the door in time for Re:Invent," Stadil said. "Until Amazon adds more cluster management, it will be inferior to Kubernetes" and Google Container Engine, he said.

Amazon's quick enlistment in containerization "is good for the Amazon ecosystem," said Michael Crandell, CEO of Rightscale, but it's too early to know whether a Google, Amazon, or Microsoft will be an ultimate beneficiary via their approach to Docker users.

"They all want to get at developers," and building automated systems in the cloud that recognize containers is now an important way of doing that, Crandell said. But containers don't address other cloud management issues, such as capture and analysis of server log files, monitoring application performance, or rightsizing the network around the workload.

But each provider's desire to maintain developer interest in its services is laying the groundwork for greater cloud interoperation in the long run. If each cloud recognizes what to do with Docker containers when they arrive, it matters less that there's no smooth path between that cloud and its chief competitor. The incompatible virtual machine formats that now mark cloud operations can fade into the background if Docker is accepted as a standard way to ship software between destinations, with a high frequency of success upon launch.

These conditions haven't existed in outsourcing environments of the past or in multi-tenant cloud services of the present. Amazon's quick plunge into container management says containers are here to stay, even if they must, for the time being, be isolated in virtual machines. Containers are leveling the playing field in a new way and empowering developers to view the cloud as their alternative data center -- and perhaps, someday soon, their main data center.

Our latest survey shows growing demand, fixed budgets, and good reason resellers and vendors must fight to remain relevant. One thing's for sure: The data center is poised for a wild ride, and no one wants to be left behind. Get the Research: 2014 State Of The Data Center report today. (Free registration required.)

Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
11/20/2014 | 9:03:31 AM
Re: Limited options for containers in the cloud today
Brian, Fair enough statement to make here. we (it departments)are going to haveto do a lot more trial and error to see how things r going here and what works for us and what doesn't. That much is pretty obvious here! Experience is the ultimate teacher.
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
11/20/2014 | 8:59:33 AM
Re: A good reason to move to AWS... or Compute Engine
Charlie, Fair enough statement to make.bottomline is we want stuff that works well enough for our diverse needs in IT Today.what may work well right now may not quite cut it next month. our infrastructure as well as our containers have to evolve accordingly. Its good to see the big two contine to work hard to innovate and deliver a solution that meets customer requirements in most cases.
Brian Bartlett
100%
0%
Brian Bartlett,
User Rank: Strategist
11/20/2014 | 1:10:35 AM
Re: Limited options for containers in the cloud today
The reference to the sidelines was actually monitoring Docker on GitHub. I can remember heady days such as they are having. ('Awesome', 'Cool', 'Righteous' come to mind which definitely dates me.) The virtualization platforms are nice in all but are proprietary no matter which angle you look at them, thus you have API surfaces exposed that have to be translated from one provider to another. There isn't even 'real' compatability even in one stack within an overarching stack such as OpenStack. All those moving bits tend to claim just a bit more mindshare than a slightly different (corporate controlled variant) stack.

Docker seems to erase even more of the attention to externalities required than previous VM iterations. Having used virtualization since the 1970's, and having it a required feature in my labs, I like to think I have a clue about how things are going. I like where Docker is going. Service Oriented Architecture, near universal API's around your services, controllable-actionable object orientation, all that good stuff that's promised by never happens.

And, oh yes, Amazon gets my vote, for now. Given CoreOS as a baseline, that'll do for now. I'll reserve judgement on the rest until I can throw something at the wall and see if it sticks.
Charlie Babcock
100%
0%
Charlie Babcock,
User Rank: Author
11/19/2014 | 3:32:39 PM
A good reason to move to AWS... or Compute Engine
Yes, Ashish, AWS Container Service is a good reason to move to Amazon, just as Google Container Engine announced Nov. 4 is a good reason to move to Compute Engine or App Engine. If Container Engine tracks the Kubernetes project, and I expect it will, then Container Engine may have an edge in deploying sets of containers with different designated characteristics. I think Kubernetes developers are thinking, not in terms of deploying one container, but sets of containers with certain characteristics intended to work together. Container management is about to be come a rapdily moving field.
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
11/19/2014 | 11:37:51 AM
Re: Amazon amplifiexs explanation of what EC2 Container Service can do
Charlie,

That seems like an enormous reason to transistion to Amazon don't you think so?

Especially if the Transistion can be done smoothly and with Minimal Fuss ;I for one am game for it.

Regards

Ashish.
Ashu001
100%
0%
Ashu001,
User Rank: Ninja
11/19/2014 | 11:35:18 AM
Re: Limited options for containers in the cloud today
Lorna,

I don't think OS Companies will end up breaking their OSes to make them more container friendly.

Tweaking sure;after all Virtualization is way-way more than a Buzzword in Most Enterprises today.

But Breaking it ,Nope I don't think so.

Too much Coding time would be required and what would you do with all that Infrastructure that is already sunk in place to maintain the existing system?

Regards

Ashish.
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
11/19/2014 | 11:30:28 AM
Re: Docker as translator/helper
Laurianne,

Absolutely fair statement to make!

Most Consumers want flexibility of the highest Degree in the Cloud.They should feel if they are unhappy with the solution they are using (maybe not today but 3 years down the line);they should be able to change easily,quickly and efficently with Minimum Fuss.

The Whole transistion process should not become an endless Circus or Jumping through Hoops business to get the Job done.

The way I look at it(from a Developers point of view);That is super-critical here.

Regards

Ashish.
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
11/19/2014 | 11:17:21 AM
Re: Limited options for containers in the cloud today
Brian,

Eventually most Consumers will have to make a decision(standing by on the sidelines can be useful for only a while).

I personally think Amazon's solution is a Good option to work with;especially given their Scale and history of delivering Great Quality Products at Good Prices to consumers.

Regards

Ashish.
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
11/18/2014 | 1:44:38 PM
Amazon amplifiexs explanation of what EC2 Container Service can do
An Amazon Web Services spokesman issued the following clarifying comment after this column was posted: "With other container management solutions on EC2 you need to run cluster and configuration management software, manage their scaling and availability and plan for the kind of resources you will need for those.  With Amazon EC2 Container Service, you can launch as many clusters as you like at any scale without the need to run any cluster or configuration management software."
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
11/17/2014 | 4:15:55 PM
Re: Limited options for containers in the cloud today
Charlie, Do you see any work being done to make server OSes more "container friendly" -- IOW, are OS makers working to tweak their software to accommodate containers, in hopes of cutting out the VM altogether?
Page 1 / 2   >   >>
Commentary
Will AI and Machine Learning Break Cloud Architectures?
Lisa Morgan, Freelance Writer,  6/10/2019
Slideshows
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
Commentary
Humans' Fascination with Artificial General Intelligence
Guest Commentary, Guest Commentary,  6/6/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Slideshows
Flash Poll