Rocket Containers: How CoreOS Plans To Challenge Docker - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud // Infrastructure as a Service
01:06 PM
Connect Directly

Rocket Containers: How CoreOS Plans To Challenge Docker

As containers rise in importance for data center innovation, the Rocket project has attracted 50 contributors in its bid against today's de facto option, Docker.

10 Hot Cities For IT Pros In 2015
10 Hot Cities For IT Pros In 2015
(Click image for larger view and slideshow.)

Containers are a hot trend in data center innovation, so we should expect some tough competition among companies looking to cash in on that trend. That competition was on display this week as CoreOS co-founders used the Linux Collaboration Summit as a chance to tout their Rocket open source code project as an alternative to the fast-growing Docker container approach.

CoreOS has attracted 50 developers to the Rocket project since its launch Dec. 1. The project took some flak as proponents of the well-established Docker project criticized the way its organizers made the launch.

The contributions include people from IBM and Google, and developers associated with the Mesos, Cloud Foundry, and Kubernetes projects, said Alex Polvi, co-founder and CEO of CoreOS, in an interview.

CoreOS supplies a lightweight version of Linux for running containers on a host server. Containers let IT launch and run many applications on a single server box, generally doing so more quickly and simply than they can with virtual machines. Red Hat is working on its own container Linux distribution, Atomic Server, due to be announced shortly.

Polvi appeared on a panel about containers on Wednesday, the first day of the Linux Collaboration Summit in Santa Rosa, Calif. Thursday, CoreOS's CTO and co-founder, Brandon Philips, gave a talk, "Rocket and the App Container Specification," giving Rocket a higher profile at the event than Docker, which starred in no sessions.

Yet Docker is by far the leader today. Many Linux developers, kernel process representatives, and container users attending the conference acknowledged that Docker Inc. has established a near de facto standard for Linux containers in less than two years.

[Want to learn more about how a rivalry between Docker and Rocket might play out? See Rocket Vs. Docker Will Come Down To DevOps.]

Rocket's founders contend they can differentiate from Docker on factors such as being more secure, modular, and lightweight. Polvi said CoreOS, as sponsor of the project, is committed to producing a more secure container runtime than Docker and offering a way to build containers that are "composable," meaning they can serve as a component embedded in other systems.

Rocket Will Be Modular, But Not Easier to Use

When Rocket backers announced the project, they said the Docker container formatting system, while highly successful, had branched out to become more of a workflow- and deployment-process-driven project. Docker has many useful tools, but Rocket creators contend developers want something more modular and thus lighter weight.

"Rocket's internals are more modular," said Philips during his summit session. "Its execution will be divided into stages," he said, drawing on a rocket launch metaphor.

Core OS CTO Brandon Philips, at the summit

(Image: Charles Babcock)

Core OS CTO Brandon Philips, at the summit

(Image: Charles Babcock)

In our interview, Polvi said, "We're trying to follow the Unix philosophy. The goal is for a tool to do one job and do it well, so that it's reusable by other tools."

Polvi acknowledged Rocket will not be as easy to use as Docker, which has made building a container a smooth process for most developers through its graphical user interface. Rocket remains a command line tool and will stay that way, Polvi said.

In terms of security, "it’s programming 101 stuff," said Polvi. Rocket developers think the contents of a container should be verified as coming from the expected source and as remaining untampered with, before the package is considered ready to ship. That means "cryptographically verifying the content before adding it to the container." In other words, downloaded code accompanied by a private key should be checked against the registered holder of the key to verify the code came from the party that is assumed to be the source.

Containers share many resources at the heart of a server, including memory, CPU, and storage. The Docker container daemon, which controls background Docker processes without the knowledge of the user, runs with root or administrator status on a server. That means if malicious code is able to get into the container, it sits in a prime place to cause problems.

Polvi claims Philips and other CoreOS developers raised the issue early in the Docker project, but it did not get either accepted or rejected at the time. "We tried to bring it to their attention for a year and half," before launching their own project, Polvi said.

"It's all about prioritization. Ease of use is good for adoption," he said, and security is sometimes a barrier to ease of use.

Philips added his own footnote to the security discussion. With open source and other frequently downloaded code going into containers to help an application do what it needs to do, developers are frequently turning to GitHub and online libraries to retrieve their code.

"We're downloading things over the Internet. Turns out, you can't trust everyone on the Internet," Philips said.

Want to discuss data center innovation with peers? Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Charlie Babcock
Charlie Babcock,
User Rank: Author
2/20/2015 | 6:44:53 PM
Google willing to inspect Rocket for future use
Google decided to standardize on Docker containers and has geared Kubernetes to work with Docker containers. So what does Google's Craig McLuckie, Compute Engine product lead, say about CoreOS' Rocket? At the Linux Collaboration Summit, he said: "Everything we do is based on Docker. When the Rocket guys bring out Rocket 1.0, we'll take a look at that." The Rocket project, which started Dec. 1 with release .1, is on release .3 now and moving rapidly toward a 1.0 release. CoreOS Alex Polvi hazarded a guess: 1.0 will be ready late in the first half or early second half. Then he added, there'll be a 1.0 release "when it's ready."
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

How SolarWinds Changed Cybersecurity Leadership's Priorities
Jessica Davis, Senior Editor, Enterprise Apps,  5/26/2021
How CIOs Can Advance Company Sustainability Goals
Lisa Morgan, Freelance Writer,  5/26/2021
IT Skills: Top 10 Programming Languages for 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/21/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll