LET’S DEFINE “CONTAINER-NATIVE”


As containers gain popularity for a broad variety of use cases, entrepreneurs and infrastructure software investors are focused on investing in the machinery around containers. But there is a particular notion that is emerging, which needs a name. Today I’m proposing that we start using the term container-native to refer to this notion.

I researched (googled) the term to learn how it was being used today. Turns out it is being used to refer to the idea of running containers on bare metal (rather than on VMs).What a narrow use of a beautiful term! There should be a new definition for container-native that aims to better represent the magnitude of impact that containers will have on software development and operations.

Pretty much as in other once-an era shifts, legacy players infrequently make the move meaningfully. This happens for a couple reasons: either (a) they don't comprehend the size or essentialness of the movement, or (b) they comprehend it however are stuck offering the wrong design and have motivations to treat parts of the new engineering as registration things in their informing to the business sector, or (c) they are irritated or baffled by the early overhype.

To delineate what holder local can mean from an assortment of edges, here are brisk case in (i) bundling, (ii) persistent combination and arrangement, (iii) application lifecycle administration (ALM), (iv) queueing and lambda structures, (v) checking, and (vi) securityPackaging

Joe Beda (formerly of Google, now an EIR at Accel, and advisor to Shippable and CoreOS)argues that the container community has focused heavily on environments to host containers (such as CoreOS and others), and tools to orchestrate containers (such asDocker Swarm, Kubernetes, Mesosphere and others), but not enough on tools to better understand what’s going inside the container itself. He calls out the following specific problems:


No package introspection. At the point when the following security issue tags along it is hard to effortlessly see which pictures are powerless. Moreover, it is difficult to compose mechanized strategy to keep those pictures from running.

No simple sharing of bundles. In the event that [two] pictures introduce the same bundle, the bits for that bundle are downloaded twice. It isn't remarkable for clients to develop confused "inheritence" chains to work around this issue.

No surgical bundle upgrading. Redesigning a bundle requires reproducing a picture and re-running all downstream activities in the Dockerfile. In the event that clients are great about following which sources go into which picture, it ought to be conceivable to simply overhaul the bundle yet that is troublesome and blunder inclined.

Request subordinate picture constructs. Request matters in a Dockerfile — notwithstanding when it doesn't need to. In many cases two activities have zero collaboration with each other. In any case, Docker has no chance to get of realizing that so should accept that each activity relies on upon all first activities.