Docker's Solution to Slimmer Containers
Recently, I wrote about how Docker is investing in Unikernels to reduce the size of its containers, but there is more than one way to skin a cat. Unikernels are a hot new technology, but many developers prefer stability and maturity over "new and shiny". And, that's where Alpine Linux comes in.
Docker containers are an amazing boon to developers and operations, and they're essential tools to the emerging field of DevOps. By bundling an application with its runtime environment, you sidestep a potential world of pain.
For anyone who's ever written code in one environment and run it in another, it's a familiar problem. The application works on your laptop. It works on the test server. But, when you try to go live on the production server, it crashes.
Today, no software is an island. Unless you're coding low-level firmware, your program has to cooperate with other software. It runs on an operating system and depends on libraries, modules and a runtime. Sometimes it talks to other applications, daemons and services.
In the ever-changing world of modern computing, any of those pieces of software can change unexpectedly. A new version of a daemon or a database server might be released, or maybe a library is updated with new features and bug fixes.
Any time a dependency changes, it opens the door to new bugs in your code. And, that's not even counting the changes users or system administrators can make.
With Docker, you have to worry only about one environment. The container takes the entire runtime ecosystem and shoves it into a box that you can swap between your development machine, the testing server and the production server.
Containers are also a boon to "scale on demand" cloud architectures. A big application can be broken down into a number of interconnecting pieces that work together. When one of those pieces is overloaded, a new instance can be spun up. It can take a share of the strain, ensuring that the system continues to perform smoothly.
But, this model of development has exposed a weakness in the container model. Docker bundles an entire operating system (based on Debian) into each container. This is called the "image".
Debian is a general-purpose operating system. It's designed to support a very wide range of applications and hardware, and that means it's quite big. The image used in Docker containers is more than 100MB.
100MB isn't really a big deal on a desktop system, and it doesn't really cause much of a splash on a traditional server environment either. But in the world of cloud computing, new container instances are created and destroyed quite frequently. In that case, transferring 100MB and spinning up a complete operating system becomes a noticeable resource drain.
And for most software components, it's unnecessary bloat. The majority of the services and drivers supported by Debian are not needed for these modular cloud applications. What's needed are smaller containers. One solution to this problem is Unikernels. Unikernels aren't a full operating system as we would recognize one. Instead, they contain only the low-level software needed to support the cloud module.
Docker is investing in Unikernels, and it already supports them. But, they aren't a good solution for many of the components that make up today's cloud applications, and shoehorning an existing app into a Unikernel architecture can be difficult, error-prone and time-consuming.
Another solution is to use a smaller GNU Linux distribution. Although Debian is designed to run on modest to high-end machines, there are very lightweight distros for very old or limited hardware. Those distros support the bare minimum of the GNU/Linux specification, which often is ideal for a container.
One such distribution is Alpine Linux. Alpine is a very minimal distro, weighing in at only 4.8MB. Although it's tiny, it's able to support a wide range of the applications and services that comprise a modern cloud app.
Docker is switching to Alpine as its default OS image. The reduced size will reduce its network traffic massively, and it means smaller and faster containers for cloud applications.
Docker's future may well lie in the direction of Unikernels, but they are a very new technology, and they require a change of perspective for developers. With Alpine images, programmers still can work with a complete (but minimal) Linux system.