Doker každý zná a netřeba jej představovat. Proč se v dnešní době zabývat, ztrácet čas a utrácet peníze nějakýma virtuálama, když můžeme složitý DevOps vyřešit společně se standartizovaným developingem pomocí standartizovaných kontejnerů. A rozebírat další benefity, které kontejnerizace, respektive následné aspekty z ní vyplývající teď a v tomto postu rozebírat nebudu.
Ne každý ale už ví, že Docker není jediný způsob kontejnerizace. Určitě nejznámější a nejprofláknutější. Ale vedle něj existují a aktivně se vyvíjí další řešení kontejnerizacace aplikačního prostředí a v žádném případě se nejedná o nějaké nesmysly, ale určitě jde o projekty, které se zaslouží pozornost.
Tak tady některé z nich jsou:
rkt
Za rkt stojí RedHat a jeho CoreOS, který koupil a spolčně s OpenShift vytváři docela zajímavou, komplexní platformu.
rkt is an application container engine developed for modern production cloud-native environments. It features a pod-native approach, a pluggable execution environment, and a well-defined surface area that makes it ideal for integration with other systems.
The core execution unit of rkt is the pod, a collection of one or more applications executing in a shared context (rkt’s pods are synonymous with the concept in the Kubernetes orchestration system). rkt allows users to apply different configurations (like isolation parameters) at both pod-level and at the more granular per-application level. rkt’s architecture means that each pod executes directly in the classic Unix process model (i.e. there is no central daemon), in a self-contained, isolated environment. rkt implements a modern, open, standard container format, the App Container (appc) spec, but can also execute other container images, like those created with Docker.
containerd
An industry-standard container runtime with an emphasis on simplicity, robustness and portability.
containerd is available as a daemon for Linux and Windows. It manages the complete container lifecycle of its host system, from image transfer and storage to container execution and supervision to low-level storage to network attachments and beyond.
cri-o
LIGHTWEIGHT CONTAINER RUNTIME FOR KUBERNETES
CRI-O is an implementation of the Kubernetes CRI (Container Runtime Interface) to enable using OCI (Open Container Initiative) compatible runtimes. It is a lightweight alternative to using Docker as the runtime for kubernetes. It allows Kubernetes to use any OCI-compliant runtime as the container runtime for running pods. Today it supports runc and Clear Containers as the container runtimes but any OCI-conformant runtime can be plugged in principle.
CRI-O supports OCI container images and can pull from any container registry. It is a lightweight alternative to using Docker, Moby or rkt as the runtime for Kubernetes.
katacontainers
Kata Containers is a new open source project building extremely lightweight virtual machines that seamlessly plug into the containers ecosystem.
Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
The Kata Containers project has six components: Agent, Runtime, Proxy, Shim, Kernel and packaging of QEMU 2.11. It is designed to be architecture agnostic, run on multiple hypervisors and be compatible with the OCI specification for Docker containers and CRI for Kubernetes.
hyper.sh
On-demand Container, Per-Second Billing.
Hyper.sh is the simplest and fastest way to run containers in the cloud. No VM to manage, no cluster to operate. Bypassing all those infrastructure headaches to embrace the value of „Serverless“ immediately!
Hyper.sh is the optimal container hosting service to create your CI/CD pipeline. No more long running costly VMs sitting waiting for build jobs. With Hyper.sh you only pay when you’re building.
gvisor
gVisor is a user-space kernel, written in Go, that implements a substantial portion of the Linux system surface. It includes an Open Container Initiative (OCI) runtime called runsc that provides an isolation boundary between the application and the host kernel. The runsc runtime integrates with Docker and Kubernetes, making it simple to run sandboxed containers.
gVisor takes a distinct approach to container sandboxing and makes a different set of technical trade-offs compared to existing sandbox technologies, thus providing new tools and ideas for the container security landscape.
Mesos
Mesos is built using the same principles as the Linux kernel, only at a different level of abstraction. The Mesos kernel runs on every machine and provides applications (e.g., Hadoop, Spark, Kafka, Elasticsearch) with API’s for resource management and scheduling across entire datacenter and cloud environments.
A další…
Určitě je dobré všdět, že existuje Open Container Initiative, která mimo jiné spravuje runtime a image specifikace pro kontejnery.