patpitchaya - Fotolia
The trends surrounding containers, particularly around Docker and Kubernetes, have shaken the foundations of the development world. They have had such an impact that large application development platform and tooling providers like Oracle are changing their product models to suit them. In fact, they have even been a factor in coercing the once exclusively proprietary provider to shift to a more open source-friendly model.
In this Q&A, Bob Quillin, vice president of the Oracle container group, and Jon Reeve, senior director of product management at Oracle, talk about Oracle's plans regarding containers, including its work with Kubernetes and the open source container community. They also dive into how Oracle is managing container security and the plans it has for serverless computing.
What's the latest with Oracle and the container world?
Bob Quillin: We've had a lot of activity and a lot of focus around the container world. It kind of all started back in the DockerCon timeframe, when we announced an acquisition of Wercker, which is a CI/CD [continuous integration/continuous deployment] tool that does automation for container-native workloads. And we also announced our availability of the Oracle commercial images on the Docker Store, so there's a really a big push in partnership with Docker itself.
Following on that, at CoreOS Fest, we announced a couple more initiatives. One was that we're bringing in the container Linux that CoreOS provides as part of an offering within our Oracle Cloud Infrastructure.
And we're committing engineering resources to the Kubernetes initiative. … We've embraced Kubernetes as this next wave of taking container workloads and microservices out to production. We're using it internally for our own orchestration, and we're looking at building new services on top of Kubernetes.
As we roll towards OpenWorld, we're going to have more announcements that hold together container platform, Kubernetes orchestration, microservices and how to really deliver these in an integrated way. These are all part of the next wave of technologies that we want to be able to offer in a container-native management solution. We want to take advantage of our bare-metal infrastructure environment but also leverage these open source tools and the community that's developing around this.
What's happening with Oracle and the open source container community?
Quillin: In terms of the open source commitments with stacks, we're seeing customers deploy with minimal OS and with Docker [and] orchestration on top of that. People are looking to avoid the cloud lock-in issues that they fear. Part of the promise of containers and orchestration and open source may be the fact that I could take it to any cloud I want to. So, they're pushing us to have a very open source-centered approach.
And that's kind of where the Kubernetes approach has really been broadening the appeal of [avoiding] some of these cloud lock-in[s] and run the workloads anywhere. That's something we don't want to lose as we begin to provide these stacks, because sometimes these stacks can be very opinionated and lock you into a certain model. We want to have integration, but we also want to allow you to use the models you want to use [and] enjoy the benefits of the open community.
So, that's another commitment that we're making … which some people think is not very Oracle-like, but is actually pretty much what the customers are asking for.
Do you have an idea how many of your customers are running containers in production rather than using them in sandboxes or other testing environments?
Quillin: I don't have a very specific number, [but] I'd say that we've seen probably in the range of 30% or 35% of customers moving into that phase. That kind of aligns with what we've seen in the marketplace. And it's not just startups and smaller companies that were born in the cloud and have been on AWS [Amazon Web Services] from day one. This is true to our traditional kind of enterprise customers who are developing new applications. So, it cuts across all demographics.
I suppose both the culture and the technology [are] kind of getting to the point that now they're looking at production. The spike in Kubernetes … [it's] almost at the rate we saw Docker a couple of years ago when developers had mass adoption and there was this tidal wave of interest. They're saying, 'Now, I know how Docker works; we've got it running and have a staging environment. Now, how do I orchestrate that? How do I scale it out? How do we take advantage of these new techniques where I can do rolling updates and manage a more 24/7 runtime environment?'
Jon Reeve: And it's not uncommon to see folks adopt containers in an existing application. Maybe they have a banking application or something that's facing external customers. It might leave the middleware and the database where it is, but they really want to iterate on the front end of that application. That's where they are going to containerize first, so they can get that agility.
Do you believe that your partnership with Docker provides it some sort of validation either in the eyes of your customers or maybe even the broad market?
Quillin: I think validation goes both ways. We're looking to provide value to the Docker community. We have a high level of demand for Dockerization and containerization. It's indicative of where the market is. Before, there were a lot of smaller open source tools that were very popular, and those got containers and Docker started. In the last three or four years, we've seen a movement towards enterprise, operationalization and production-level tools, like many of our Oracle tools.
We're being customer-driven. Customers are pushing us. It helps the Docker community, but it helps the community in general. It provides an overall validation that Oracle's committed to this. We're trying to make it happen. We're providing tools for it. And it's not just us -- it's the rest of the community. I would say it's a natural evolution, and validation comes naturally from that.
As these deployment cadences increase and changes are pushed out faster, what steps is Oracle taking to make sure that that those changes are vetted and that there's not going be any major security threats?
Quillin: We're working with Kubernetes communities around security and have been working with Docker in that area, too. How security is being managed has been a big issue for enterprises [interested in] Docker. But in many cases, we're seeing containerized applications being as secure or even more secure because of this new focus around locking down entry points, managing registries and scanning for various levels of security threats as images are coming out of registry.
Reeve: One of the things about containers is making sure that you only put into a container, particularly in production, the bits that you need to run your application. And so one of the open source tools we announced, called Smith, helps you build a container with only the bits that you need for your application to run so you reduce that surface area. From a security perspective, you also reduce potential vulnerabilities, because there's not a whole bunch of stuff in that container that you need to patch. So, that's an example of what we're doing there to really help folks build containers very tightly, reduce that surface area and operationalize them in production.
What are your thoughts on the movement to serverless computing, and what is Oracle planning around that?
Quillin: We do believe that serverless is the future. There's a whole set of technologies that we're investing in currently. We'll be making some announcements around that at OpenWorld, so stay tuned there.
But I think the idea is that you need to be able to have a serverless approach that is container-based, is open in nature and can move across clouds. So, the last thing we want to do [after] we've made all this open source investment around containers and Docker and Kubernetes [is to] suddenly then go into proprietary serverless solutions. And I think that's kind of where a lot of things need to be worked out in the market.
It's at breakneck pace, and many companies are just getting into Docker and DevOps. But there are people who are leveraging serverless in a very powerful way and for very narrowly focused applications. The potential is huge -- the less you have to deal with infrastructure in the long term, the better. But there is some work that needs to be done to plug into the rest of everything you're doing so that it makes sense. You want to be able to have it integrate with your whole automation, your workflow, the different applications you're building, and still use serverless as appropriate.
Exploring the future of container deployment
Containers vs. VMs: Which one makes the most sense for microservices?
A guide to migrating VM-based applications to containers