Friday, February 24, 2017

Podcast: Open Container Initiative with Chris Aniszczyk

Chris Aniszczyk is the Executive Director of the Open Container Initiative (OCI). I sat down with Chris at the Open Source Leadership Summit where we discussed the role of the OCI, how it relates to other efforts such as the Cloud Native Computing Foundation, and future directions for the organization.

Among the topics that we covered were:
  • How the OCI primarily focuses on areas where standardization is critical
  • The OCI's relationship to the Cloud Native Computing Foundation
  • Future directions, especially in distribution
  • How the industry has changed to encourage this sort of organization
Some links:
  • MP3 (00:12:51)
  • OGG (00:12:51)

Gordon Haff:  First of all, probably a lot of our listeners know what the OCI [Open Container Initiative] is, but maybe a little background for those who don't.
Chris Aniszczyk:  The OCI came together a little over a year ago when there was a desire to come and standardize on container runtime and format, instead of having different competing implementations out there, which would ruin the original promise of containers being truly portable, vendor neutral, and all that good stuff. The OCI was created to build the standard around the container format and runtime.
Gordon:  Has it been successful?
Chris:  I think it's been going great. We originally started out the project with...Docker donated something at the time called Libcontainer, which morphed into runC. runC has grown and seen lot of success. It's embedded in Cloud Foundry.
Of course it exists in Docker's containerd, Engine, and all that stuff. Kubernetes is picking it up in its container runtime interface, and runC and the runtime specification is becoming the de facto way to execute containers, which is great.
Another aspect of the OCI...when the OCI started, it focused just on the runtime spec. About six months after the project was started, the OCI technical oversight board said, "Hey, we should consider standardizing on the image format," so the image specification project was created at OCI. There's been a lot of good work in that area.
We've seen just recently, like a week ago, Amazon announced in their ECR product, the Elastic Container Registry, that they support the draft of the OCI specifications. Pretty much, most other projects are adopting the image specs. I think in general we've made a ton of progress in many fronts. Mostly any system that runs a container is probably using some of form of OCI technology.
Gordon:  When do you see that spec being finalized, getting to a v 1.0 level?
Chris:  Last week, for both specifications ‑‑ the runtime spec and the image spec ‑‑ we released v1.0 RC4, release candidate 4. In OCI parlance, what that means is there's been four release candidates, but in order for them to declare a 1.0, they need at least three.
We have the minimum requirements set. It's just a matter of when developers are happy with the stability, and when they want to bless it as a 1.0. My personal feeling is we'll see RC5 or RC6 will be the 1.0 final. That's a month or two away.
Gordon:  Obviously, the Cloud Native Computing Foundation is also a Linux Foundation. Another podcast, which I did, which will be linked to from this one, was with Dan Kohn, who's the executive director there. In your copious spare time, you work with the CNCF, as well. How do you see, the groups relating?
Chris:  I served as an executive director for CNCF, since the beginning, until Dan came on board to help out. I transitioned to a more COO‑, CTO‑type thing, so my role in CNCF is mostly focusing on attracting the projects, working with the TOC and all that stuff, and trying to build out the Cloud Native Landscape, technology‑wise, within CNCF.
In terms of how these organizations relate, there's a lot of membership overlap. There's probably 80 percent membership overlap between organizations, but OCI was defined very narrow in scope. It's mostly focused on runtime and the image format. There may be some other things that we consider in the future, but things like networking, storage, these are all out of scope. These are things that will exist in the CNCF in some fashion.
There is this awesome thing that we developed called the Cloud Native Landscape. If you go to, you'll see this picture. OCI is featured in there, and that's in the aspects of the container runtime bit. That's just one piece of technology that we consider important in CNCF land, but as a whole, there's a slew of stuff out there.
The foundations work closely, lots of membership overlap. It's something we try to do, make sure people talk to each other and all that good stuff.
Gordon:  I think you've just answered this question, but I'll ask it again in slightly different way. Where do you see, from an OCI‑specific perspective, where you want to standardize and where you want to innovate?
Chris:  Like I mentioned before, we've initially focused on the runtime specification, then the image specification. That area is super important to standardize, because people want to make sure their containers are portable and will run on different things.
Other aspects that have come up within what we call technical developer community within OCI, distribution is one of those topics that people feel like there's a lot of different registries out there. Maybe it's time to come together and standardize on how containers are fetched and distributed.
That discussion's happening in the OCI TDC. But in order for them to expand the scope of the OCI, they're going to have a meeting with the Technical Oversight Board, do a vote, and all that typical, wonderful governance process that you see in open source foundations.
That may be something else that will end up in the OCI in the future, but there's no guarantees. It's whatever the TOB decides. But things like networking and storage, those will most likely be permanently out of scope for OCI. There's too much innovation going on in that space. There's lots of ways to do container networking. There's tons of ways to do storage. Those are areas we expect CNCF to take over and shepherd.
Gordon:  In terms of some of the specific work that's going on in terms of the interfaces between Kubernetes and the container stuff, CRI-O and so forth, where does that fit in here?
Chris:  CRI-O's an interesting project. Essentially, Kubernetes is doing the leg work to extract itself from the underlining container engine, which is a smart move. The Mesos community actually did this a long time ago with their external containerizer.
CRI-O is a similar effort in a similar vein. The goal is to support all the different container engines out there. OCI will be supported by default, but Docker, rkt, and all the other specific engines will be supported too with their specific flavors of additional functionality.
CRI-O will use the runtime format and the image format to support the basics, but storage, how you fetch your stuff, that's not standardized yet. They'll use other respective other technologies out there to make that happen.
Gordon:  To try and summarize here, you really see the OCI as focusing on standardization to avoid fragmentation.
Chris:  Portability. I think if you are an end user, if you're a a developer and you want to build your container and run it somewhere, you'd be really pissed if you have to rebuild it to run it on a different cloud provider. I view this like all the different browsers out there. There's Safari, Firefox, and so on, but HTML CSS, if you write a page using the latest specs from W3C, it's going to run on the different browsers.
But the different browsers compete on performance and other types of little features, developer tools. I think you'll see similar things in container tools. The container format and execution of it will be standard across everywhere, but the different engine or orchestrators will find different ways of compete on performance, security, and so on.
Gordon:  But you don't really want to have two different web pages for Internet Explorer, Firefox.
Chris:  As we've been saying, absolutely. [laughs]
Gordon:  You mentioned distribution, specifically. What are some of the other areas that you think, at least potentially, might be interesting for the OCI in the future?
Chris:  It's hard to say. I think networking could be interesting, but there's too much. It's fertile ground. There's a lot of innovation going on. There's different approaches. I don't know. It's like browsers. Over time, certain things got standardized in CSS and HTML that may have been crazy at that time, but down the road, who knows.
The next year or so, I think distribution will be a hot topic within OCI. Anything after that, it's really hard for me to say. It's up for the OCI technical development community and the Oversight Board to make these decisions. But we'll see tons of these projects in these spaces.
Over time, I think developers will get together, "OK, it's really stupid for us to like compete on maybe all these different registries. At least let's standardize on some of the basics, and compete on, you know, the other 20 percent."
Gordon:  Chris, a slightly more meta question. Historically, companies haven't wanted to standardize in most areas. It strikes me that, in the container space, the virtualization format battles that went on for years and years, there's been a lot more willingness to go, "OK, this area doesn't differentiate. We're just going to..." you know, an HD DVD, Blu‑ray thing.
We really all standardize here, and it's really happened fairly quickly.
Chris:  I think the industry has changed over the years. Open source is more prevalent. People have learned a lot of lessons around lock‑in, and they don't want to repeat the mistakes. The visualization fiasco with the format, VM, all that, that's a painful memory in a lot of people. People are worried about paying the "VMWare tax." Lots of lessons have been learned.
If you remember from the Java EE days, the whole notion of you having a WAR file, and you'd be able to deploy it on WebLogic versus WebSphere, that just worked. That was good. There was lots of "gotchas" around that, but the idea, in theory, was good.
People have learned their lessons, and I think they want to standardize on the thing that will allow the market to grow. Everyone wants containers to be super‑successful, run everywhere, build out the business, and then compete on the actual higher levels, sell services and products around that, and not try to fragment the market in a way where people won't adopt containers, because they're scared that it's not ready, it's a technology that's still [laughs] being developed.
Gordon:  I'm not sure if it's still a maturing industry or taking the desires of their customers into account. Maybe a mature industry does that.
Chris:  I think customers are smarter these days, too. I think a lot of them are making the demands, especially from our end‑users at least. I won't name specific companies, but some of the higher‑end financial companies, this is definitely 100 percent something that they ask for.
It helps them for price pressure on different providers, like, "Hey, I can move my stuff easily here." People are learning the lessons. It took a generation for us to get there, but this is something people now ask for from their vendors.
Gordon:  With containers, specifically, as you mentioned, portability is one of the promises of containers. So if you don't get portability...
Chris:  Exactly! You're locked in, and no one wants that. It's great to see the Windows folks contributing, Intel, all the OSs, architectures. Everyone is contributing to make sure that this actually will work on different platforms, so people will chose their platform, potentially, down the road.
I think it's great. Definitely the industry has changed over the years, especially if you look back a decade ago. A long time ago, it was mostly like, "Let's lock people in and secure all the profits." That's not going to [laughs] work anymore. You have to collaborate and build the business on the actual thing you want to differentiate on.
Gordon:  Great. Thanks Chris. Any closing comments?
Chris:  OCI's definitely a growing project, and I look forward to seeing the 1.0 release in a couple of months.

No comments: