VMware's Project Bonneville - Containing the Container Contagion?

physical-serversContainers, Docker, Kubernetes. What do all of these things have in common? From VMware’s perspective, they represent an existential threat to their hypervisor world order. Enter “Project Bonneville” - a VMware initiative to maintain the vSphere order of things by intertwining the roles of containers and VMs on server infrastructure. 

By VMware’s own admission, containers and hypervisors essentially do the same thing. They both abstract resources on a physical server. The difference is that hypervisors, like vSphere, virtualize the hardware while containers virtualize software--in this instance, the host operating system. 

While a VM presents a unique OS image to the application residing within the VM, a container integrates directly with the operating system kernel (chiefly Linux today) to carve out a share of the OS resources (library, binaries, CPU, memory, disk/io, etc.). Proponents of containers point out that since containers consume far less overhead than VMs, it is possible to pack more applications per server, translating into far greater data center efficiencies. 

And now with tools like Docker, application developers can build standardized container units and continuously redeploy them to greatly accelerate application development and deployment cycles - increasingly becoming a must-have to enable rapid business innovation.

But one of the drawbacks to using Docker is that it can only manage containers on a node (server) by node basis. What happens when you have hundreds or thousands of containers spread across the data center or data centers? This is where VMware tools like vCenter and vRealize have a decided advantage over container management - sophisticated and mature VM orchestration and management across hybrid cloud infrastructure. 

The challenge with managing containers at massive scale more or less fell by the wayside, however, with Google’s open sourcing of their Kubernetes platform last year. Kubernetes can be utilized, in tandem with Docker, to manage the scheduling and placement of containers across server nodes in a Linux cluster at cloud scale. And perhaps it is no surprise that VMware announced their Project Bonneville initiative shortly after Google’s gregarious gifting of Kubernetes to the freeware community. 

So what’s Project Bonneville’s answer to the VMware container conundrum? It seems to be chiefly an operational play. Namely, VMware is messaging that IT operational personnel will need a tried and true method for properly managing containers within the purview of existing VM infrastructure. And it certainly is not without its merits. 

The best thing going for VMware, at lease from a vSphere perspective, is its pervasiveness across enterprise data center environments. Many IT organizations are already familiar with VMware’s tools and management interfaces and what Project Bonneville delivers is a consistent “look and feel” with respect to container management and VM management. 

To further underscore this unified management theme, VMware’s internal champions say with Project Bonneville a container is a VM and a VM is a container - there is no distinction. Moreover, Bonneville provides a lightweight VM that consumes only a fraction of the host resources that VMs ordinarily require.

In a Bonneville environment, individual containers are managed within VMs (1:1 ratio) to deliver the following benefits: 

  1. Improved security and isolation - VMware makes a good argument that since containers are all utilizing the same OS kernel, there are not the same levels of isolation and security that come with VMs.  (As an aside, for the past 4 years in a row, security has topped the list of priorities for IT professionals in ESG’s annual IT Spending Intentions survey. VMware wants to put the cloak of security over naked containers.) 
  2.  Use of any operating system - Today, containers can only be used in Linux environments.VMware points out that since their hypervisor can abstract all the necessary resource components for an application (filesystem, network, storage, etc.), a container can run on top of any OS when it is packaged inside a VM. 
  3.  DevOps Enablement - Developers get the speed of Docker provisioned container infrastructure while IT operations can utilize tools they’re already familiar with to manage and provision container environments.  

I think in the short-term, Bonneville could be a good way for businesses supporting large VMware environments to address the growing demand for containers from their application developers. At a bare minimum, it allows IT operations to continue using the VMware management tools that they’re already familiar with while addressing concerns around container security. 

 

Insight on trends in converged infrastructure

 

Topics: Cloud Services & Orchestration