OpenStack unveils new open source project ‘Kata Containers’
The OpenStack Foundation announced a new open source project dubbed Kata Containers, which aims to combine the security benefits of virtual machines with the speed and manageability of container technologies. According to the organization, Kata Containers “is designed to be hardware agnostic and compatible with the Open Container Initiative (OCI) specification, as well as the container runtime interface (CRI) for Kubernetes.”
Containers and virtual machines are close cousins in the world of virtualization. The former is a kind of lightweight technology that involves breaking down and packaging a monolithic code into an isolated environment, which allocates all the necessary resources to run it from a host operating system. The latter is a computer emulation, which performs network functions on software rather than proprietary hardware.
Both containers and virtual machines have their lion’s share of advantages and disadvantages. Because of their lightweight nature, for example, containers enable developers to launch multiple applications on a single operating system, while simultaneously making it easier for hackers to gain access to the entire network. By the same token, virtual machines may be more secure than containers, but pose the risk of introducing unstable performance when running atop a host computer at once.
Kata Containers is based on previous work Intel did with Clean Containers technology and Hyper’s runV hypervisor-based runtime. To kickstart the project, Intel is contributing its Clear Containers technology and Hyper its runV technology. Other companies supporting the project at launch include 99cloud, AWcloud, Canonical, China Mobile, City Network, CoreOS, Dell/EMC, EasyStack, Fiberhome, Google, Huawei, JD.com, Mirantis, NetApp, Red Hat, SUSE, Tencent, Ucloud, UnitedStack and ZTE.
“With virtualized containers, the basis for Kata Containers technology, we are able to provide a container service for our customers to deploy applications in a simple, fast, secure and cost-effective manner,” said Lijing Guo, general manager of JD Cloud Product Management at JD.com. “Development speed is 3x to traditional IaaS, but with 50 percent cost reduction. We look forward to seeing a community form around this technology to drive it forward.”
The project will initially consist of six components, including Agent, Runtime, Proxy, Shim, Kernel and packaging of QEMU 2.9. The organization said it will combine two of the most well-integrated virtualized container open source code bases and then move the project to open governance. The Kata Containers community will focus on attracting contributors, supporting diverse hardware architectures and driving technology adoption.
“The Kata Containers brings a new level of value and functionality to running containers in production environments, and we’re pleased to contribute,” said Xiaoli Jiang, general manager of the Cloud Open Source Development Team at Huawei. “Secure container management technology that’s light, fast and agile can answer many of the challenges faced by both large telecom operators and enterprise users.”