Oracle Releases an OCI-Based Container Runtime
Just before the holiday weekend, Oracle released three new open source container utilities. These include a debugging tool, a microcontainer builder, and most interestingly, an implementation of the Open Container Initiative’s oci-runtime specification known as Railcar.
Railcar was built to ensure Docker’s runc wasn’t the only container runtime implementation built to OCI specifications, said Vish Abrams, cloud development architect at Oracle. Version 1.0 of the OCI runtime is due to be released as early as this week. Oracle’s implementation was built in Rust to take advantage of some of the safety benefits over Go and C, the two languages behind runc. Abrams is a former member of the team at NASA which originally created OpenStack, and he joined Oracle in 2015.
“Over the past couple of years, I have been helping a lot with the bare metal platform teams at Oracle. In particular, I’ve worked on things like our load balancers and virtual machine platform. We wanted to reach some of the advantages of using containers, and yet two years ago, we had some concerns about how to take those containers into production,” said Abrams.
Thus, the effort that built these three tools was born. The other two tools, Smith and Crashcart, are also targeted at integrating containers into the existing continuous deployment pipelines enterprises have built. Thus, Smith is a tool for building microcontainers according to a set of processes and specifications set up by an enterprise build pipeline, while Crashcart attaches useful Linux tools into a container while it’s running, allowing for better debugging when you’ve created a container which has only a single binary inside.
No Junk in the Trunk
Smith helps developers build slimmer containers, said Abrams, and includes a single binary limit on those images, ensuring nothing untoward is included. That does make it hard to troubleshoot a running container, however, as removing excess binaries means removing standard Linux tools. Crashcart handles this shortcoming on demand, as an emergency tool for analyzing containers that must be examined while running.
Abrams said that the most important part about Railcar is the push towards standardization. Docker was out there, and people disagreed with how some things were done, so CoreOS created rkt.” Then the OCI was formed, he added. “The OCI runtime specification is really important. You want a standard way for these things to be built and run,” said Abrams.
“The thing is, there’s only been one implementation of OCI out there: runc, which was in Docker. What I’ve seen is when there’s only one implementation then things get rat-holed and there’s no variety. It’s not that Railcar does something different from runc. The implementation of how it works is 98 percent the same as what runc would do,” said Abrams.
All three of these tools are available on GitHub under dual licenses: Oracle’s Universal Public License, and the Apache 2 license.