VMware’s Project Fargo was announced at VMworld in August, but there was precious little detail, and the project was talked about in the context of virtual desktops and containers. If it succeeds then Fargo might be the way for enterprises to get the security benefits of virtual machines along with the speed and portability of containers.
At the same time that could allow VMware to set up an enterprise toll gate for Docker’s ecosystem, taking advantage of a well entrenched set of accounts and relationships.
Docker has been on a tear since it’s launch in March last year, and it has many people asking ‘what are the differences between virtual machines and containers?’ A switch to containers could be seriously disruptive for a company that built its business selling virtual machines and tools to manage them. Of course the situation isn’t a simple choice between virtual machines and containers, and many containers will run within virtual machines, which drives the thinking behind the present ‘better together’ messaging emerging from VMware and Docker.
Whether or not VMware’s existing virtual infrastructure is the best virtual machine environment to run Docker is pretty irrelevant. That message seems aimed at enterprises that are already VMware customers to make them confident that they don’t have to change anything as they dip their toes into the Docker waters. Once those enterprises decide to deploy at scale the looming problem is that containers don’t offer the same degree of isolation and protection as virtual machines. Put simply, containers don’t contain.
Project Fargo aims to deliver a best of both worlds approach – a lightweigh virtual machines that looks and feels like a container (and that can be treated as a container by Docker tools). According to VMware CTO Ben Fathi the result will bev irtual machines that are, ‘faster, smaller and smaller memory footprint and boot faster’. He goes on to say that the project should deliver, ‘sub second availability of VMs’, that, ‘will make containers a lot more speedy, and in some case more efficient than bare metal’.
VMware have been working on the technology behind Fargo for some years. Named ‘VMfork’ the approach works like a process fork in an operating system, creating a clone of a running virtual machine. During its development it’s been targeted at virtual desktop infrastructure (VDI) as a means to rapidly provision user environments. So the switch to Linux server environments is far from trivial.
Something that VMware have in their favour is the open nature of Docker. Since version 0.9.0 there has been a plugable interface between Docker’s toolchain and the underlying container mechanism through an API called libcontainer. This can be used to support a variety of container types (besides Docker’s own implementation) including LXC, OpenVZ and chroot. In principle VMware just need to plug into the API and they’re good to go. In practice it might be tricky to achieve the same memory and storage optimisations once runtime libraries become smeared across an array of virtual machines rather than being under the management of a single kernel.
Should VMware succeed in delivering product based on Fargo then the prize could be quite substantial – the ability to co-opt the ‘build and ship’ aspects on the Docker ecosystem whilst offering a better approach to ‘run’, and one that enterprises will be willing to write cheques for.
Chris Swan is CTO at CohesiveFT, where he focuses on product development and product delivery. Mr. Swan was previously at UBS where he was CTO for Client Experience working on strategy and architecture for web and mobile offerings across all regions and business divisions. At UBS Chris was also co-head of Security CTO focussing on identity management, access control and data security. Chris represented UBS as a Director on the Steering Committee of the Open Data Center Alliance (ODCA). Before joining UBS, he was CTO at a London based technology investment banking boutique, which operated a cloud only IT platform.
Feature image via Flickr Creative Commons