Containers

A Look into Docker’s Moby Project

4 May 2017 11:00am, by

One of the many new technologies Docker launched at its annual user conference Dockercon 2017 last month was the Moby Project, a framework to assemble specialized container systems without reinventing the wheel. According to Docker Chief technology Officer, Solomon Hykes, the Moby Project is to Docker what Fedora is to Red Hat Enterprise Linux.

What is significant here is that, in becoming the container project equivalent to the Fedora project, Moby is changing the way Docker is built.

Red Hat did a good job in the early days of the RHEL confusion in that they delineated the project from the product; it split Fedora from RHEL. Docker sees this approach as a way to better engage the community. The boundaries between community and products were fuzzy before. People couldn’t necessarily tell when they are contributing to the project vs the product. This separation of code between the moby/moby repository and the docker/docker repository clarifies this distinction.

Moby will convert Docker from a monolithic engine into a toolkit to assemble its components into different configurations. The Moby Project should encourage reuse of each of the components. Docker has a history of success in this regard and can be measured in their reuse outside Docker:

  • Spun out OCI/runc and it is now the established standard for container runtime and image formats.
  • Spun out containerd and it is now the de-facto industry standard for container runtimes with contributions from all major cloud vendors and 99 percent install base (millions of nodes worldwide).
  • Notary has become the industry most mature implementation of TUF and a hub of collaboration for the security community.
  • Docker distribution is the open-source foundation for a dozen commercial products.

Little Bits

The Docker team is hopeful that as the Docker monolith is broken into smaller pieces, that these individual components may become building blocks for custom solutions. Previously residing in docker/docker, the monolithic project has been relocated to moby/moby.

Some confusion arose about the project. Contributors were well-communicated to at the conference and most of the maintainers, however, those more casually interfacing in the community were surprised and unclear about its purpose and impact, expressing frustration in not understanding how the various pieces fit together or what the new features (e.g. LinuxKit) do.

The Moby project enables system builders to create other projects on top of the same tooling. A system builder may want to run these assemblies differently depending on whether they’re running on a small IoT device or if they’re running on a large system with GPUs.

System builders can leverage components of the Moby project may innovate without being tied to Docker.

There’s still much work to break out components, however, the goal is to create one large upstream for Docker — that being Moby. Docker Inc. wants the tooling to be more open than Docker. Product design decisions are sometimes at odds with a consensus-driven open source project. Having separation of concerns allows Docker Inc. to compile opinions on user experience into their community and enterprise docker offerings.

Moby is the project. Docker is the product. The project can be described in four layers:

  1. All the way upstream components.
  2. Moby
  3. Docker Community Edition (CE)
  4. Docker Enterprise Edition (EE)

Credit: David Chung, Docker Inc.

The organization of the project into layers should clarify things when decisions need to be made between what works for the project vs. product. Docker as a product will add opinions informed by their users (most notably, to be easier for their users). For example, containerd doesn’t have a default registry, while Docker will have Docker Hub as the default.

Users Unaffected

Users will still interact with docker in the same way.

  • Application developers who are looking for an easy way to run their applications in containers may look to Docker CE.
  • Enterprise IT who is looking for a ready-to-use, commercially supported container platform may look to Docker EE.

Nothing changes for these users. The command line remains the same. Docker can now leverage the ecosystem to innovate faster for them. But system builders can leverage components of the Moby project may innovate without being tied to Docker.

Project Governance

The Moby Project is open and will be a community-run project. Docker Inc. has a general inclination to donate individual components in this project to other governing bodies where appropriate. Containerd has to be stand-alone from the Moby project because it was donated to Cloud Native Computing Foundation. Long-term individuals projects should eventually go into other repositories.

Red Hat and Cloud Native Computing Foundation are sponsors of The New Stack.

Feature image: Solomon Hykes.


A digest of the week’s most important stories & analyses.

View / Add Comments

Please stay on topic and be respectful of others. Review our Terms of Use.