The fascinating world of containers – and why the military should care

OPEN SOURCE WAY BLOG: Quarterly posts about using open source technologies as a part of your embedded systems solutions to speed up your development efforts, reduce project costs, and create collaborative environments for innovation.

Look up the word “embed” on Oxford Dictionaries and you’ll find this definition: “fix (an object) firmly and deeply in a surrounding mass.” From that description, it certainly sounds like things that are embedded are not very flexible. And so it has traditionally been with embedded systems: solutions were “built to last” but, in many cases, weren’t able to be easily changed or updated.

To read the first Open Source Way blog click here.

Such a strict approach doesn’t work well with the U.S. military’s drive for greater agility and flexibility. From the battlefield to the administrative front, the military needs to be able to make changes on the fly, develop new applications, and deploy across multiple hosts. How’s a “fixed” able to keep up?

Welcome to the world of containers. While not considered a new technology (they have existed in UNIX derivatives since the early 1980s), containers have taken off lately due to specific advantages in meeting the application delivery needs of today’s defense environment. The fact that containers also offer the Department of Defense the ability to hold down costs by maximizing existing resources and minimizing system requirements is a welcome added bonus.

Containers release efficiency

Let me explain. Unlike traditional technology stacks, or even popular environments, each container consists of just the application and its dependencies (libraries, binaries, etc.). By using existing Linux technologies like kernel namespaces, cgroups, SELinux, and others, containers run as isolated processes on the host , and are able to share the kernel with other containers. This can reduce both hardware and operating system costs.

Containers enable the same application to be quickly developed and shared across devices, virtual machines, and any . They give developers the tools to efficiently and iteratively build integrated systems. Because developers are able to create applications and manage one set of software (not several), software can run more efficiently, the development deployment cycle can be faster, and overhead costs can be reduced. It’s no wonder container technology is taking off.

So, how does this all come together in your embedded system? Just think: you can develop using the same development tools used for your datacenter or . You can manage updates easily and efficiently across all systems with the help of the underlying operating system to certify API and ABI stability and library compatibility. And, you can re-write, re-design, and re-launch existing applications.

With the help of robust test and certification processes for containers, the risk can be taken out of updates and you can be assured they will run across all devices, even embedded ones. For example, in a military application such as a , there may be several different components, requiring the isolation of different user interfaces and communications capabilities from the mechanical operations commands and reporting systems. With containers, development for each separate component would take place using individual containers launched across the appropriate hosts – all accomplished with the same set of software tools.

Using containers helps simplify development complexity while enabling efficient deployment. But containers can’t go it alone.

Containers need Linux
While you are concentrating on customizing and developing containerized applications, the underlying platform is hard at work enhancing performance and ensuring the security. Scalability of containerized applications is addressed through Kubernetes management, enabling deployment across a large cluster of container hosts.

The success of containerized applications is dependent upon the Linux operating system and its capabilities. Since containers depend on the kernel and operating system to function, defense agencies will want to consider implementing open source software that offers resource management, isolation, abstraction, and security, all of which are needed for container applications to truly be portable across container hosts.

Are containers right for you? To answer that, simply consider the workloads you’re planning to run.

Most federal IT users will find containers ideal for application packaging and delivery because of their low overhead and greater portability. Of course, there’s also the added benefit of reduced maintenance concerns and greater flexibility – two important factors for today’s increasingly virtualized military.

Given these benefits, perhaps the question is not “are containers right for you?” but “what are you waiting for?”