CoreOS Blasts Docker for “Broken Security,” Builds Own Container Engine

Web-scale OS startup’s CEO says Docker has steered too far away from original direction

Yevgeniy Sverdlik

December 1, 2014

4 Min Read
Alex Polvi, founder and CEO, CoreOS
Alex Polvi, founder and CEO, CoreOSCoreOS

CEO of CoreOS, the startup with an operating system built specifically for massive server clusters in web-scale data centers, said Docker had a “broken security model” and announced an alternative CoreOS-built container runtime called Rocket.

“At CoreOS we have large, serious users running in enterprise environments,” CoreOS co-founder and chief executive Alex Polvi wrote in a blog post published Monday. “We cannot in good faith continue to support Docker’s broken security model without addressing these issues.”

Polvi’s post is surprising in light of his company’s strong support for Docker throughout its short existence. As he pointed out himself, CoreOS co-founder and CTO Brandon Philips has been one of the top contributors to Docker and serves on the open source project’s governing board.

Docker, both an open source project and a company, has been around since 2013. Its standard format for application containers quickly gained support from startups and major enterprises and service providers.

Amazon Web Services announced a Docker container management service in November. The same month, Microsoft launched a Windows command line interface for Docker. Until then, users could only manage Docker containers on Linux.

CoreOS published Polvi’s post three days before Docker kicks off DockerCon Europe 2014 in Amsterdam – its first conference outside of the U.S.

Ben Golub, CEO of Docker the company, questioned the post’s timing. “While we disagree with some of the arguments and questionable rhetoric and timing of the Rocket announcement, we hope that we can all continue to be guided by what is best for users and developers,” he wrote in a response published on the Docker blog.

Docker Accused of Changing Direction

Polvi’s issue isn’t only with Docker’s security model but also with what he perceives as a change in direction from goals stated originally. Instead of focusing on containers as simple standard component, Docker has been building a wide range of tools around containers, according to him.

“Docker now is building tools for launching cloud servers, systems for clustering, and a wide range of functions: building images, running images, uploading, downloading, and eventually even overlay networking, all compiled into one monolithic binary running primarily as root on your server,” Polvi wrote.

CoreOS founders were originally attracted to Docker because they liked the idea of a standard container, “a simple, composable unit that could be used in a variety of systems.”

“This was a rallying cry for the industry and we quickly followed,” Polvi wrote. “Unfortunately, a simple re-usable component is not how things are playing out.”

Docker CEO Responds

Golub said Docker had been working on a comprehensive set of orchestration services because the company wanted to help users deploy multi-container applications distributed across multiple hosts. Docker builds all these tools to make sure these multi-container users have the same clean and open interface as single-container users do, he wrote in his response.

Golub’s post was an initial response to the Rocket announcement. Docker CEO promised to address Polvi’s technical arguments in a later post. He pointed out that arguments like this were a normal part of the open source process, and that everybody was welcome to use Docker containers however they wanted or propose alternative standards.

Different Container Standard Proposed

The standard CoreOS is proposing is called App Container. It defines a specification of the facilities surrounding the container.

Here is what’s important in the design of a container, according to CoreOS:

  • Composable. All tools for downloading, installing, and running containers should be well integrated, but independent and composable.

  • Security. Isolation should be pluggable, and the crypto primitives for strong trust, image auditing and application identity should exist from day one.

  • Image distribution. Discovery of container images should be simple and facilitate a federated namespace, and distributed retrieval. This opens the possibility of alternative protocols, such as BitTorrent, and deployments to private environments without the requirement of a registry.

  • Open. The format and runtime should be well-specified and developed by a community. We want independent implementations of tools to be able to run the same container consistently.

Rocket is a command line tool that implements these facilities. App Container is an open spec and other systems can implement it without using Rocket.

CoreOS may contribute App Container support to Docker once it matures. The company also plans to continue to ensure its operating system supports Docker.

Pivotal on Board With App Container

Pivotal, the EMC spinoff that helps enterprises adopt agile software development process, cloud, and big data, and sells them the infrastructure services necessary to do that, has expressed support for Rocket and App Container.

Andrew Clay Shafer, co-founder of Puppet Labs who recently joined Pivotal as director of technology, also penned a blog post Monday, saying the company has been collaborating with CoreOS on the standard. “When we saw the progress that CoreOS had made, and their openness to input and contribution, we decided that Pivotal needed to get involved in the App Container effort,” he wrote.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like