Microsoft and Docker CNAB takes aim at distributed computing

Microsoft and Docker want to push container-like abstraction up the stack with the CNAB open source spec, which has piqued enterprise interest in its early stages.

Microsoft and Docker have captured attention with CNAB, a nascent specification that offers a way to repackage distributed computing apps.

The Cloud-Native Application Bundle (CNAB) defines a method to package distributed computing service layers into a container-like artifact. This artifact, which complies with the Open Container Initiative standard, can be shared and distributed through the Docker Hub and Docker Trusted Registry image storage features in the way an individual container image would.

The CNAB project was founded by Microsoft and Docker a year ago. Bitnami and HashiCorp are also named as contributors on the project's website. The first implementation of the spec is an experimental utility called Docker App, which Docker rolled out this week and eventually will fold into Docker Enterprise Edition. Docker App represents the company's first foray into IT infrastructure software that manages VMs and serverless workloads alongside containers. Microsoft and Docker plan to donate CNAB to an open source foundation -- to be named later -- for public governance in 2019.

Docker App and CNAB highlight the need for distributed computing services standardization beyond Kubernetes container orchestration -- a need that was also brought to light after a Kubernetes security vulnerability surfaced this week.

"This is an effort to curate the Kubernetes stack, because there is no standard Kubernetes stack," said Jay Lyman, an analyst at 451 Research. "We don't have anything like a LAMP stack anymore, a set of known components shared by the entire industry."

Docker App turns enterprise heads, in theory

Docker App and CNAB are experimental, and the creators have not yet released a comprehensive list of the clouds and software utilities it supports. Docker execs said the spec and its utility support public IaaS options, such as OpenStack-based offerings, Microsoft Azure and AWS, including Azure Functions and AWS Lambda serverless computing workloads. And they said CNAB can bundle templates from infrastructure-as-code utilities, such as YAML templates in Kubernetes, Helm charts, AWS CloudFormation and HashiCorp Terraform.

However, some big names -- particularly Google Cloud Platform -- were conspicuously absent from the CNAB conversation so far.

"Docker App and CNAB need to work across any major cloud platform to get enough buy-in to become a standard way to deploy cloud resources," said a customer who is a senior architect at a large insurance company on the East Coast, who spoke on condition of anonymity because he is not authorized to represent his employer in the press.

An abstraction comprised of other abstraction layers could further complicate already-complex distributed computing architectures, but the senior architect said he would welcome more fluidity around application releases and deployments.

"Any way to make it as simple as possible to deliver code that's secure is critical, given the speed we move at now," he said.

Docker App artifacts could be cryptographically signed in the way Docker container images are now with utilities such as Docker Notary, the senior architect said, which could improve security within CI/CD pipelines. "This looks good, but it's early."

Designs on distributed computing

Microsoft and Docker aren't alone in their ambition to create a standard distributed computing package. Agile Stacks Inc., a startup in San Mateo, Calif., offers a similar distributed app-packaging mechanism, as does erstwhile configuration management bellwether Chef, with Habitat. Other major IT vendors, such as IBM, still bet on Kubernetes itself as the standard for multi-cloud management in the future.

IBM has set its sights on Kubernetes-based multi-cloud management with its Red Hat acquisition, but it remains to be seen whether the three most used public cloud providers -- Amazon, Microsoft and Google -- will support each other's services, Lyman said. Still, CNAB reflects the fact that enterprise IT shops are interested in multiple vendors and technologies to support distributed computing.

"Customers seem to want and demand a spectrum of abstractions. Sometimes, they want control over containers and Kubernetes, but if serverless has economic and efficiency benefits, they want to do that, as well," he said. "I don't think anyone is going to scrap one technology to go all-in with another -- it's going to be a mixed environment within large enterprises."

Dig Deeper on Containers and virtualization

Software Quality
App Architecture
Cloud Computing
Data Center