Container rivals square up as Docker and CoreOS platforms get key updates

Docker now has a rival for building and deploying containerised applications as rkt hits production ready status

Docker has released updates to its namesake platform for operating a container infrastructure for delivering applications and services, while CoreOS has finally delivered a production-ready version of its own rkt container runtime intended as a rival for Docker.

Both organisations have announced key updates almost simultaneously, with Docker 1.10 and version 1.0 of the rkt platform from CoreOS hitting availability within days of each other.

Docker has gained acceptance among corporate developers as the container platform of choice for deploying applications and services, but it faces competition from rivals including CoreOS, developer of a stripped-down version of Linux for hosting containers.

Known as rkt ("Rocket"), the platform has been under development since 2014, but has now reached version 1.0 and been declared ready for deployment in production environments. It is being pitched as an alternative to Docker, giving organisations more choice for container development.

CoreOS said that the rkt container runtime has enterprise-grade security through features such as KVM-based isolation between containers and SELinux support, while being compatible with standards-based container images, including existing Docker images.

"We've worked hard to make rkt fit readily and flexibly into real-world architectures, while enabling the best security practices, and the community's input and support has been instrumental. After 15 months of continuous development, rkt has incorporated more than 3,000 commits from more than 100 contributors," said CoreOS chief executive Alex Polvi.

Meanwhile, Docker is also pushing security as one of the areas of improvement in Docker 1.10. This includes new capabilities that address policy and access control via user namespaces, separating container and Docker daemon-level privileges so that containers do not have root access on the host, only the Docker daemon does.

Orchestration features for building and managing complex distributed applications have also been upgraded, with the Docker Swarm technology now including native clustering support as well as integration with third-party tools.

Meanwhile, a new Docker Compose file format pulls together definitions for application services, network topologies, and storage volumes, all into a single file. This feature provides developers with the ability to create complex, multi-container applications and run them anywhere from the desktop to the cloud, according to Docker.

Other enhancements include an embedded DNS server in the Docker daemon as the default DNS provider for service discovery, while containers can now have custom IP addresses.

Docker said that the improvements in Docker 1.10 provide developers with more flexibility and options, while enabling IT operations to use the same network topology used by the developer to manage networked containers in the production environment.

"With advancements in our orchestration tooling, networking and security, Docker is enabling developers to build more complex applications that can be delivered at scale from the desktop to the cloud, regardless of the underlying infrastructure," said Docker founder and chief technology officer Solomon Hykes.