/pouch

Pouch is an open-source project created to promote the container technology movement.

Primary LanguageGoApache License 2.0Apache-2.0

PouchContainer - An Efficient Enterprise-class Rich Container Engine

License GoDoc Build Status FOSSA Status Go Report Card codecov

pouchcontainer-logo-800

Main Links

Introduction

PouchContainer is an open-source project created by Alibaba Group to promote the container technology movement.

PouchContainer's vision is to advance container ecosystem and promote container standards OCI(Open Container Initiative), so that container technologies become the foundation for application development in the Cloud era.

PouchContainer can pack, deliver and run any application. It provides applications with a lightweight runtime environment with strong isolation and minimal overhead. PouchContainer isolates applications from varying runtime environment, and minimizes operational workload. PouchContainer minimizes the effort for application developers to write Cloud-native applications, or to migrate legacy ones to a Cloud platform.

Features

PouchContainer's most important features are:

  • Rich container: Besides the common ways of running container, PouchContainer includes a rich container mode, which integrates more services, hooks, and many others container internals to guarantee container's running like usual.
  • Strong isolation: PouchContainer is designed to be secure by default. It includes lots of security features, like hypervisor-based container technology, lxcfs, directory disk quota, patched Linux kernel and so on.
  • P2P distribution: PouchContainer utilizes Dragonfly, a P2P-base distribution system, to achieve lightning-fast container image distribution at enterprise's large scale.
  • Kernel compatibility: Enables OCI-compatible runtimes to work on old kernel versions, like linux kernel 2.6.32+.
  • Standard compatibility: PouchContainer keeps embracing container ecosystem to support industry standard, such as CNI, CSI and so on.
  • Kubernetes compatibility: PouchContainer has natively implemented Kubernetes Container Runtime Interface(CRI). It will be smooth to migrate from other Kubernetes container runtime to PouchContainer.

Architecture

We describe PouchContainer's architecture from two dimensions: ecosystem architecture which illustrates how PouchContainer fits into the container ecosystem and component architecture which describes the interactions between various components inside PouchContainer. For more details, please refer to file architecture.md.

Advantages

PouchContainer has lots of advantages over VM technologies. Two of the most impressive ones are Resource Utilization and Application Centric.

Resource Utilization

PouchContainer significantly improves resource utilization:

  • PouchContainer is compatible with OCI image spec. Applications can minimize their storage usage with layered image structure.
  • Incremental image distribution, saves datacenter bandwidth consumption.
  • Significantly less runtime overhead than VM-based technologies.

Application Centric

PouchContainer offers a more "application centric" approach for application development:

  • PouchContainer provides strong runtime isolation between applications, with cutting-edge technology both within kernel support and beyond kernel mode.
  • PouchContainer enables cross-platform and cross-OS application delivery.
  • PouchContainer supports standardized application image spec, so application sharing and reusing becomes trivial for developers and operators.

Getting Started

You can easily setup a basic PouchContainer environment, see INSTALLATION.md. You'll need to install a few packages before starting pouchd, which starts a container management service. The service can be accessed through the pouch CLI or RPC calls. For more details, please refer to CLI Manual, API Manual and USER Manual.

Deploying Kubernetes With PouchContainer

After installing PouchContainer on your machine, maybe it is the exciting moment for you to power your Kubernetes cluster by PouchContainer. There is an easy guide for you to quickly experience this amazing combination Kubernetes + PouchContainer.

Contributing

You are warmly welcomed to hack on PouchContainer. We have prepared a detailed guide CONTRIBUTING.md.

FAQ

For more details about frequently asked questions (FAQ), please refer to file FAQ.md.

Roadmap

For more details about roadmap, please refer to file ROADMAP.md.

Connect with us

You are encouraged to communicate everything via GitHub issues or pull requests. In the future, we would provide more channels for communication if necessary.

If you have urgent issues, please contact PouchContainer team at pouch-dev@list.alibaba-inc.com.

License

PouchContainer is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.