At the recent DockerCon event in Austin, Docker Inc announced two significant open source projects, Moby and LinuxKit. Moby essentially marks the split of Docker, the open source project from Docker Inc the company, with the docker/docker GitHub repo moved to moby/moby. LinuxKit provides a set of tools to build 'custom Linux subsystems that only include exactly the components the runtime platform requires'.
Rancher's Darren Shepherd sums up the purpose of Moby in his tweet:
Confused about Moby? tldr NOTHING CHANGES FOR @docker USERS. This is an internal project change to help system builders like @Rancher_Labs.
Docker CTO Solomon Hykes expands on this by stating:
Moby is designed for system builders, who want to build their own container based systems, not for application developers, who can use Docker or other container platforms. Participants in the Moby project can choose from the library of components derived from Docker or they can elect to 'bring your own components' (BYOC) packaged as containers with the option to mix and match among all of the components to create a customized container system.
There was some initial confusion about where the Moby project ends and Docker begins, particularly around the 'docker' command line tool, which were addressed by Hykes on Twitter:
Moby is the project to build Docker itself (or something like it).
and:
Users are unaffected. Docker binaries remain the same.
Ultimately a group of maintainers got together to add a 'Moby and Docker' statement to the Moby Project home page, in order to provide further explanation. Hykes later produced a hand drawn sketch of the Moby project architecture and how it relates to upstream and downstream components, which Alvaro Miranda tidied up to create:
The LinuxKit launch post comes from Justin Cormack, one of the software engineers in Docker Inc's Cambridge UK office who came from the acquisition of Unikernel Systems:
LinuxKit includes the tooling to allow building custom Linux subsystems that only include exactly the components the runtime platform requires. All system services are containers that can be replaced, and everything that is not required can be removed.
LinuxKit is thus less concerned with what goes inside containers, which can be left to the GoLang 'FROM SCRATCH' pattern, Alpine Linux, or any other distribution of choice dependent on the user's appetite for size, security surface area and tool familiarity. Docker also announced multi-stage builds, which allows the construction of containers where tools that are used during the build can be stripped out once the desired binary has been created. LinuxKit is instead focused on what goes outside the containers, providing a way to assemble a minimal runtime environment that can be tailored to a specific deployment platform. It thus shares many conceptual similarities with unikernels, with the key difference being that it's still the Linux kernel at its heart rather than a special purpose binary. Just enough operating system (JeOS) has been a concept since the early days of cloud computing, with companies like rPath creating tooling for minimal system images; LinuxKit exploits the popularity of containers to bring the approach up to date and generally simplify issues around dependency management.
Both announcements are predominantly about Docker Inc's own place in the container ecosystem it spawned, and they have little impact on the existing user experience. Moby puts clear space between what was Docker the open source project, and Docker the company, whilst at the same time bringing greater modularity. LinuxKit brings new ways to run Docker, and in part competes with the container optimised Linux distributions such as CoreOS. The ambition is wider than that though, as LinuxKit starts to bring together what have been two separate concerns of an OS to run containers, and containers to run in that OS, and makes them into a consistent deployable artifact.