Red Hat Releases Project Atomic
In April, Red Hat released Project Atomic, a prototype system for running Docker containers. This is Red Hat’s response to the interest in CoreOS a system for hosting Docker containers based on ChromeOS.
Project Atomic is not intended to be another operating system; Red Hat already has RHEL, Fedora and now CentOS, so a fourth OS would not make much sense. Instead it is currently a prototype using Fedora, with a CentOS version slated to come soon, not yet a production product.
The core of Project Atomic is the package installation system, rpm-ostree, which takes the packages from Fedora (or potentially another distro in future), and acts as a “Git for operating system binaries”, allowing different collections of packages, or operating installs, and switch atomically between them. Switching still requires a reboot, but you can revert to any old version if there is a problem.
This is a different model from CoreOS which, like ChromeOS on which it was based, has two complete OS images, a current one and a fallback, which are switched on upgrades. Unlike CoreOS, which is designed just to host containers, the rpm-ostree technology is also potentially useful for configuring and deploying the Docker containers that run within the host, although that has not yet been a focus of development.
Of course Docker support is the main selling point, and that is the expected way to run most applications on the system, although further packages can be integrated into the base system. Like CoreOS, systemd is the core running the processes. In order to run distributed applications, Project Atomic uses Geard, a project from Red Hat’s OpenShift PaaS framework. Geard will be the basis of the next generation of OpenShift, and is integrated with systemd. A set of services across multiple containers can be configured with a JSON file saying how to build and connect them in a straightforward way.
Reaction from the community has been guardedly positive, given the short time the project has been out. Major Hayden, chief security architect at Rackspace says “Project Atomic isn’t production ready but it has a long runway ahead. If the project can match CoreOS on the functionality of etcd/fleet while adding on the concept of joined Docker containers, it could be a real success.”
Also included is a browser based graphical management tool, called Cockpit, to manage both the Project Atomic host and the running containers, and manage resource usage. Again this is beta code, and the Project Atomic install is the recommended way of using it.
As Project Atomic is shipping exactly the same binaries and kernels as the upstream Red Hat products, it benefits from the upstream engineering effort and support, which should be a strong positive for it as it matures. It is still at an early stage, especially as there is no installer yet, just virtual machine images. The development process is open on GitHub so community involvement is being encouraged. From Fedora 21 a Fedora Atomic version will be released at the same time as the Fedora release.
Tom Gilb & Kai Gilb Jan 26, 2015