The author | we (ali cloud container service r&d director), WuXingLing

** Recently, Gartner released its public Cloud Container Report 2020. According to the report, Alibaba Cloud and AWS have the richest product layout, covering nine product capabilities, ranking joint first. For more details, check out Gartner Container Report: Alibaba Cloud shares First place with AWS, ahead of Microsoft and Google.

According to Gartner’s report, Ali Cloud has a rich container product form, a strong performance in the Chinese market, and a good technology development strategy in nine product areas, including Serverless container, service grid, security sandbox container, hybrid cloud and edge.

Ali Cloud has been the only Chinese enterprise selected for two consecutive years. Now, Ali Cloud container service has been opened in 19 public cloud available areas around the world, with the growth rate of service scale exceeding 400% for many consecutive years, supporting tens of thousands of clusters and owning millions of containers.

The so-called ten years of grinding a sword, as one of the earliest domestic container technology layout of ali Cloud, what is the evolution of technology behind it? In this regard, the author interviewed Yi Li, director of container service research and development of Ali Cloud, to reveal the development path of container technology of Ali Cloud in the era of cloud computing and analyze the new development trend of the industry.

Yi Li, Director of Container Service research and development of Ali Cloud

From the bottom of ali Cloud container technology evolution process

Now Ali Cloud container’s performance is brilliant, but behind it is Ali’s investment and experience in the past decade:

  • As early as 2011, before the emergence of Docker technology, Alibaba began to apply container technology on a large scale.

  • In December 2015, Aliyun officially provided container services to the outside world.

  • In 2016, Alibaba’s core business link on Singles’ Day was fully containerized. Container technology supported the overall transaction system of Singles’ Day, with the transaction peak reaching 175,000 transactions per second.

  • In October 2017, ACK (Alibaba Cloud Container Service for Kubernetes) 1.0 was officially released, which is one of the first products in the world to pass Kubernetes consistency certification.

  • In March 2019, Ali Cloud became the only enterprise selected by Gartner public Cloud Container Service Report in China;

  • In September 2019, ACK2.0 was comprehensively upgraded, including a series of important product capabilities such as security sandbox, edge computing and hybrid cloud, and released the Ali Cloud Market partner Plan.

** containers revolutionize cloud native **

Container as a representative of cloud native technology, As early as 2004, Google began to use container technology, in 2006 released the process container, container virtualization infrastructure into the Linux kernel. In 2013, Docker was officially released and became a phenomenon-level open source project. In the same year, the concept of “cloud native” was proposed. In 2014, Kubernetes was officially released.

In this regard, Yi Li said that container technology set off a cloud native revolution. Container technology standardizes cloud computing builds (Docker images have become the standard for application distribution and delivery); It also becomes a standard for resource scheduling and orchestration, shielding underlying infrastructure differences and helping applications to be deployed on different cloud infrastructures.

Yi Li said that only standardization can promote the economy of scale and match the essence of cloud computing, which is an important contribution of container technology. ** The standards it builds enable the upper layer to build a set of value-added capabilities to help enterprises and developers build resilient, manageable systems on the cloud. This is an important essence of cloud native.

In addition to container technology, cloud native technology is generally believed to consist of three major elements: continuous delivery, DevOps and microservices, which are the inevitable results driven by both technology and business in Yi Li’s view.

In business, with the rapid development of the Internet and digital economy, enterprises are facing more and more uncertainties and rapid development. For example, at the beginning of 2020, in the face of a sudden epidemic, industries such as education and public health need to quickly go online to better meet the rapid growth of business development needs.

This is a huge challenge for enterprises, enterprises need to have good adaptability to adapt quickly, maintain rapid growth, in order to survive in the highly dynamic commercial environment. Cloud native technologies help drive business agility.

In this way, a wide range of technologies are involved: for example, Severless, continuous delivery can provide an agile development process, and containers, as a way of standardizing software delivery, can promote efficient collaboration among organizations and accelerate enterprise innovation. Microservices is an agile application architecture. Containers can help large-scale distributed application distribution, deployment, delivery, operation and maintenance, and improve the level of automation and intelligence. With these technologies, they support enterprise architecture to adapt and iterate quickly.

Yi Li said that cloud native is the inevitable trend of cloud computing and the inevitable result of the development of the Internet and digital economy. Cloud computing can help scale and save IT resources, reduce computing costs and improve efficiency, and provide IT capabilities and services for on-demand use, which is the construction of digital economic infrastructure. Cloud native is the shortest path to unlocking cloud value and helping enterprises better leverage cloud capabilities.

Cloud native in the past life of Ali Cloud

In 2008, Ali began to evolve from centralized single application to distributed micro-service, and HSF, Dubbo and other technologies have been widely used. After a large-scale distributed architecture is introduced, the enterprise is faced with complex architecture deployment, operation and maintenance, and low resource utilization.

In 2011, Ali’s T4 container came online, which used container technology to run as containerized virtual machine, thus opening ali’s exploration in cloud native.

In 2015, container and cloud native technology were applied in Ali on a large scale, which can be reflected in two aspects: In terms of technology, Ali began to use cloud resources to achieve the goal of cost saving in the Double 11 of that year. Due to the good portability of containers, the goal of cloud storage was achieved. In terms of organization, Ali fully embraced the DevOps culture, merging operations and peacekeeping r&d teams, and accelerating DevOps practice and implementation through container technology.

With the rapid development of Alibaba’s business, both online businesses like Tmall and shopping cart and offline businesses like data analysis have put forward higher requirements on the utilization of resources. In this development process, container technology can be effectively economized and unified to improve the utilization rate of resources and reduce costs.

At the end of 2018, Alibaba decided to go cloud wide. At that time, we decided to use the way of cloud native to go to the cloud, instead of using the way of cloud space to go to the cloud. In this way, by fully releasing the power of cloud on the cloud, we could help Ali to make better use of the value of cloud and accelerate the large-scale application of cloud native in Ali.

“It also gives users more confidence, because Ali is using its own delivery system to hone the core capabilities of Ali Cloud, just like riding on a plane with corporate customers,” Yi quipped.

Three-dimensional technology architecture ensures the security of cloud applications

According to the report, security is the biggest concern enterprises have about cloud native technologies. So ali cloud has any technical guarantee in this respect?

In response to this question, Yi Li kept quiet and asked: What are the differences between the security in the cloud native era and traditional security?

First, cloud native applications are highly dynamic and high-density.

Where once there was only one application deployed on a machine, now there are hundreds of applications deployed on a machine, so density will increase. In addition, the container is A dynamic deployment application. One second, APPLICATION A is running, and the next second, application B may be running. Such dynamic nature and high density are unprecedented security challenges.

Second, the r&d process in the cloud native era is agile and rapid iteration.

With the adoption of microservices and DevOps, developers are releasing applications more frequently, more than fivefold more often than with traditional application deployments. Traditional security means are based on process control: review first, and then go online. When problems occur online, solve them according to a very strict process, which will lead to a slow overall software development process. But cloud native is both fast and secure.

Third, the extensive use of open source technology.

In the cloud native era, many applications of enterprises rely on open-source software of three parties, which may bring uncertain security risks to enterprises.

In the face of these challenges in the cloud native era, in order to increase security, Ali Cloud adopts three-dimensional and end-to-end security architecture, from the security of infrastructure, to the security of the software supply chain, and then to the security of the application ecology, to create three-dimensional protection.

First, as a public infrastructure, the cloud is more secure than a user-built data center.

The second is a secure software supply chain. We need to integrate the concept of security into the entire software life cycle and move security protection capabilities left to the development and delivery stages. Evolution from DevOps to DevSecOps. In this regard, Ali Cloud provides product capabilities such as container image scanning and signing. These also have a good implementation in Ali, Ali e-commerce, Alipay and other businesses have high security requirements.

You also need to secure runtime security because security risks are everywhere. To this end, Aliyun supports secure sandbox containers, which cannot be broken even by untrusted applications; Ali Cloud Security Center can scan and monitor the security risks of container applications in real time, and block new vulnerabilities to help enterprise users build a secure cloud native platform.

Ali Cloud five advantages

In addition to security, Ali Cloud’s cloud native technology also has five advantages:

1. Optimized and integrated Aliyun capabilities

Ali has many independent and world-leading cloud capabilities such as Ftir cloud operating system, Dragon architecture and optical chip. Ali Cloud container products are deeply integrated with them. For example, the combination of performance container and Divine Dragon architecture has the advantage of zero loss, and the performance is 20% better than physical machine; With the elastic capacity of Ali Cloud, the application architecture can be expanded in seconds, and thousands of nodes can be expanded in minutes.

2. Ali mass production practice

Ali container from 2011 to now, nearly ten years, after a lot of real practice in production environment tempered. In 2019, Ali started to go cloud in a large scale and comprehensively based on cloud native technology.

3. Large-scale user applications

Ali Cloud container products are now in service in 19 public cloud available areas around the world, supporting many global enterprise applications such as Siemens, Schneider and the Organizing Committee of the Olympic Games to build on ali Cloud container platform.

It is worth mentioning that in the face of the surging user traffic of online education during the epidemic, Aliyun container helped expand capacity, as Li Nuo, co-founder of Onion Institute and CTO said: During the epidemic, Onion Institute, as the leading K12 online education company, opened all the core course resources of the platform to teachers and students all over the country for free. More than 7 million students studied independently on the Onion Institute App, and the number of daily study visitors continued to soar during this period. After using cloud containers, the system improves resource utilization by about 60%. When problems occur, the system can be quickly isolated. In the face of rapidly increasing service volume, the system can be expanded to support services in a short period of time.

4. Ali’s key strategic investment in cloud native

Ali Cloud CEO Zhang Jianfeng repeatedly stressed, to invest in cloud native. Because of the strategic investment of enterprises, Ali Cloud continues to increase product innovation and jointly create more valuable new products. In 2019, we will launch edge Container (ACK@Edge), which is committed to realizing new container products integrating cloud, edge and end, and expanding the original boundary of cloud.

5. Cloud native open source contributions

In the field of domestic open source, Ali’s influence is greater. We saw that Li Xiang, a senior technical expert of Ali Cloud, was elected to the technical supervision committee of Cloud Native Computing Foundation (CNCF), the world’s top open source community. In addition, Aliyun has contributed Dragonfly, a cloud native image distribution system, to CNCF and has entered the incubation state. Details to view: “the blockbuster | Dragonfly promotion become CNCF incubation project”.

Currently, Alibaba Group and Ant Financial have invested heavily in the field of security sandbox, not only applying security sandbox containers in their own products, but also returning related capabilities to the open source community.

In the ERA of AI, the new trend of cloud native development

With the development of open source and AI technologies, Yi Li believes that cloud native may have new growth points in the following areas:

  • One is AI. Gartner predicts that 70% of AI applications will be based on container and Serverless technologies by 2023. At present, the cloud native ML tool KubeFlow can provide AI processes that users can assemble, reproduce and transplant. The Yi Li team has contributed the deep learning accelerator Arena to the KubeFlow community.

  • Second, Kubernetes has a good tendency of development in the field of application delivery, because Kubernetes positioning is for the operation and maintenance of enterprise automation, now we have higher attention to the field of application delivery, so more and more standards are emerging. Now Ali and Microsoft jointly promote OAM (Open Application Model), is to further simplify Kubernetes, the development and operation of the effective sorting and division, so that the whole team collaboration becomes more efficient;

  • The third is the security sandbox container. Now we see Alibaba, Google and others launching container technologies such as Kata Containers, Docker and gVisor, which are exploring safe and efficient container technologies to support the rapid development of upper-layer cloud native applications.

Reveal the layout of future containers

Talking about the future, Yi Li introduced the layout of Aliyun in containers:

  • In container technology, the goal is to build a new foundation, new computing power, new ecology;

Yi Li emphasizes that cloud native technology is the shortest path to unlock cloud value, which can help enterprises better support hybrid cloud, cloud side integrated distributed architecture and global application delivery.

According to Gartner analysis, more than 80% of enterprises will adopt hybrid cloud architecture, and Aliyun pays more attention to the integration of hybrid cloud and cloud side. Yi Li believes that the future cloud architecture is a dynamic and hybrid architecture — the cloud side is integrated, the public cloud capability expands to the edge device side, the computing capability and AI need to be pushed to the edge, and the container provides a consistent way for the unified application deployment and delivery of the cloud side.

Based on the innovative technology of cloud native integration of software and hardware, Ali Cloud provides powerful computing power to accelerate the intelligent upgrade of enterprises: container services combine with Dragon architecture to give full play to performance and flexibility, support scheduling and sharing of optical 800 chips, and optimize the efficiency and cost of deep learning scenarios to the extreme.

  • Serverless, as Serverless is the next important direction in the development of cloud native computing, the combination of Serverless AI and data capability will release greater power and make enterprise IT architecture more flexible;

  • Service Mesh helps enterprises optimize micro-service application architecture. It lowers Service governance capabilities to the infrastructure and enables developers to focus on their own business logic, which can greatly improve r&d efficiency and technology iteration speed. At present, Ali economy has a larger investment in the service grid.

Ecological construction Plan

In September 2019, Ali Cloud officially launched the container market, helping enterprise users to conveniently obtain commercial and high-quality container applications certified by Ali Cloud.

Now, Intel and other well-known enterprises have entered the cloud market, covering container security, commercial applications and other products. In addition, Alibaba Cloud and SAP’s Cloud Platform and other enterprise platforms cooperate in the global technology partnership ecological program.

Finally, Yi Li concluded that with the rapid development of digital economy, more and more enterprises will use cloud native technology to accelerate the internetization of their architectures. Cloud native technology can help enterprise IT architectures become more flexible and autonomous and improve business agility.

Enterprises should make use of cloud native technology to facilitate their own digitization and intelligent upgrade, because the integration of cloud native technology with heterogeneous computing, big data and AI can release great power and help enterprises turn data assets into core competitiveness.

As technologies such as 5G and IoT mature, the country’s new infrastructure policies will bring new opportunities for enterprises. Cloud native technology can help enterprises accelerate the integration of cloud applications and build the next generation of dynamic large-scale borderless cloud application architecture.

If cloud native is the battle for cloud computing in the next decade, then container is the most critical battle. This Gartner container report can be called the embodiment of the comprehensive strength of the “forces” of various cloud manufacturers. Obviously, Ali Cloud has won the most critical battle of cloud native!

Click on Aliyun for more information

Cloud Native Webinar invites you to attend

“Alibaba Cloud originator focuses on micro-service, Serverless, container, Service Mesh and other technical fields, focuses on the trend of cloud native popular technology, large-scale implementation of cloud native practice, and becomes the public account that most understands cloud native developers.”