Pouch is an open-source project created by Alibaba Group to promote the container technology movement.
Pouch's vision is to advance container ecosystem and promote container standards OCI(Open Container Initiative), so that container technologies become the foundation for application development in the Cloud era.
Pouch can pack, deliver and run any application. It provides applications with a lightweight runtime environment with strong isolation and minimal overhead. Pouch isolates applications from varying runtime environment, and minimizes operational workload. Pouch minimizes the effort for application developers to write Cloud-native applications, or to migrate legacy ones to a Cloud platform.
Pouch's most important features are:
- Strong isolation: Pouch is designed to be secure by default. Include lots of security features, like hypervisor-based container technology, lxcfs, patched Linux kernel and so on.
- Rich container: Besides the common ways of running container, Pouch includes a
rich container
mode, which integrates more services, hooks, and many others container internals to guarantee container's running like usual. - P2P distribution: Pouch utilizes Dragonfly, a P2P-base distribution system, to achieve lightning-fast container image distribution.
- Kernel compatibility: Enables OCI-compatible runtimes to work on old kernel versions, like linux kernel 2.6.32+.
- Stability: Pouch has been running on tens of thousand nodes in Alibaba stably, and helped all online transactions of Alibaba's 2017 Singles Day smoothly on millions of containers.
- Simplicity: Very few steps needed to setup Pouch.
We describe Pouch's architecture from two dimensions: ecosystem architecture which illustrates how Pouch fits into the container ecosystem and component architecture which describes the interactions between various components inside Pouch. For more details, please refer to file architecture.md.
Pouch has lots of advantages over VM technologies. Two of the most impressive ones are Resource Utilization and Application Centric.
Pouch significantly improves resource utilization:
- Pouch is compatible with OCI image spec. Applications can minimize their storage usage with layered image structure.
- Incremental image distribution, saves datacenter bandwidth consumption.
- Significantly less runtime overhead than VM-based technologies.
Pouch offers a more "application centric" approach for application development:
- Pouch provides strong runtime isolation between applications, with cutting-edge technology both within kernel support and beyond kernel mode.
- Pouch enables cross-platform and cross-OS application delivery.
- Pouch supports standardized application image spec, so application sharing and reusing becomes trivial for developers and operators.
You can easily setup a basic Pouch environment, see INSTALLATION.md. You'll need to install a few packages before starting pouchd
, which starts a container management service. The service can be accessed through the pouch
CLI or RPC calls. For more details, please refer to CLI Manual and API Manual.
You are warmly welcomed to hack on Pouch. We have prepared a detailed guide CONTRIBUTING.md.
For more details about frequently asked questions (FAQ), please refer to file FAQ.md.
For more details about roadmap, please refer to file ROADMAP.md.
You are encouraged to communicate everything via GitHub issues or pull requests. In the future, we would provide more channels for communication if necessary.
If you have urgent issues, please contact Pouch team at [email protected].
Pouch is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.