Menu
Docker and OpenShift are both frameworks to implement a PaaS service.
How do they compare in architecture and features?
214
OpenShift is not directly comparable to Docker, because OpenShift is a container orchestration platform, while Docker is a container engine. However, in this article we'll compare the orchestration features of OpenStack to those of Docker Swarm, which is included in the Docker Community Edition.
OpenShift is built on top of Docker and Kubernetes. All the containers are built on top of Docker cluster, which is basically Kubernetes service on top of Linux machines, using Kubernetes orchestrations feature.
Docker, Kubernetes and OpenShift are independent container technologies that are related to each other in many ways and complement each other. Kubernetes can deploy Docker images and orchestrate. Similarly, OpenShift seamlessly manages the Kubernetes cluster. With Kubernetes, one can manage hundreds of containers.
The primary difference is that Docker as a project is focused on the runtime container only, whereas OpenShift (as a system) includes both the runtime container as well as the REST API, coordination, and web interfaces to deploy and manage individual containers.
Comparing just the runtime containers, OpenShift and Docker both use kernel isolation features to keep tenant processes separate. For Docker that is primarily through LXC and for OpenShift that is largely through SELinux and Multiple Category Security (MCS). Both use cgroups to limit the CPU, memory, and IO of tenants. Upstream OpenShift is looking at LXC to reduce long term effort.
Docker uses AUFS for advanced disk and file copy-on-write sharing, OpenShift neither requires nor is incompatible with such a system.
Inside the container, OpenShift models units of functionality (web servers, dbs) via "cartridges", which are a set of shell script hooks that are called when the system is invoked. The API is described here. A cartridge is roughly similar to a docker image.
Openshift also describes the API by which a broker (coordinator) communicates with nodes (servers that host multiple tenant containers) to invoke endpoints in that container.
EDITED TO ADD: As of June 2015, OpenShift Origin 1.0 runs on top of Docker and Kubernetes, and you can build and develop multi container apps that run on the Docker runtime. OpenShift adds build, image workflow and promotion, and secure container cluster operations on top of Kube and Docker
131
I thought I should update the answers to this question with information available near the end of 2018.
The situation right now is a little more complicated than when the question was originally asked. Right now Docker Inc. is the primary developer of docker and Moby -- which is currently the upstream project for the docker runtime and the commercial enterprise edition of docker, imaginatively called Docker Enterprise Edition.
Contemporary analysis of this question would result in a comparison of Docker Enterprise Edition with RedHat OpenShift. These container platforms are in direct competition with each other and both are considered to be Kubernetes distributions that can be run on-prem and in the cloud. At the time of writing, Docker Inc.'s Docker-EE is leading the pack in terms of features and sales, but there is stiff competition from the public-cloud providers who are offering kubernetes Platform(s) as a Service and are starting to move into more advanced Serverless Container Platforms.
41
A picture is worth a thousand words:
36
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
