Cloud-Native Application Bundles: Containerisation with Cloud-Native Applications

By JP La Torre
Cloud-Native Application Bundles - Containerisation with Cloud-Native Applications2

One of the few remaining challenges of deploying applications as microservices, running in containers, is complexity. A cloud environment may start as a simple ecosystem for microservices, but it doesn’t take much for that simplicity to be replaced by a complex web of containers.

Modern container orchestration systems like Kubernetes don’t really help with simplicity either. In fact, it is too easy to end up with a complex network of pods across multiple clusters when you don’t incorporate Kubernetes deployment best practices correctly.

When it was first made popular back in late 2019, the Cloud Native Application Bundles, or CNAB, is designed to combat the complex nature of containerisation. Today, CNAB has become the go-to standard for simplifying the process of bundling, installing, and managing apps in containers.

A Cloud-Agnostic Solution

CNAB was first introduced in 2018, but it wasn’t widely adopted until late in 2019. As a standard, one of the biggest advantages offered by CNAB is its support for any cloud computing environment. Yes, it is a cloud-agnostic approach that can be implemented in any environment.

In fact, the primary goal of CNAB is to make containerisation easier to incorporate across different cloud environments. Moving a bundled app from one cloud cluster to another should involve nothing but the standardised process.

CNAB itself is a tool that was initially developed by Microsoft and Docker. Considering that Docker is still used on top of existing container orchestration systems, it is easy to see how CNAB immediately became the universal tool to use.

Before we get to the technical side of CNAB, there are several additional advantages to acknowledge first, starting with the fact that CNAB makes deploying applications easy. Since packages are standardised, you can scale up the distribution of pre-made apps.

That level of standardisation is perfect for developers offering on-premise or self-hosted solutions. Rather than having to manually install and configure everything, applications can be delivered as packages or bundles, and any cloud administrator can install them easily.

CNAB also highlights security as an important factor. The signing and verification runtimes that are part of CNAB makes securing bundled apps easy. In fact, administrators can always check the crypto signature of bundled apps to make sure that they come from legitimate sources.

Introducing: Duffle

The packaging and unpacking of cloud-native applications are best done using Duffle, a tool natively built to adopt CNAB. It is the implementation of the CNAB specification to the letter, despite many other tools introducing their own takes on authoring application bundles.

Duffle depends on a Docker engine to build and install CNABs. If you are using a local development environment, you need to make sure that you can use Docker for Mac, Docker for Windows, or Docker on Linux to eliminate the dependency. You can also use Docker in the cloud if one is available.

The tool itself is straightforward. Once you have your application ready for deployment, simply run duffle build ./appfolder/yourapplication/ to start the process. Duffle will take you through 6 steps and you will have a successful build at the end of the wizard.

Running bundled applications requires you to run duffle install command while cleaning up applications can be done with the duffle uninstall command. You may also want to generate credentials for the bundled apps for them to run properly.

There are some parameters to be defined before you can bundle applications successfully, starting with the usual name-version-description-keywords combination of the metadata. You can then add cnab under invocationImages and begin defining how the bundle should be processed.

Everything else is easy. The app itself can be in any form you like as long as it is designed to run in Docker containers. You can also define user-overridable parameters for the install process, plus you can embed executable images if there are dependencies to manage.

That’s the entire CNAB standard. As long as these parameters are defined, you will have no trouble creating bundles and installing them using the commands we discussed earlier.

Thick and Thin

One last thing to understand about CNAB and how it makes containerisation of cloud-native applications easy is the two types of bundles you can create: thin bundle and thick bundle. As the names suggest, thin bundle contains only the bundle definition, while thick bundle also includes all of the invocation images and additional resources that may be required.

A thin bundle requires an active repository. This is because when the bundle is installed, tools like Duffle will try to find the correct packages from storage repos. Thick bundle is usually the safer way to go when you need to bundle applications without additional dependencies, such as when the bundle is needed for on-premise deployment.

Every bundle is signed to prevent tampering. Regardless of the bundle type you use, CNAB allows for consistent bundling, installation, and management of containerised applications without fail.

Caylent provides a critical DevOps-as-a-Service function to high growth companies looking for expert support with Kubernetes, cloud security, cloud infrastructure, and CI/CD pipelines. Our managed and consulting services are a more cost-effective option than hiring in-house, and we scale as your team and company grow. Check out some of the use cases, learn how we work with clients, and read more about our DevOps-as-a-Service offering.