Microsoft and Docker have jointly announced a new project to create “an open-source, cloud-agnostic specification for packaging and running distributed applications,” according to Microsoft’s press notes.
A Cloud Native Application Bundle (CNAB), as it’s called, provides a standard way for developers to package and run containerized applications in many computing environments, from Docker on a workstation to Kubernetes in a cloud instance.
CNAB’s specification describes “bundles,” or groups of resources that constitute an application. Bundles also describe how apps are to be installed, upgraded, or removed, and how they are to be moved between environments, even when the target environment isn’t online (e.g., an air-gapped system). Microsoft claims it will be possible to digitally sign and verify app bundles “even when the underlying technology doesn’t natively support it.” Bundles can be deployed within organizations or at large by way of existing distribution systems, such as Docker Hub and Docker Trusted Registry.
Technologies already exist for creating application bundles in container environments—for instance, Kubernetes’ Helm, which describes how multiple containers can be composed to define an application stack. CNAB is aimed at a more overarching set of use cases, and it is intended to work with not only Kubernetes but also other systems for deploying and managing containers.
Another stated goal for CNAB is to reduce the number of tools needed to create application definitions. A CNAB definition can automatically produce definition files specific to the deployment target — e.g., Helm charts or Compose templates — so that users don’t need to master multiple toolsets to deploy to multiple targets.
Docker and Microsoft both plan to release development tools for CNAB. Microsoft announced it will offer Visual Studio Code extensions to make it easier to create CNAB bundles, along with an open source example (“Duffle”) that implements the CNAB spec. Docker intends to add CNAB support to a new revision of the Docker App tool, so that CNAB-defined apps can be maintained in instances of Docker Enterprise.