It’s an exciting time to be a startup in the container industry. Containers are transforming how businesses develop and run applications – and Scalock is at the forefront of this technological shift, providing scalable security that covers the entire development-to-deployment lifecycle of containerized applications.
As with any exciting venture, even more companies and solutions will enter the market, creating the need for universal standards that will allow everyone in the industry to work in sync and collaborate.
That’s why Scalock has joined nearly 40 leading tech firms – including Amazon Web Services, Dell, Docker, Google, IBM and Microsoft – in creating common standards for the format and runtime of containers. Scalock will participate in the Open Container Initiative (OCI), a Linux Foundation Collaborative Project that aims to balance the industry’s growth with necessary technical governance.
As businesses continue to recognize the simplicity and value of container-based solutions, there will be an even greater need for a formal set of specifications for formats and runtime. That’s where OCI steps in: the collaborative is reviewing ideas and suggestions from any developer or end-user that will establish stability for containers. Yes, all thoughts are welcome in this open governance project.
Our focus in the OCI will be on the security aspects of containers, ensuring that the software is thoroughly secured from the ground up. Isolated micro-services, each performing a specific task, can be a baseline for secured environments. It allows for the better tuning of access control and least privileges for each container.
When OCI was formed in June 2015, Docker donated a draft specification for the base format as well as the code and runtime for that specification. Nonetheless, there was still widespread interest in crafting vendor-neutral standards that will ensure containers will always be interoperable. Windows Containers, for example, should be able to work with the Google Container Engine.
OCI’s technical roadmap is available on GitHub. The developer community will maintain the project and handle the releases of runtime and specification, and a technical oversight board will ensure cross-project consistencies and workflows.
It’s expected that a draft specification will be open to review in only a matter of weeks, and formal documents will be created and approved within a few months. If you want to know more, OCI offers a detailed FAQ sheet on the project.
I’ll keep you posted on Scalock’s contributions and share details on OCI’s progress. If you have suggestions or comments, please share.
Aqua enables enterprises to secure their virtual container environments from development to production, accelerating container adoption and bridging the gap between DevOps and IT security.
Aqua's Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks, providing transparent, automated security while helping to enforce policy and simplify regulatory compliance.