The Challenges of Bridging Containers and the Cloud
This post is the second in a two-part series on the future of containers in the cloud. The post reviews the challenges to bridging containers and the cloud, and offers advice on how to address those challenges. Read the first part on how mainstream use of the cloud has turned the spotlight on the value of containers and the need to secure them.
Tech experts all seem to agree that containers will be crucial to cloud operations moving forward. Forrester Research, InformationWeek and InfoWorld have all recently declared with confidence that containers will be a dominant force in 2016, reshaping and evolving IT.
But few transitions come without challenges, particularly in the fast-paced world of technological innovation. Replacing (or augmenting) virtual machines (VM) with the more efficient containers could be the bridge that connects traditional data centers to the hybrid cloud, but there are barriers to overcome.
The greatest challenges to bridging containers and the cloud include initial cost, security risks, networking, and the pace of adoption. Challenges such as cost require internal planning to overcome, while security is being addressed by emerging vendors that specialize in container security. Network and pace of adoption barriers require network engineers and IT leaders who are creative, attentive and well-versed in container technology.
Here are some tips for addressing these challenges to take full advantage of container efficiencies:
There are costs associated with any technological change. Containers have the potential for tremendous cost savings, but some companies delay the transition because they worry about the expenses involved in the installation process and the training of employees, as well as costs associated with lost productivity during the transition. The key to staying within budget is to plan for the transition months in advance, setting aside the funding and time.
Because containers are relatively new – at least in terms of widespread use – they present a unique set of security challenges. Containers are vulnerable to cyber attacks because: criminals can use the shared kernel to infect all other containers on the same host; users have few controls to limit and monitor software use; and because they may contain outdated, vulnerable and non-compliant components.
Enterprise-grade security is paramount, not just when containers are deployed but throughout the lifecycle. Containers need to be analyzed to make sure they comply with your company’s security policies, and access must be restricted to authorized users. Containers should be monitored and secured across every level: containers, hosts and applications. This where purpose-built container security solutions such as Scalock’s will play an important part in removing obstacles to adoptions.
Container networking can lead to issues of scale. As TechTarget reported, network engineers can face some significant challenges when deploying containers within their infrastructure. Understanding how container hosts support the network address translation (NAT) model helps avoid these issues, according to the report.
One solution is to attach containers directly to the hosts’ network interfaces, so that the containers share the local area network (LAN) with the host. Another is to turn the host into a router. The host would route a prefix to the containers that exist on the host, and each container would use a globally unique IP address.
Pace of Adoption
Containers can be launched quickly, which is one of their prime advantages. However, it’s also possible to do so at the risk of consuming more cloud resources than you need. The smart approach is to plan for an orderly shutdown of containers that are no longer in use. It’s important to constantly be evaluating the number of containers to avoid spending tens of thousands per month in unused resources. Orchestration solutions such as Google’s Kubernetes, Mesos, and Docker Swarm can help here.
Containers show great promise, despite the challenges. Container-based architectures bring new and significant efficiencies to cloud computing, including better capacity utilization, speed of deployment, and ease of management in a hybrid environment. Containers allow organizations that are moving applications to the cloud to do so in a smarter, more economical fashion. The benefits of containers far outweigh the challenges, but understanding how to address those challenges is vital.