In light of the recent Equifax breach, Gene Kim and speakers from the upcoming DevOps Enterprise Summit San Francisco (DOES17) dissected the situation and discussed the technical leadership lessons learned while offering their own expert advice for handling crisis situations. The following are more highlights from the discussion ...
A powerful tool for simplifying DevOps is containerization, which delivers a convenient form of application packaging, combined with the opportunity to automate certain IT provisioning processes. With containerization, DevOps teams can focus on their priorities — the Ops team preparing containers with all needed dependencies and configurations; and the Dev team focusing on efficient coding of an application that can be easily deployed.
This automation can be achieved through PaaS or CaaS solutions, which offer additional benefits including eliminating human errors, accelerating time to market and more efficient resource utilization.
Other important benefits of containerization are:
■ Container-based virtualization guarantees the highest application density and maximum utilization of server resources compared to virtual machines.
■ Considering advanced isolation of system containers, different types of applications can be run on the same hardware node leading to a reduction of TCO.
■ Resources that are not consumed within container boundaries are automatically shared with other containers running on the same hardware node.
■ Automatic vertical scaling of containers optimizes memory and CPU usage based on the current load, and no restart is needed to change the resource limits compared to VM scaling.
Unleashing the potential of containerization for DevOps requires careful attention to several challenges however, especially for first-time adopters.
Realizing Project Needs
At the early stages, DevOps teams must analyze the current state of their projects and decide what is required to move to containers, in order to realize long-term, ongoing benefits.
For optimal architecture the right type of container must be selected. There are two types:
■ an application container (Docker containers) runs as little as a single process
■ a system container behaves like a full OS and can run full-featured unit systems like systemd, SysVinit, openrc that allow it to spawn other processes like openssh, crond, syslogd together inside a single container
For new projects, application containers are typically more appropriate, as it is relatively easy to create the necessary images using publicly available Docker templates taking into account specific requirements of microservice patterns and modern immutable infrastructure design.
It is a common misconception that containers are good only for greenfield applications (microservices and cloud-native). They can indeed breathe new life into legacy applications, with just a bit of extra work at the initial phase while migrating from VMs.
For monolithic and legacy applications it is preferable to use system containers, so organizations can reuse architecture and configurations that were implemented in the original VM-based design.
Future-Proofing Containerization Strategy
After determining what the project requires today, it is best to think about the future and understand where technology is heading. With project growth, complexity will increase, so a platform for orchestration and automation of the main processes will most likely be needed.
Management of containerized environments is complex and dense, and PaaS solutions help developers concentrate on coding. There are many options when it comes to container orchestration platforms and services. Figuring out which one is best for a particular organization’s needs and applications can be a challenge, especially when needs are frequently changing.
Here are several points that should be considered when choosing a platform for containerization:
It is paramount to have a platform with a sufficient level of automation, which can be easily adjusted depending on variable requirements.
Level of Lock-In
PaaS solutions are often proprietary and therefore can lock you into one vendor or infrastructure provider.
Freedom to Innovate
The platform should offer a wide set of built-in tools, as well as possibilities to integrate third-party technologies, in order not to constrain developers' ability to innovate.
Supported Cloud Options
When using containerization in the cloud it is also important that your strategy supports public, private and hybrid cloud deployments, as needs can change eventually.
When you choose a specific platform, it is typically a long-term commitment. So it is important to consider what pricing model is offered. Many public cloud platforms offer VM-based licensing, which may not be efficient when you’ve already migrated to containers, which can be charged only for real usage, not for the reserved limits.
Which platform you choose can significantly influence your business success, so the selection process should be carefully considered.