Find out from Rob Stroud, CPO of XebiaLabs and former DevOps Analyst at Forrester Research, where containers fall short and how to bridge the gap between the promise of containers and the realities of complex enterprise application delivery.
4. 4
Containers
A container is a portable package that
contains an application, its dependencies,
its libraries, and the configuration files
needed to run it. Containers are:
▪ Lightweight
▪ Transportable
▪ Scalable
▪ Platform for microservices
5. 5
What is a container?
VM VM VM
Applications
Kernel
Container Container Container
Traditional virtual machines
Hardware virtualization
Containers
Operating system virtualization
6. 6
I hear the term “Docker” everywhere…
▪ A “new paradigm” whereby all applications should be delivered
as versioned containers by development teams
− New version of the app = new version of the (set of) containers
− Often also assuming that apps will be built as microservices
▪ The expanding ecosystem of container tools
that enable:
− Multi-container frameworks
− Container runtime platforms
− Container delivery pipeline tools
7. 7
Container Terminology
Container
runtime
Container
orchestration
platform
Container
management
platform
A container runs in a runtime directly on hardware (“bare metal”) or on top of
an operating system.
Examples: Docker, Rkt, Apache Mesos
Container orchestration allows you to deploy and manage multiple containers
running on a container runtime.
Examples: Kubernetes, OpenShift, Marathon, Pivotal Container Service, DC/OS
Container management includes container orchestration plus other enterprise-
friendly features such as scheduling, storage, networking, and access control.
Example: Rancher
9. 9
Microservices
▪ A microservice architecture is one in which a business application/
service is built by composing multiple small, independent elements
▪ “Moving to microservices” generally means not just architecting new
applications in this way, but also converting existing (monolithic)
applications to a microservice architecture by “splitting off” more and
more functionality of the monolith into separate applications
10. 10
Kubernetes
▪ Kubernetes is an open-source container-orchestration system for
automating deployment, scaling and management of containerized
applications
▪ Originally designed by Google, is now maintained by the Cloud Native
Computing Foundation
Source: Wikipedia
14. 14
Containers Offer Unique Capabilities
Fast iteration
Defined state separation
Resource controls
Immutability
Rapid deployment
15. 15
Container Overview
Dependencies: Every application has its own
dependencies
Virtualization: Container engine is a lightweight
virtualization mechanism which isolates these
dependencies per each application by packaging
them into virtual containers
Shared Host OS: Processes in containers are
isolated from other containers in user space, but
share the kernel with the host and other
containers
Flexible: Differences in underlying OS and
infrastructure are abstracted away, streamlining
‘deploy anywhere’ approach.
Fast: Containers can be created almost instantly,
enabling rapid scale-up and scale-down in
response to changes in demand
Container
App B
Bins/Libraries
16. 16
How do they differ from virtual machines?
Dependencies: Each virtualized app
includes the app itself, required binaries
and libraries and a guest OS, which may
consist of multiple GB of data
Independent OS: Each VM can have a
different OS from other VMs, along with
a different OS to the host itself
Flexible: VMs can be migrated to other
hosts to balance resource usage and for
host maintenance, without downtime
Secure: High levels of resource and
security isolation for key virtualized
workloads
Guest OS
Virtual Machine
App B
Bins/Libraries
17. 17
Containers Inside Virtual Machines
Containers in VMs: By combining containers
with VMs, users can deploy multiple, different
VM operating systems, and inside, deploy
multiple containers within those guest OSs
− By combining containers with VMs, fewer
VMs would be required to support a larger
number of apps
− Fewer VMs would result in a reduction in
storage consumption
− Each VM would support multiple isolated
apps, increasing overall density
Flexible: Running containers inside VMs enables
features such as live migration for optimal
resource utilization and host maintenance
Guest OS
w/ Container Support
App A
Bins/
Libraries
App B
Bins/
Libraries
Container
Virtual Machine
21. 21
Misconceptions About Cloud and Containers
The one-container myth: Everything I need to run my software is in the
container, so I don’t need to worry about configuration or security
The one-command myth: I can deploy a container with a single
command or with a simple script, so I don’t need sophisticated
deployment automation or release orchestration
The one-vendor myth: I’m paying a cloud vendor, so their deployment
tools are sufficient for my needs
22. 22
Container Myths Busted
The one-container myth: You will be deploying and managing more and
more containers, requiring you to define more configuration and manage
more scope
The one-command myth: A single-command deployment might work on
one laptop, but real-world deployments are bigger and more complex, and
you’ll end up writing and maintaining scripts
The one-vendor myth: Cloud vendors don’t specialize in release
orchestration or deployment automation tools, and they won’t help you
avoid platform or vendor lock-in
23. 23
Container Challenges
Will the scripts that we’re writing now work for all of our applications?
How can we be sure that the containers we’re deploying are properly configured
and totally secure?
How do we orchestrate releases and manage dependencies between containers?
If a container deployment fails, how can we roll back?
What about hybrid applications that will run on legacy platforms and in the
cloud?
What about coordinating teams, scheduling releases, getting sign-offs, collecting
compliance and audit data...?
What if we have to change cloud vendors?
25. 25
Containers Change the Way You Work
▪ Development and delivery teams – artifacts
will change
▪ Operations, runtime environment (including
networking, monitoring, etc.) for containers
▪ Security, as they will need to develop new
security policies for containers
▪ Auditing, ephemeral, rapidly changing,
scaling…
▪ Chain of custody
26. 26
What does not change?
▪ Your delivery process does not magically become less complicated:
many different tests, sign-offs, etc. are still required
▪ Your cross-cutting concerns do not change: security/access control,
auditability, etc.
▪ Your existing applications and runtimes will still be around for a long
time, even if you get started with Docker and microservices tomorrow
27. 27
Operations automates
deployment and
monitors apps from
repository
Developers build, test
and update apps in
containers
Containers are Central to DevOps Process
Developers push
containers to central
repository
Operations collaborates
with developers to
provide metrics and
insights
29. 29
Automating Deployment Financial Services
Increased deployment cadence from
4 per year to 20+ per day
Over 9,600 successful deployments in
7 months
Improved access & process controls
for segregation of duties and
auditable software delivery
30. 30
Digital DevOps Transformation
Increased deployment cadence from
4 per year to 500 per month
Reduced 300 Jenkins jobs to 30
Committed to 99.99% uptime of the
release pipeline for even faster
delivery to Production
32. 32
Scaling Containers With XebiaLabs
Built-in compliance, security, audit trail
Configuration, dependency, and complex process
management across containers and microservices
Visibility and reporting across many applications
and technologies
Enforcement of release and deployment
compliance processes
“as code” push and deploy
Model-based automation and management for
highly efficient container deployment
XebiaLabs DevOps Platform for Cloud and ContainersDeploy thousands of containers
in a repeatable and secure way
Deliver Containers and
Microservices with complete ”Chain
of Custody”
Standardize hybrid deployments
(“containers to mainframes”)
Migrate applications to containers
efficiently (lift + shift)
33. 33
Thank You!
Built-in compliance, security, audit trail
Configuration, dependency, and complex
process management across containers and
microservices
Visibility and reporting across many applications
and technologies
Enforcement of release and deployment
compliance processes
“As code” push and deploy
Model-based automation and management for
highly efficient container deployment
XebiaLabs DevOps Platform for Cloud and Containers
Deploy thousands of containers
in a repeatable and secure way
Deliver Containers and
Microservices with complete “Chain
of Custody”
Standardize hybrid deployments
(“containers to mainframes”)
Migrate applications to containers
efficiently (lift + shift)