Download the authoritative guide: Cloud Computing 2019: Using the Cloud for Competitive Advantage
Containers and microservices are two leading edge technologies that enable much greater efficiency in cloud computing. Although they don't need to be used in in combination, when they are deployed together they provide maximum benefit.
Using containers allows developers to work faster and better by creating virtual “sandboxes” where it’s possible to write, manage and manipulate software code. The advantage is that this can be done without affecting other applications and systems running on a server or virtual machine (VM). Containers produce gains in efficiency, costs and even security. These easily packaged and lightweight components can run with others in the same VM.
The enormous flexibility that containers introduce has fueled rapid adoption, producing a growing dependence on container technology. Containers have emerged as an alternative to virtual machines. Forrester has noted that 58 percent of developers currently use containers or plan to use containers in the next 12 months. Meanwhile, 451 Research reports that the application container market will grow from $762 million in 2016 to $2.7 billion by 2020.
A major part of the appeal—and power—of containers lies in microservices. These software components—which may include code, runtime, system tools, system libraries, and settings as unique and discreet processes—introduce a more modular and advanced development framework.
Microservices, which are typically available via a toolbar or menu, allow organizations to deploy software, and make changes, faster and continuously. This capability is particularly important for organizations using DevOps and other agile approaches.
Microservices have their roots in Web services. By combining code components into functional applications, organizations can use these pre-designed applets to turbocharge software development. This allows businesses to introduce products faster and make changes far more dynamically.
Remember, while microservices don’t require containers, they benefit greatly from them. Containers with microservices allow organizations to create a more consistent and lightweight cloud development framework.
Here are five key truths to know about using containers and microservices together:
Complexity can become a problem
The accumulation of solutions—in this case microsystems across numerous containers—can introduce new and sometimes vexing problems. Although these two tools, particularly when combined, streamline and simplify development, they also introduce new and sometimes nagging challenges.
The sheer number of microservices and all their intersection points with containers translates into a constantly changing environment. This can force an organization to deal with too much granularity and, if used too heavily or mapped out incorrectly, can introduce latency. It can also ratchet up testing requirements.
The fact that some components are open source and others are provided by commercial companies can complicate matters further. Ultimately, a gap in the overall framework can impact scalability, reliability and numerous other factors.
A key to success is forging a strategy and strong framework to support microservices and containers. This requires experienced developers—and new training for key members of a team—so that they can lead an initiative and use tools and systems to maximum advantage.
An organization will require new processes
Continuous delivery (CD) and continuous integration (CI) frameworks are on most company’s radar. These methodologies can unleash remarkable business innovation. They are especially suited to today’s agile and DevOps development frameworks—which promote fast, incremental and continuous rollouts of applications and updates.
Containers and microservices support this approach in a big way. Yet, there’s a catch: without the right processes and workflows, organizations struggle to extract maximum value from CD and CI—and ultimately from containers and microservices.
Unleashing these tools without establishing a foundation and framework may add to complexity and undermine progress. As a result, it’s important for teams from both development and operations to focus on two crucial issues:
- Building a knowledge base: Groups from the business and development sides must thoroughly understand CI/CD concepts and approaches before embracing microservices and containers.
- A foundation for collaboration must be in place: An organization must develop a framework for these groups to work together to incorporate containers and microservices in the most efficient and productive way possible.
Monitoring is crucial
Because development environments that rely on containers and microservices can become fairly complex—and involve an enormous number of tools and components—monitoring is at the center of a successful initiative.
Moreover, code monitoring must take place inside containers. it’s important to focus on a few key issues:
- Understand the scope and nature of monitoring required. Inadequate monitoring can lead to development teams that wind up frustrated and overwhelmed. One problem is that microservices can vary greatly across containers and components. This means that it’s necessary to deploy monitoring that spans the entire collection of containers and microservices.
- Know that conventional monitoring is limited. Conventional methods of monitoring – namely an approach revolving around instrumentation – don’t necessarily work. Containers benefit from being small, isolated processes with as few dependencies as possible.
- Monitoring tools must address the unique challenges of container and microservices. Identifying where bugs, errors and production problems occur and taking steps to remediate these issues involves a more involved and nuanced approach. Monitoring containers and microservices may include a variety of tools, including app performance monitoring, code profiling, direct error tracking, centralized logging, and metrics revolving around apps and components.
- Fix problems quickly and seamlessly. When development teams can pinpoint where a problem exists, it’s possible to roll back or patch the problem quickly. This may involve deleting or changing a microservice that might otherwise be difficult to spot and populating the change across containers.
Orchestration is vital to success
A collection of containers and microservices doesn’t automatically address an organization’s DevOps or agility challenges. There’s a need for these systems and components to be effectively coordinated.
Orchestration, which essentially clusters containers in an intelligent fashion, is a critical piece of the puzzle. It makes scalability manageable. The container orchestration platform, Kubernetes, which is open source, works with most tools and platforms. It addresses the need for automation and scaling.
A number of potential solutions incorporate Kubernetes, including open source Docker, which is more effective for managing single image instances. Solutions may also incorporate commercial services from cloud companies like AWS, Google Cloud and Microsoft Azure, which are equipped to address more complex distributed applications.
These services can accomplish several key tasks. Most important, they can:
- Tie together vast collections of microservices.
- Automate an array of tasks and processes.
- Manage scaling of services.
- Introduce a higher level of flexibility by making it possible to deploy containers and microservices in a broader array of environments, including hybrid cloud deployments.
Security cannot be an afterthought
Containers and microservices introduce some important security advantages – particularly surrounding isolation of code and applications through sandboxing – but they also create new vulnerabilities.
One of the biggest risks revolves around specific libraries and microservices that are prone to specific threats. As a result, organizations using containers and microservices should:
- Adopt specialized tools for managing container security, including solutions that handle image scanning, image management and maintaining a trusted registry. Organizations also benefit from application security software to address dynamic and static scanning of code, and software that handles policy-based enforcement tasks.
- Use an operating system or software that secures containers at the boundaries. This approach is important because it prevents the host kernel from escaping the container as well as securing containers from each other.
- Focus on container orchestration as a key element of security. This includes which containers are deployed to which hosts, the capacity of hosts, how containers are discoverable and connected, how container health is managed, and the degree of developer self-service that is incorporated into the environment.
- Understand how the network is configured for container and microservice security, including whether it’s possible to segment traffic to isolate different users, teams, applications, and environments within a single cluster. This may require more advanced SDN tools that can address the complexity of identifying IP addresses and clusters. Likewise, an organization must address storage issues, including how and where containers reside in a resting state.
Organizations that address these issues and take a systematic approach to containers and microservices are far better positioned to match their development efforts with the opportunities and challenges of today’s digital business framework.