News Stay informed about the latest enterprise technology news and product updates.

Don't let unfounded Docker fears deter container technology adoption

Container technology is changing the enterprise software landscape, but many unfounded fears are delaying Docker adoption.

With trends like microservices and containers converging to create a tantalizing array of opportunities for better architecture, enterprises are faced with many decisions about how to future-prep their application portfolios. This exercise has led to a lot of soul-searching on the part of CIOs, CSOs and DevOps teams. While there are certainly many benefits being presented, substantial hurdles remain. Here are a few areas where a shift in mindset, along with the emergence of clearer answers, will go a long way toward smoothing the path for the enterprise.

Container security is still a black box

There appears to be a significant lack of communication between the development community and the business community when it comes to the perceived weaknesses of container technology. Anthony Bettini, founder and CEO of FlawCheck, based in San Francisco, said CSOs aren't buying in because they don't have enough good information. "IT security wants to know what containerization is and if it is safe. Developers don't have good answers." Bettini mentioned many recent surveys that showed more than 50% of enterprises stated security issues surrounding containerization as their main area of concern.

His own company recently dug deeper to reveal the real issue at hand. "Isolation is the security topic that gets the most attention in the developer community. But it's not isolation that is the sticking point for the enterprise decision makers; it is concerns about vulnerability and malware within the container. This is what is holding enterprises back," Bettini said. In fact, isolation was only a concern for about 16% of organizations surveyed, while vulnerability and malware ranked at a whopping 42%.

Cryptography and implementation weaknesses due to design flaws are a couple of the areas that could be exploited, and Bettini said it is only a matter of time before hackers start targeting Docker and container technology. When enterprises see these concerns addressed effectively in the design stage, they are more likely to allow developers to actually deploy container-based processes into a production environment.

Change requires a shift in perspective

Peter Lawrey, CEO at Higher Frequency Trading Ltd, speaking at QCon about financial trading systems, pointed out some sectors in the enterprise space simply aren't seeing the available opportunities because they are so focused on their core software.

"The software driving value for the financial sector, such as trading, is often highly customized. It is created for low latency and high performance and needs to be very fast. But that doesn't mean every piece of software in the organization requires the same blazing speed," Lawrey said. "The truth is that there are a lot of tools and functionality like build, deployment, management and monitoring that don't need to be extremely fast. These are common across software packages and don't require customization. Only a portion of your code, say 10% 20%, needs to be tuned to death."

If the enterprise is willing to start making changes around the periphery, there is the opportunity to make substantial gains at low risk. And this can be accomplished without abandoning any best practices. In fact, microservices may have the ability to provide better alignment. "With microservices, you are bringing together best practices that have been around for a long time. In fact, banks are using many of these techniques already. By rebranding or taking a different view on things, they can see this and realize where the quick wins are," Lawrey said. Revamping methodology rather than simply looking at a piece of software as a solution is the key. Focusing on the principles and the process enables slow adopters to make incremental changes without necessarily investing in newer products.

Testing must keep pace with continuous delivery

With Docker's 'run anywhere' approach, the solution is baked in from development through testing, staging and production.
Arun GuptaJava Champion and vice president of developer advocacy at Couchbase

Alon Girmonsky, CEO of BlazeMeter, based in Mountain View, Calif., pointed out creating a more modular architecture with microservices and containers comes with its own challenges. Instead of transitioning code to a staging environment once per product lifecycle, testing is occurring all the time. "Now, you have perhaps a hundred developers in an organization each committing code two or three times a day. Every time, a container is launched and tests are being run. And when you have a set of microservices, you have to test each and every one of them. You must have testing infrastructure that can live within a container," Girmonsky said.

More tests and more frequent testing make full automation and easy monitoring essential. Knowing what good performance looks like in a containerized world and how to model the architecture in an understandable way will be important steps in making technologies like Docker ready for full-scale adoption in production.

Breaking down the monolith requires a holistic approach

Of course, DevOps is struggling with this new reality as well. Arun Gupta, Java champion and vice president of developer advocacy at Couchbase, based in San Francisco, said this disruptive technology could actually bring dev and ops even closer together. "It actually reduces the disconnect between development and staging. Right now, you may have something that works on a laptop, but fails in ops. It's not uncommon for development to say, 'That's not my problem. Ops has to fix it.' But with Docker's 'run anywhere' approach, the solution is baked in from development through testing, staging and production," Gupta said.

In the end, everything from security and performance to deployment and management comes down to taking a more forward-thinking approach during the design stage. As developers get better at uncovering and addressing the real concerns of security and operations, the pace of adoption for container technology and microservices can finally pick up speed and bring a new architecture to maturity for the enterprise.

Next Steps

Container-as-a-service Docker deployment eases DevOps pain

What is the key to IBM's container strategy?

Revolutionize desktop OS with Docker tools

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

Developers' guide to deploying microservices and containers

Join the conversation

7 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What is your organization's biggest impediment to container technology adoption?
Cancel
Our biggest impediment doesn’t come from fears about container technology, but rather from the fact that our current suite of legacy apps is no where near ready for deployment in a container environment, and we’re really just starting to look into breaking that suite into more manageable, microservice and container friendly services.
Cancel
@mcorum That actually sounds like a process many organizations are going through. I bet our readership would be interested in the journey. If you have any insights you'd like to share, I'd love to hear them. Maybe even become a contributor. The more expert voices, the better.
Cancel
Our biggest problem stems from finding the right tools for a hybrid Linux and Windows environment, complicate that with multiple database "brands" and our attempt at containerising these has been less than successful so far. Once we get to a working point, then we can look at the security as we're also moving to microservices.
Cancel
Biggest concern is the security aspect, if I can confidently address this aspect i will be happy to move ahead
Cancel
Another aspect that is bringing dev and ops closer together is that, with containers, dev often has the ability to spin up a test environment without having to go through ops, which in turn frees up ops to work on more pressing matters, and that’s something that they appreciate.
Cancel
Yes, it frees up Ops, but creates a nightmare for those who are trying to enforce a governance model. That's one challenge I'm seeing these days. I mean, in the past developers would surreptitiously install an Apache server somewhere, but that required some stealth. With containers, who knows what those development teams will be getting up to, and that a cause for consternation up the chain.
Cancel

-ADS BY GOOGLE

SearchCloudApplications

SearchSoftwareQuality

SearchFinancialApplications

SearchSAP

SearchManufacturingERP

DevOpsAgenda

Close