Running container technologies has become a means to efficient, rapid product development and an alternative to virtual machines. But they pose some of their own enterprise challenges.
For IT architects like Bobby Hubbard of Garmin International, the daily pressure to deliver business capability can get intense. Companies like his have to move far faster than previously to enable rapid product development cycles. Companies need IT departments that can keep up.
Two or three years ago, the time from development to production at Garmin was 57 days, noted Hubbard, a technology architect at the Olathe, Kan., company, during a panel discussion on real-world uses of containers. Today, though, high-performing organizations deliver changes 30 times more frequently and 200 times faster.
Before Hubbard's team brought in container technologies, traditional IT processes could slow down innovation. Like many companies, server provisioning took days, not hours. Moreover, virtual machines (VMs) didn't use resources effectively, with many VMs running at 1% utilization or less. Third, developers were spinning up development environments without enough tracking of assets. Rogue IT and inconsistencies were rife. For companies like Garmin, which makes wearable, GPS navigation-enabled technology, containers came along 18 months ago and offered high-speed-rail answers to some of these problems.
"Today, with containers, we've reduced that down to multiple deployments a day," Hubbard said at VMworld 2017 during the panel. "That time-to-market equation has been greatly simplified."
A decade or so ago, server virtualization eased IT operations and management by partitioning physical resources into multiple VMs, saving data center space and energy. Over the past few years, container technologies have enhanced these benefits in a business world now increasingly driven by cloud computing, mobile devices and iterative development.
Containers enhance resource utilization by enabling IT departments to deploy applications without launching an entire VM for each app. Instead, multiple isolated systems, called containers, run on a single host. Ultimately, these efficiencies can help create faster product development.
Analyst firm 451 Research has predicted the container technology market will balloon to $2.7 billion by 2020, up from $762 million in 2016. According a recent survey, 65% of respondents prefer container technologies to virtual machines because they are faster to deploy, and 47% prefer containers because they are easier to manage. According to other survey data, trends like DevOps -- better collaboration between IT operations and development teams -- are speeding container adoption. DevOps adoption is also surging, up to 74% in 2016, compared with 66% in 2015.
Developers also have greater agency and mobility with containers, said Chris Butler, a senior system administrator at Rochester University in Rochester, N.Y. "Developers can access servers and a variety of tools. They have self-service with private networks to deploy containers. And they can get stuff from home," Butler said.
Another byproduct of running containers is time saved. According to Steve Rhoton, a senior manager of network development at Carnegie Mellon University, with self-documenting containers, IT teams spend less time tracking their work. "We are no longer having to fake-write documentation," he said." Now, I can throw up a container. It saves DBAs [database administrators] a ton of work."
Matt Saner, a senior information security engineer at Wells Fargo, based in San Francisco, noted that running containers has helped attract and retain developers. "It's where other industries and verticals are going. It enables developers to be invested" in the company and their projects, he said.
At the same time, containers can breed the same problems that existed without them, particularly as enterprises try to move to the cloud.
One clear issue is data security. With containers, applications share the same host operating system, which can be a concern for some applications that house proprietary or personally identifiable data. Containers may not be scanned adequately for vulnerabilities before they are used for application development.
"How can we ensure that we have something that is secure and safe for our customers? That's one of the biggest challenges," Saner said. "While they do offer flexibility, you lose some of the visibility. Some security controls aren't container-aware, given the ephemerality of containers. If you spin up a container and then it dies in a matter of seconds, what does that mean for security?"
Another issue is rogue, or shadow IT, which plagues many organizations. Developers and business units may spin up resources that aren't adequately accounted for. Containers can augment that lack of visibility into assets because they have short life spans of hours or days and can be easily deleted or replaced. "When containers came out, we had shadow IT over here and shadow IT over there," Garmin's Hubbard said. "I have to figure out how to rein all that in."
All panelists agreed containers will simply replicate existing problems if IT departments don't attend to management, security and other best practices. Experts counsel developers to think carefully about where containers make sense.
"When considering containers for your applications, you'll find the best uses where practicality meets function," wrote David Linthicum, senior vice president of Boston-based Cloud Technology Partners, on TechBeacon.
Still, while experts say proceed with caution, they also acknowledge that all fast-moving, high-performing enterprises are considering container technology -- somewhere in their environments.
Lauren Horwitz is the managing editor of Cisco.com, where she covers the IT infrastructure market and develops content strategy. Previously, Horwitz was a senior executive editor in the Business Applications and Architecture group at TechTarget;, a senior editor at Cutter Consortium, an IT research firm; and an editor at the American Prospect, a political journal. She has received awards from American Society of Business Publication Editors (ASBPE), a min Best of the Web award and the Kimmerling Prize for best graduate paper for her editing work on the journal article "The Fluid Jurisprudence of Israel's Emergency Powers.”