Blog Feed Post

AppDynamics interviews container expert Liz Rice

I was delighted to spend time with container guru Liz Rice recently, ahead of the presentation Liz will deliver at AppD Summit Europe.

There are over 460K Dockerized applications and more than 5 billion containers have been pulled so far. Why do you think containers as a concept have caught on so quickly?

Containerization-related technologies existed before Docker arrived on the scene, but Docker made it easy to use at the command line. This opened the advantages of containers up to the mainstream developer and allowed them to explore how containers make developers’ lives easier.

For example, a team can use container images to recreate exactly the same environment on their laptops as in production, simplifying the whole process of dependency management and avoiding the syndrome of “but it works fine on my machine.”

The developer community soon started to explore how well containers fit with a microservices architecture, and with CI/CD (continuous integration / continuous deployment) pipelines that make building and shipping code really easy. This really appeals to organizations who want to be able to ship features quickly. Businesses always want their software teams delivering faster!

What tips would you share with someone embarking on their container journey?

Containers can touch everything in the software life cycle, from the development process through continuous delivery approaches, orchestration, security, and site reliability — so the process of adopting containers can seem overwhelming at first. But you don’t necessarily have to do everything all at once!

It’s a good idea to remember why you are exploring container usage in the first place, and for many organizations, at a strategic level it’s all about increasing the speed of deployment. Containers are a helpful tool when your teams are working with an agile methodology and shipping code frequently through a CI/CD pipeline.

The journey to containerization can look very different in different companies, or even different teams within the same business. We increasingly see enterprises running large-scale containerized workloads in production, but there are also organizations where they are only using containers to simplify their development processes. In many cases developer teams have brought containers to their workflow simply to make their own lives easier, and usage within the organization has grown from there. In other enterprises the initial impetus comes from a platform project that builds an orchestrated cluster and offers it to the rest of the business. Individual software teams across the business are invited to start moving their workloads into containers so that they can run within that cluster. Fortunately, many people are willing to share stories about the approaches they took, talking about them in case study presentations at conferences and meetups.

At a practical level, there are a number of ways you can find out more about how and where to start. I’d recommend a useful site called Katacoda, an interactive learning platform which has courses and labs that introduce you to Docker and many other tools. Another option is to attend my session on May 4th, of course!

What are the typical challenges to container adoption? How can these be overcome?

One of the greatest challenges in advancing container usage is bringing the CISO on board. Security leads can have questions around how containers will affect security of deployment across the enterprise.

For example, if you’re shipping code more often, does this increase your risk profile? The good news there is that if you are embracing continuous delivery, you are shipping small incremental changes, so there isn’t a hugely different risk profile from one update to the next, and you can introduce automated checks like container image scanning to detect any known vulnerabilities in your dependencies.

Let’s also not forget microservices, which go hand in hand with containers. It’s much easier to reason about what an individual microservice should be doing in terms of accessing particular resources or user IDs than it is across a huge monolithic codebase. At Aqua we have tools that make it simple to apply these policies at the level of individual containers.  

Equally, CTOs need to be confident that they can ship well-tested code using containerized processes. You need to sell the technical and cultural benefits of being able to ship code more quickly, and follow a more agile path. Using containers can turn well-established deployment processes on their head and they are not necessarily right for all organizations. If your world is dominated by GANTT charts, then containers and CI/CD may not be for you!

Focusing in on container security, do you think there has been progress in this area?

Definitely. There have been concerns around container security in the past, which led to improvements in the Linux kernel to address those concerns, like user namespacing for example.

In some ways, containerizing workloads can help with security issues. For example, the ShellShock vulnerability affected a shell that’s present on most Linux machines. Most microservices don’t need a shell, so you can run them in containers that don’t include the shell. In the event of another ShellShock being discovered, you would still have to worry about patching the host, but you wouldn’t need to change those microservices code at all. That means less testing and less risk when the patch is applied.

Many sizable organizations are using containers in secure environments and have reached a level of robustness now. The Enterprise Edition of Docker with its focus on testing and certification is an example of this maturity, and of course tools like Aqua are now helping enterprises achieve really robust security for containerized deployments.  

How will skill sets need to evolve to take advantage of the potential containers can offer?

Containers are making the traditional developer role easier, but there are a lot of skills to be learned on the operations side. Orchestrated deployment is a learning curve area, as you won’t know which machine will exactly run which bit of code. As enterprises have bigger and bigger orchestrated deployments, there needs to be a mind shift from individual machines to a more holistic view. Monitoring, tracing, alerting, and diagnostics are all areas where the tooling is changing dramatically to take account of this. Traditional orchestration involves manual decisions, but in the container world, it’s more automated, less proprietary, and more collaborative.

Flash forward three years — how do you see containers developing?

Over the last year, I have seen a lot of growth in people moving from “playing” with containers to using them for real in production. Container fundamentals are already fairly stable, but there is still room for improvement in tooling for CI/CD, monitoring, diagnostics, and programmable infrastructure for example. Much like DevOps, containers are really moving into the mainstream.

Learn more

If you would like to learn more from Liz Rice and attend her Containers: Give me the hype not the facts session, please register for your place at AppD Summit Europe. The main conference day is free to attend.

The post AppDynamics interviews container expert Liz Rice appeared first on Application Performance Monitoring Blog | AppDynamics.

Read the original blog entry...

More Stories By AppDynamics Blog

In high-production environments where release cycles are measured in hours or minutes — not days or weeks — there's little room for mistakes and no room for confusion. Everyone has to understand what's happening, in real time, and have the means to do whatever is necessary to keep applications up and running optimally.

DevOps is a high-stakes world, but done well, it delivers the agility and performance to significantly impact business competitiveness.

Latest Stories
DX World EXPO, LLC, a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Conference Guru has been named “Media Sponsor” of the 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to gre...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develop...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
"ZeroStack is a startup in Silicon Valley. We're solving a very interesting problem around bringing public cloud convenience with private cloud control for enterprises and mid-size companies," explained Kamesh Pemmaraju, VP of Product Management at ZeroStack, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Large industrial manufacturing organizations are adopting the agile principles of cloud software companies. The industrial manufacturing development process has not scaled over time. Now that design CAD teams are geographically distributed, centralizing their work is key. With large multi-gigabyte projects, outdated tools have stifled industrial team agility, time-to-market milestones, and impacted P&L stakeholders.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...