Introduction

Docker components are the fundamental building blocks of Docker, a platform for building, running, and managing containerized applications. These components work together to provide a consistent and efficient way to develop and deploy applications across different environments.

The components in Docker are categorized into two groups:

• Basic
• Advanced

Basic Docker Components:

1. Docker Client: The Docker client is a command-line tool that allows users to interact with the Docker daemon and manage Docker objects, such as images, containers, and volumes. It provides a user-friendly interface for executing Docker commands and managing Docker environments.
2. Docker Daemon: The Docker daemon, also known as the Docker engine, is the backend service that manages Docker containers. It listens for instructions from the Docker client and executes them, creating, running, and managing containers according to the user’s requests.
3. Docker Image: A Docker image is a read-only template that contains the instructions for creating a Docker container. It includes the operating system, application code, dependencies, and configuration files necessary to run the application.
4. Docker Container: A Docker container is a running instance of a Docker image. It is an isolated and self-contained environment that packages the application and its dependencies, allowing it to run consistently across different environments.
5. Docker Registry: A Docker registry is a centralized location for storing and sharing Docker images. It allows users to pull and push images to make them available for use in different environments.
6. Docker Networking: Docker networking facilitates container communication and comprises five primary network drivers described below.

• None: Disabling the networking system prevents container connectivity with others.
• Bridge: This default driver links multiple containers to the same Docker host.
• Host: For scenarios where container-host isolation isn’t needed, the host network driver removes this isolation.
• Overlay: The overlay network driver enables communication among various swarm services across different hosts.
• macvlan: By assigning a MAC address and directing traffic through it, the macvlan driver makes a container appear as a physical device.

Advanced Docker Components:

• Docker Compose: Docker Compose is a tool for defining and running multi-container Docker applications. It allows users to define the services that make up an application, their dependencies, and how they should be connected together.
• Docker Swarm: Docker Swarm is a clustering tool for managing multiple Docker hosts as a single swarm. It allows users to deploy and manage applications across multiple hosts, providing scalability and fault tolerance.
• Docker Buildx: Docker Buildx is a tool for building Docker images. It provides advanced features for building images, such as support for multi-stage builds, caching, and parallel builds.
• Docker Content Trust: Docker Content Trust is a security feature that allows users to verify the integrity and authenticity of Docker images. It uses cryptographic signatures to ensure that images have not been tampered with.
• Docker Desktop: Docker Desktop is a bundled Docker environment for macOS, Windows, and Linux. It includes the Docker client, daemon, and other tools, making it easy to get started with Docker on local machines.

The post What are the components of Docker and their types? appeared first on Artificial Intelligence.

Oracle launched an observability and management platform that can conduct those deeds across virtually any infrastructure construct and tackle what has been an ongoing challenge for organizations in attempting to see what is exactly happening within their dispersed workloads.

The new Cloud Observability and Management Platform is available through Oracle Cloud Infrastructure (OCI). It allows users to monitor cloud-native and traditional software deployments across their multi-cloud infrastructure down to their on-premises locations.

Clay Magouyrk, EVP for cloud infrastructure engineering at Oracle, explained in a blog post that the platform begins by using a logging tool to scrape all of the necessary information into a single repository. That logging tool uses the open source Fluentd collector to pool the data in a Cloud Native Computing Foundation (CNCF) CloudEvents-compatible format for easier parsing and view of that data.

Users can also set their own rules for acting on that data, including using Oracle’s Streaming service to send logs to any destination. The Oracle logging tool also uses machine learning to detect any issues and provides possible fixes to those problems in real time.

Magouyrk said that the platform’s ability to log data from across different environments is what sets it apart from competing offers like Amazon Web Services (AWS) CloudWatch and Microsoft Azure Monitor.

The platform’s monitoring component provides what Magouyrk described as “real and synthetic end-user monitoring, server monitoring, and distributed tracing, compatible with the open source OpenTracing and OpenMetrics frameworks.” This allows a user to monitor down to the end-user experience for each interaction, which is common in a microservices-based environment.

Workload Spread

This ability to observe workloads across different environments is becoming more important for organizations that want to operate in a multi-cloud environment. Those moves are becoming even more dispersed as those distributed workloads also begin operating in smaller subsets of those clouds like virtual machines (VMs), containers, and serverless.

“The problem with all this is that IT is an increasingly hybrid, distributed-but-integrated, and complex endeavor, both on and off premises; with burgeoning scale, applications, data, devices … and vendors,” wrote Mark Peters, senior analyst at ESG in a blog post. “Modern applications frustrate most legacy monitoring solutions as they are ephemeral, with services being spun up and down in mere seconds, which makes it difficult for solutions that capture data at every 15, 5, or even 1-minute intervals.”

Peters added that the Oracle platform is a “pretty sexy answer to this long-term vexing issue. It gives organizations a level of ‘arms wrapped around everything’ control, based upon its single source of truth and comprehensive visibility.”

Outside of Oracle’s claimed performance advantage over cloud rivals AWS and Microsoft, a number of other vendors offer similar multi-cloud management tools. VMware, for instance, offers its CloudHealth product that it gained from acquiring CloudHealth in 2018.

The post Oracle Observability, Management Spreads Everywhere appeared first on Artificial Intelligence.

Container tools and security fixes for Kubernetes cluster orchestrator continued to be rolled out as the microservices ecosystem evolves.

With Kubernetes security concerns growing as deployments scale, container security partners NeuVector and Sonatype this week released centralized container defenses along with open source software security tools. The goal of the integration is providing greater visibility into open source risks associated with Kubernetes and containers deployments.

Elsewhere, Mirantis, the company that acquired container pioneer Docker’s enterprise offerings last November, rolled out a cloud-based container platform designed to ship code faster on public clouds and internal infrastructure. Along with application portability, the Docker tool also eases use of Kubernetes for developers and operators across public and private cloud.

Mirantis said its container cloud enables multi-cloud deployments across public and private platforms along with bare metal. Other capabilities include multi-cluster management and on-demand, self-service clusters. Meanwhile, continuous software updates and lifecycle management across stacks can be automated using the tools.

“Unlike lock-in solutions like IBM/Red Hat and VMware that force you to deploy their rigid stack, Container Cloud empowers you to deploy your own multi-cloud everywhere,” asserted Adrian Ionel, CEO and co-founder of Mirantis.

The container cloud is available free for up to three clusters totaling 15 nodes. Annual subscriptions are required for larger, enterprise deployments, the company said this week.

The container and Kubernetes security tools also released this week reflect the growing number of companies running those microservices, making them an inviting target for hackers. “Kubernetes and containers are just as vulnerable to attacks and exploits from hackers and insiders as traditional environments, making streamlined security critical to all enterprises,” partners NeuVector and Sonatype said in releasing their integrate container security platform.

“Customers need a holistic approach to analyze, monitor and track the contents and runtime configurations of their containers to realize risk,” said Brian Fox, CTO and co-founder of Sonatype.

“End-to-end container threat visibility and protection is vital to defending enterprises’ micro-perimeters from increasingly sophisticated attacks and to ensure regulatory compliance,” added NeuVector CTO Gary Duan.

The partners said the container security platform would allow DevSecOps teams to inject security policies as code in order to secure production workloads.

Container security and tool vendors note the growing velocity and scale of container-based workloads along with the vulnerabilities associated with runtimes and unsecured image registries. Recent industry studies reveal that half the companies surveyed said they are running 250 or more containers.

That scaling has generated ease-of-use tools like the Mirantis container cloud along with heighten awareness of security vulnerabilities.

The post List of Kubernetes Tools, Defenses Grows appeared first on Artificial Intelligence.

A global survey of 1,502 software engineers, systems and technical architects, engineers and decision-makers conducted by O’Reilly, a publisher of IT training materials, finds nearly three-quarters of survey respondents (72%) have adopted microservices.

More surprisingly, 92% of those respondents report being successful, although the report doesn’t specify what defines success. However, it’s widely perceived that microservices are difficult to master.

Respondents who used containers to deploy and manage them were significantly more likely to report success than those who didn’t, the survey finds. Almost half (49%) of respondents who describe their deployments as “a complete success” also instantiate at least 75% of their microservices in containers. In sum, 62% of respondents use containers to deploy at least some of their microservices, according to the survey.

However, less than a third of respondents (29%) report they are migrating or implementing a majority of their systems using microservices. Nearly two-thirds of respondents (61%) say their organizations have been using them for a year or more, with 28% having employed them for at least three years.

Mike Loukides, vice president of content strategy for O’Reilly, said it’s clear organizations are widely embracing microservices to build applications that are more flexible and resilient when employed at scale.

Additionally, the survey finds teams who own the software life cycle succeed with microservices at a rate that is 18% higher than those who don’t. Nearly three-quarters (74%) say their teams own the build-test-deploy-maintain phases of the software life cycle. Almost half of those teams (49%) report being at least “mostly successful” with microservices, with 10% reporting that their microservices development efforts were a “complete success.”

The top three barriers of adoption include complexity in one form or another (56%), corporate culture (40%) and decomposing monolithic applications into microservices (37%).

Microservices trace their lineage back to service-oriented architectures (SOA). However, because they make use of application programming interfaces (APIs), it’s become feasible to build and deploy microservices that are more granular, Loukides notes. That approach makes it possible to not only build applications that perform better than legacy SOA applications but also IT teams can more easily rip and replace microservices based on containers, he says.

It’s not clear how often IT organizations may have initially started down a path toward building an application using microservices only to retreat back toward a more familiar monolithic architecture.

However, as more IT teams familiarize themselves with container technologies such as Kubernetes, the rate at which microservices-based applications should increase in the months ahead. In the wake of the COVID-19 pandemic, it’s also more probable those applications will be built and deployed in the cloud, given the fact that no one knows for sure how long both developers and end users alike will be working from home to help curb the pandemic. The one thing that is certain, however, is as IT teams embrace microservices more extensively, the more likely it becomes they will rely on best DevOps practices to achieve that goal.

The post Survey: Containers Driving Microservices Transition appeared first on Artificial Intelligence.

Netflix, Amazon, and PayPal – these well-recognized global brands fundamentally changed the way we consume entertainment, shop, and manage finances, respectively. However, without major advancements shaping the database industry over the last 40 years, these brands – synonymous with their cloud-based applications – would not exist. To be specific, today’s instant, on-demand services have been made possible, in part, by the single node Relational Database Management System (RDBMS).

As more services are made available online and digital innovations become mainstream, it’s important to step back and understand how the underlying technology originated, how it evolved to meet both business and consumer demands, and how technology must continue to evolve to adequately support the growing demand for these applications (look no further to the advent of more streaming services in the past year alone – Disney+, AppleTV+, and more).

The Internet’s Infancy 

During the Internet’s infancy stages, Oracle made RDBMS databases popular – at least popular among business users who were using simple client-server applications to help them manage operations, such as sales and employee data, customer relationships, supply chains, and more. These applications were monoliths and were perfectly suited to rely on the monolithic databases used by businesses at the time and had no real impact on the consumer world, which remained mostly disconnected from the (at the time) little-known World Wide Web.

The Open Source Database Era

The Internet’s arrival for mass-consumption in the mid-1990s heralded the explosion of web applications. This meant that developers now needed faster, more efficient, and cost-effective ways to meet the demand of connected applications. The open-source database era was born and filled the void that the stagnation of monolithic databases had created.

The increasing consumption of open source databases helped make a feature-rich Internet possible. The mass adoption of web applications created a proliferation of data, from transactions, searches, and other activities that were introduced online, and often led to fragmented databases to support that data. However, as more and more features were being introduced that leveraged the underlying database, the existing database capabilities were challenged and unable to meet the demands of these new technologies.

Applications had grown so large and complex that by the early 2000s, when developers needed to store the data in an RDBMS, they had to do a sharded deployment. A sharded deployment is an approach where developers take incoming data, manually partition it into subsets and store each partition in a different RDBMS database instance, while still keeping that data available, in order to scale out. However, sharding a SQL (the universal language of relational databases) database required developers to write more code, which often meant they had to compromise on transactions, referential integrity, joins, and other major SQL functions. Clearly, this approach had run its course, and a new era was needed to manage massive amounts of data without losing SQL’s flexibility for ever-changing applications.

More Services

As the Internet continued to surge, so too did online services – everything from banking, to healthcare, to eCommerce, and more. These services required so much data that manual sharding was nearly impossible to achieve. Because of this, developers began turning to a natively scalable approach called NoSQL – the first class of distributed databases that gave developers the ability to run applications at scale. However, more scalability meant a decrease in consistency, which developers readily accepted because they prioritized keeping pace with the expanding online landscape.

NoSQL today still solves for scale and availability, but it continues to compromise on SQL feature-set and consistency. Additionally, monolithic databases still exist, but the transactional applications originally based on Oracle, SQL Server, or PostgreSQL need to be rewritten to adapt to modern architectures like the public cloud and Kubernetes, an open-source container orchestration system for automating application deployment, scaling, and management (more on this later).

Customer expectations that have come with applications like Netflix, Amazon, and PayPal are now sprawling into business applications – i.e., enterprise applications need to be instantly accessible from anywhere and from any device. These expectations equate to richer experiences that can only be made possible by fully leveraging the cloud, and doing so requires technology to evolve even more.

Microservices

The latest technology advancement that has significantly helped developers keep pace with user demand is a microservices-based design. Microservices are independent processes that communicate with each other to accomplish a task within a much larger application. More importantly, microservices help developers deliver new features more quickly and effectively than ever before to keep giving users what they crave – any time and on any device of their own choosing.

But digital transformation and the explosion of applications have created a need for more databases, machines, and data centers. While microservices are helping developers keep pace, new challenges are emerging:

• Rising Database Costs – Licensing and support costs of most database providers rise with the amount of data. This creates a disparity in the value-to-cost ratio, which prompted the open-source model of database transparency. But this model, too, can be limiting as many offerings restrict essential features that most businesses require, and only make those features available in their commercial versions.
•  Legacy Databases – On-premises users may have fewer machines to deal with, but legacy databases are expensive, require a lot of human labor, and carry risk. For example, there is a much higher chance of failure if you host an on-premises database in the cloud, a decline in availability and consistency, and a barrier to scale.
• Enterprise Inertia – Significant investments in time and resources are required to move large amounts of existing data to the cloud. However, companies must choose an alternative to their legacy architecture and adopt multi-cloud and multi-region strategies to compete in the modern landscape.

Tomorrow’s Cloud

Many people have worked tirelessly over the past two decades – developers, admins, network engineers, IT, and more – to ensure the internet and all its applications run smoothly for both business and consumer needs. But every technological innovation unearths new challenges that must be addressed. That’s why developers are now turning to multi-cloud deployments and need multi-cloud databases.

Currently, Kubernetes is the most effective approach to taking advantage of multi-cloud environments, which is used to run stateless applications and databases. Using portable containers means that developers can take advantage of the different strengths that exist in different clouds that are managed and operated simultaneously with Kubernetes. This allows users to deploy applications in a cloud-neutral manner, which means leveraging both public and private cloud as needed. Importantly, multi-cloud environments allow developers to create databases that serve the relational data modeling needs of microservices, provide zero data loss and low latency guarantees, and scale on-demand with ease in response to planned and unplanned business events.

The last 40 years of database technology have laid a foundation for the immediate and unlimited access to highly desired business and entertainment applications that we enjoy today. With no end in sight for the Internet and the demand it has created, the next breakthrough in cloud deployment is only a matter of time. To keep pace with the inevitable change, developers need to remember the obstacles they’ve had to overcome in the past to understand how to stay one step ahead of today’s cloud challenges and deliver the next wave of digital innovations that will delight us in years to come.

The post How Today’s Microservices are Building Tomorrow’s Cloud appeared first on Artificial Intelligence.

McAfee announced today it has added a container security module to McAfee MVISION Cloud following its acquisition last August of NanoSec, a provider of a set of tools for segmenting network traffic between containers.

John Dodds, director of product for McAfee, says McAfee MVISION Cloud for Containers combines the “nano segmentation” overlays created by NanoSec with security tools from McAfee that include container vulnerability tools for scanning containers and making sure configuration drift doesn’t occur, a cloud access security broker (CASB) and a cloud security posture management software that audits configurations.

Dodds says the goal is to provide IT teams with a single integrated platform through which cybersecurity issues that pertain to microservices-based applications built using containers can be addressed alongside the cybersecurity requirements of monolithic applications.

Dodds says the rise of containers is pushing the responsibility for cybersecurity further to the left as organizations start to embrace best DevSecOps processes. The challenge is finding a way for developers and cybersecurity teams to work more closely together, he says. For example, in an ideal world, developers would implement the controls defined by cybersecurity teams, who would then verify those controls have been implemented. McAfee wants to make it possible for both developers and cybersecurity teams to “do the right thing” without slowing down the application development and deployment process, he says.

Previously, cybersecurity teams would have simply limited the platform options available to developers. However, these days it is apparent cybersecurity teams need to adjust to demand for a more agile approaches to ensuring security that are driving more applications into the cloud, adds Dodds.

Of course, the larger the attack surface becomes the more challenging it is to ensure security. Not only are there more platforms to secure, but the level of interdependency between microservices developed using containers also makes it difficult to ensure a single breach doesn’t compromise the entire IT environment.

The challenge is that each microservice now generates alerts that need to be correlated and investigated. That shift in how applications are built and deployed will eventually require IT organizations to embrace machine learning and other forms of artificial intelligence (AI) more aggressively to cut through all the noise being generated by the IT environment. AI is not only inevitable at this point, but Dodds also says it’s becoming essential. In fact, McAfee via its cloud service will be applying AI to data streams being generated by billions of sensors embedded in its endpoint security software, he notes.

Dodds says McAfee also plans to extend the reach of McAfee MVISION Cloud into the realm of serverless computing frameworks, which are rapidly becoming a natural extension of any containerized environment. Regardless of the computing framework employed, IT teams are going to need a common platform through which they can address the security requirements of containers, serverless computing frameworks and traditional virtual machines, he notes.

Of course, McAfee is not the only cybersecurity vendor with similar ambitions. The challenge IT teams now face is determining to what degree they want to rely on a single vendor to address container security alongside every other platform already being employed.

The post McAfee Extends Container Security Platform appeared first on Artificial Intelligence.

The history of computing is punctuated by a set of seismic shifts in enterprise IT architectures.  

Monolithic, highly integrated applications moved to integrated software stacks and N-tier architectures. Distributed computing has also gone through several incarnations. There have been multiple attempts at standardising inter-application communications, such as remote procedure calls on Unix, distributed object model, common object request broker architecture and web services. All have tried to promote code reuse, and publish and share application programming interfaces (APIs) in a bid to avoid programmers having to “reinvent the wheel”. 

Since the mid 2000s, thanks to the growth of JavaScript on servers and Java application servers, service-oriented architecture (SOA) emerged as the new enterprise integration champion. Like its predecessors, this blueprint for distributed computing was engineered before the era of cloud-native computing. Companies built in the cloud have taken a very different approach, based around the idea of containers and loosely coupled microservices. 

Now, thanks to the success of Docker and Kubernetes, more businesses are looking at deploying containers. The reason for the popularity of this approach is that it helps businesses develop cloud-native applications, which can be delivered quickly to power digital transformation initiatives.  

Forrester’s Now tech: enterprise container platforms, Q2 2018 report notes: “Container-centric, microservice-oriented, dynamically orchestrated cloud-native technologies help firms create highly differentiated apps and services that create compelling customer experiences. They’ve quickly become important elements of digital business transformation as they promise to speed software delivery and improve scale, resiliency, flexibility and implementation.” 

The post Transform business with microservices and containers appeared first on Artificial Intelligence.

Over the past decade, web-scale companies have shown a dramatic commitment to containers. In 2006, Google paved the way for this technological innovation, as engineers Paul Manage and Rohit Seith defined and implemented software containers. Almost a decade on, the tech giant released Kubernetes – an open source version of the solution that has proven invaluable. According to Google, it is now running two billion containers/week at a rate of 3,300/sec.

Yet, Google is not the only one to embrace containers. Amazon, Facebook, Twitter and Netflix quickly followed suit. Therefore, the question has to be asked – if some of the world’s most innovative tech powerhouses are demonstrating a dramatic commitment to containers, why aren’t you?

The power of containers

So, what is it that makes containers such a desirable solution? This innovation is the fuel for the digital evolution of entire business sectors in both emerging and conservative companies. In the digital business era, innovation happens through highly recurring deployments of both new and improved software. That’s what Amazon does 50 million times a year, which in turn has made them into a dominant retail juggernaut. Every second, new retail services are deployed and existing ones incrementally improved at a rate of change that boggles the mind.

Let’s compare this rate of evolution with that of a corporation still depending on legacy applications. Even when its mainframe infrastructure provides a back-end function for digital internet services, how many times per year are its legacy systems upgraded? Best-in-class organizations do this once a quarter. Clearly, these companies are playing in a completely different game than the web-scale companies. They can never catch up. It’s like trying to race a rocket with a truck – never a fair race!

However, innovative approaches to loosen the shackles of legacy infrastructures are already being successfully implemented. For example, Software Defined Mainframe (SDM) is designed to enable companies with legacy mainframe applications to take advantage of the scale and agility of containers, exposing existing business logic as services or microservices. The web-scale giants of today are so fast in rolling out new or updated services because they are designed to be small to very small. Microservices are small pieces of software, designed to specialize in a small number or even a single business function.

The boundaries and dependencies of these microservices are extremely explicit and clear; they are defined by their communications with other microservices over the network. Amazon has recently disclosed that several hundred microservices are used during even the simplest purchase on its website.

Agility

These explicit and clear boundaries dramatically reduce the scale of testing – it becomes much easier. A minimal to single function enable automated testing to yield dramatic improvements in productivity. How else could anyone achieve the scale the web giants are getting? The usual fear of going to production that is associated with legacy systems is a result of the queasiness over testing.

Many mainframe shops are never quite sure if they’ve tested the whole thing because these systems are so monolithic and complex. With a simpler and limited function piece of software, supported completely by automated testing solutions, companies are able to roll out changes in a continuous delivery mode, incurring limited risk due to the smaller footprint of these microservices. Legacy mainframe applications are quite different. These large, complex monolithic systems, with a plethora of programs, each highly dependent on each other must be tested in their entirety over many weeks in order to find the “bug in the haystack”.

Modernity

To embark on the path to modern IT, businesses in 2017 must be able to enable these legacy systems to participate in a more digital and agile world. This can be done by transforming monoliths into a myriad of independent microservices, without any changes to the source code.

By allowing existing COBOL Commarea programs to become a microservice that are hyper-connected with new applications written for mobile and social networks, innovation can occur on top of the cornerstones of the current business.

Exposing these legacy “crown jewels” as microservices enables them to be reused for modern digital business solutions. For example, banks with tens of thousands or millions of lines of COBOL that are used to determine the value of their banking customers, can reuse these functions, “as-is” and not have to spend the time and money to rewrite them in Java or another modern computing language. Solutions exist to enable organizations to isolate the legacy programs providing this “customer valuation” function as a separate microservice that can be readily reused by the evolving application portfolio.

By leveraging automatic application analysis techniques, IT teams are able to unambiguously understand all programs required to provide the business function and expose them as a microservice. Software upgrades are the fuel of innovation in the era of digital business. But first, businesses must find a solution that leverages the vast amount of business energy laying in legacy software assets into very dynamic and fast-evolving services, aimed at playing on par, with the web giants.

The post Containers, microservices and the power of modern IT appeared first on Artificial Intelligence.

There’s not much new in the world of malicious hackers raiding online software. Most attacks follow the same basic approach, and software developers are leaving their applications open to being blindsided in the most benign and boring of ways. Developing applications with microservices and containers may be a modern approach to software design, but traditional software flaws still remain a problem when addressing cloud-native security.

Social engineering and phishing scams are perhaps the most common way security systems are breached and private data is pilfered. If a user inadvertently gives away his username and password, the only recourse is to change the password or shut down the user account. From that perspective, there’s not much the software engineer can do.

The post Containers and microservices complicate cloud-native security appeared first on Artificial Intelligence.

You can operate microservices without containers. However, microservices and containers are a dynamic duo, the IT equivalent of milk and cookies.

“Microservices – single-function services built by small teams, independent from other functions, and communicating only through public interfaces – simply make a great match for containers,” as Red Hat technology evangelist Gordon Haff recently noted. “Microservices plus containers represent a shift to delivering applications through modular services that can be reused and rewired to perform new tasks.”

“Containerizing services like messaging, mobile app development and support, and integration lets developers build applications, integrate with other systems, orchestrate using rules and processes, and then deploy across hybrid environments,” Haff says.

The end result: Faster and easier development, and less error-prone provisioning and configuration. “That adds up to more productive – and hopefully, less stressed – developers,” Haff notes.

As with any effort like this, you’ll want do your homework first.

“Containers are a powerful tool for increasing agility, but only if done right,” says Mike Kavis, VP and principal cloud architect at Cloud Technology Partners. “The combination of microservices, containers, and container orchestration engines can allow companies to bring features to the market rapidly while still maintaining or even improving quality, reliability, and resiliency,” Kavis says.

Read on for what you need to know before you start sprinting toward a production environment. Kavis and other experts shared advice on doing it right in our increasingly hybrid IT world.

1. You’ll need some new processes and tools

Your existing processes and toolchain probably aren’t going to cut it when you move to container-based microservices, according to Kavis. So do some real planning.

“Although it is very easy to deploy a container, much thought should be put into the operations of these systems,” he says. That thought should occur to you before a single container hits production, or you could have an operational mess on your hands, he says.

“Monitoring and managing a highly distributed and auto-scaling container-based system requires more modern tools than many are accustomed to using in the data center,” Kavis explains.

Kavis and others point out that this becomes more true – and more complex – as your container-based microservices architecture scales over time. Failing to properly plan ahead means that you’re more likely to, well, fail.

So let’s dig deeper on these best practices, tools, and other tips necessary for success.

2. Orchestration is a must…

“You won’t get very far before you’ll need a cluster scheduler/container orchestration system like Kubernetes to deploy and manage your containerized microservices,” says Nic Grange, CTO at Retriever Communications. Grange notes that you can opt for a hosted version from a public cloud provider or run the tool yourself in a private cloud or on-premises data center, depending on your preferences and constraints. But he advises choosing a cloud-agnostic tool – especially for IT leaders managing hybrid cloud or multi-cloud environments.

“The benefit of choosing a cloud-agnostic system like Kubernetes is that it can run in each of those options [public, private, on-premises] so you won’t lock yourself in,” Grange says.

3. …and so is service discovery

Here’s another one just about everyone seems to agree on: Container-based microservices almost immediately introduce the need for service discovery. Hard-coding IP addresses and hostnames? Don’t even think about it.

“Services need to register themselves and look up other services in a dynamic, automated fashion. Hardcoded IPs, server names, and even URLs will break,” says Kevin McGrath, senior CTO architect at Sungard Availability Services. “When a service launches, it should be able to register where it is, what it is, and how to use it. Other services need to be able to query this information as it will change during replacements.”

4.  Start with a greenfield project

If it’s your first foray in containers and microservices, start with a brand-new request or project, McGrath advises. This will increase the likelihood that you’ll set a high standard for a broader container-based microservices implementation, because you’ll hopefully have to make fewer of the “good enough” trade-offs required when managing legacy, monolithic applications, he says.

“It’s tempting to start chopping up a monolith as the first project out of the gate, but a small greenfield project will provide the latitude to design the microservice without legacy restrictions,” McGrath says. “This will be the target that other projects should aim to become. When starting with a monolith it is easy to make concessions early that then work into every project that follows.”

For more on how your peers are getting started using containers, see our related article, 4 container adoption patterns: What you need to know.

5. One microservice: one container

A fundamental idea underpinning microservices architecture is that a microservice should do one thing and do it exceedingly well; when deployed in containers, a similar ratio applies.

“The optimal way to scale microservices in containers is to deploy only one service per container,” Kavis says.

Containers are commonly referred to as “lightweight,” “lean,” or with similar adjectives – but you must ensure they stay that way. They’re not “free.”

“Microservices allow you to deliver your application to market in a shorter amount of time, but you’ll still need to provision resources for your microservice to run including the compute and memory to execute,” says Kong Yang, head geek at SolarWinds. Heeding the 1-to-1 rule helps realize some of the significant potential of using microservices and containers together, he says.

“Because microservices are so short-lived, running them in lightweight and portable containers make sense since VMs would be over-provisioned for your needs,” Yang says. “In other words, the symbiotic nature of microservices and containers means you can quickly provision infrastructure services, let the microservice run, and then de-provision the container to retire it cleanly.”

6. Make container security a priority

“Because containers contain system-specific libraries and dependencies, they’re more prone to be affected by newly discovered security vulnerabilities,”  as Red Hat’s Ashesh Badani, VP and general manager, OpenShift, noted in a recent article. “Trusted registries, image scanning, and management tools can help identify and patch container images automatically.

The post Microservices and containers: 6 things to know at start time appeared first on Artificial Intelligence.