Justin Zimmer | Solutions Architect, Technologent
In a recent blog written and shared by Armor’s partner, Technologent, customers learned how containers—a packaged unit of application code and its dependencies enabling applications to run quickly and reliably from one computing environment to another—and Containers-as-a-Service fit into the cloud computing stack.
“CaaS solutions simplify the process of managing and deploying containers by not only delivering container engines and orchestration but also image repositories, service discovery, storage and network plug-ins, and other resources as a service. CaaS allows organizations to focus on developing and deploying containers while letting IaaS providers take on the task of maintaining and securing a consistent infrastructure across all environments.”
As a follow up to the aforementioned piece, today’s blog, in collaboration with Justin Zimmer, Lead Solutions Architect at Technologent, will take a look at the capabilities and challenges of containers, how security fits into this somewhat new approach, and how to build your container strategy. It’s our hope that by the end of this blog, you’re able to determine if containerization and CaaS is a step in the right direction for your company.
Container Capabilities and Challenges
Containers offer a wealth of benefits including a consistent environment, the ability to run anywhere, and isolation—just to name a few. So, how are IT departments—including networking and security teams—benefitting from containers?
For networking teams, container platforms offer greater control of network aspects—especially considering all the capabilities they offer for networking between containers, load balancing, etc. This level of control is attractive to teams that want to move quickly to build solutions.
For security teams, containers also offer quite a few benefits. Managed within images, it’s easier to keep up with updates and roll out patches. Plus, since containers can be set to immutable, there’s no chance of malicious code being written into a container. Even if it’s not immutable, the instance with the malicious code can be deleted and developers are able to spin up a new container from the image that did not receive the malicious code.
Despite these benefits, many enterprises are still familiarizing themselves with containers and using container expertise within specific business units as opposed to adopting containers on a larger scale. Whether containers are being used on a single application or across an organization’s network, one of the biggest challenges is the learning curve.
Network teams have to figure out how to incorporate new processes, especially across multiple teams, to learn what it takes to manage a broader networking control within the container platform they’re in. Additionally, security professionals have to learn new tools, terminologies, and how to assess new risks.
Containers and Security
Despite the learning curve for security teams, an essential piece of containerization is the security supporting it. As we know, there’s no DevOps without DevSecOps these days, and containers are the same. Security needs to be built in upfront, as opposed to tacked on as an afterthought.
Containers open new considerations for security teams to address. Not only are there new tools and terminology, but there are also new attack vectors for developers and security experts to keep in mind.
When looking for a security partner, Technologent chose Armor as a company that specializes in the security challenge of how this all fits together, particularly as it relates to configurability. A security partner or expert for your organization should address your container security concerns with a balance of configurable and preset settings within your platform, as well as policies, processes, and plans to securely manage the inevitable learning curve.
The Future of Containers and Developing a Container Strategy
Containerization is just as much a cultural shift as it is a technological one. When embarking down the road to containers, it’s important to understand how this technology will impact your company and benefit your bottom line.
As you build out your container strategy, here are some things to keep in mind:
- Just get started—the technology can come last. The most important lessons you’re going to learn are the new processes that come with installing and using containers. The tools for doing so can be swapped out at any time—start learning the lessons sooner rather than later.
- Take on one thing at a time. Many customers are taking on DevOps, Cloud, and Containers all at once. Security and operation concerns will be a lot to deal with if you try to roll out all three at once. Instead, find quick wins by taking these three aspects on in pieces and make as few changes as possible at one time.
It should also be noted that if containers are your first foray into the public cloud, you face a bigger risk as you’re learning both platforms at one time. For the security of your company and new platforms, it’s best to take on one at a time.
- Understand why you’re moving to containers. Containers are the shiny new toy right now, and a lot of companies are making the move because of the buzz. However, you always want to be able to tie your move to containers back to a KPI—such as your time to market. One of the first questions you should ask yourself is, “how is this going to impact my KPI’s?”
The future of containers is consolidation and commoditization.
Container environments will become more commoditized as consolidations and mergers continue to happen in the market. Today, you have to understand the component, orchestration, image repository, the hosts, pieces of the host, service mesh, and the list goes on. But, as we move forward, companies are not going have to worry about these different layers. You’ll be able to buy and run containers with a larger package software from large companies in the future.
As we see the future of containers continue to broaden, it’s important for companies to understand why they should employ a container environment. Technologent’s goal is to ensure customers understand the challenge. They don’t just help architect the container platform itself and manage services. Instead, their primary focus is educating customers on the culture and technology shift that will take place in their organization, and ensure their new architecture is correct. Partnering with companies like Armor to help navigate the security of container platforms is essential to the success of their customers.
If you’re interested in learning more about container environments and how your company can benefit from this technology, check out the Technologent website for more information.