Concerns with Containers

To gather insights on the current and future state of containers, we talked to executives from 26 companies. We asked, "Do you have any concerns regarding the current state of containers?" Here's what they told us:

Security

• There are no formal best practice documents or reference architectures on how to deploy and manage Docker environments, so this leads to users having to figure out on their own. Given many Docker daemons are insufficiently secured demonstrates that more must be done to ensure enterprise standards. 
• The need to follow security best practices to ensure the security of the data.
• The training gap. Everyone needs to become more educated on many aspects of security. 
• To gain the full benefits of a microservices model, there are some requirements for developing or migrating applications. An application that was designed from the beginning as a distributed, stateless microservice will definitely make it much easier to run as a container. Putting traditional monolithic applications into containers won’t work most of the time. The effort to split these legacy applications into microservices is not trivial. We saw the same type of issues in the past when moving physical servers to virtual machines in data centers – it took time and effort to adopt this new model and start getting benefits. But the benefits make it worth doing eventually for many, but not all, applications. As a security veteran, I’m concerned that the frequency of attacks and exploits that we see today will only continue to increase while enterprises experiment with new container technologies without proper security tools designed to work in this environment. 
• People think containers are inherently secure when they are not. You must be proactive in securing them. 
• As mentioned, the biggest concern is the adolescence of the technology. Rapid developments could mean that breaking changes could come at any time or that new attacks could be identified as code is rapidly iterated on. However, the flexibility afforded and ensuring we’re following sane development practices means we should be able to find a balance of using new technology without negatively impacting our customers.

Knowledge

• Lack of education of end users, developers, and security. The app inside the container shares the same host making it easier for people to understand. 
• The rapid success of K8 is a godsend from a platform and standardization perspective. There are challenges around service management and serverless. Still early in learning cycle. Provide tools, blueprints, use cases, hands-on labs. There’s a lot of hard work to do.
• Lack of knowledge about container technology. It’s still a young technology.

Expectations

• Unrealistic expectations. Mixed workloads for a long time. Don’t silo VMs and containers or it will make the integration even more difficult.
• Hype cycle – understand expectations and delivery of containers, microservices, and DevOps results in a more complicated stack with great benefits that take time to realize. You need to have patience. 
• People see it as easy and straightforward. Things are moving faster deploying 10,000 containers versus five or 10 virtual machines. Pay attention to base images and white outs. Learn how to drive.

Other

• All good, going in a great direction. Follow best practices with a small footprint and 12-factor applications.
• People like portability and development to production without troubleshooting. Portability in isolation with build and management issues need to catch up on tooling to ship in a robust manner. There needs to be a reframing around what containers are.
• Early in the adoption curve of mainstream use transitioning from dev/test to production without knowing how great an opportunity it is for service teams. Organizations are looking for silver bullets. Now the pendulum is swinging to serverless and clients will force fits rather than looking for the best solution. Focus on the right tools for the right problems.
• Scalability.
• How can we make them easy to use for all types of users beyond system administration and Ops?
• No, not really. (I'd like a GA of EKS and AKS ASAP, though!)
• No. No major security issues. Understand what you want to accomplish with containers.

Here’s who we spoke to:

• Matt Chotin, Sr. Director of Technical Evangelism, AppDynamics
• Jeff Jensen, CTO, Arundo Analytics
• Jaime Ryan, Senior Director, Project Management and Strategy, CA Technologies
• B.G. Goyal, V.P. of Engineering, Cavirin Systems
• Tasha Drew, Product Manager, Chef
• James Strachan, Senior Architect, CloudBees
• Jenks Gibbons, Enterprise Sales Engineer, CloudPassage
• Oj Ngo, CTO and Co-founder, DH2i
• Anders Wallgren, CTO, Electric Cloud
• Navin Ganeshan, Chief Product Officer, Gemini Data
• Carsten Jacobsen, Developer Evangelist, Hyperwallet
• Daniel Berg, Distinguished Engineer Cloud Foundation Services, IBM
• Jack Norris, S.V.P. Data and Applications, MapR
• Fei Huang, CEO, NeuVector
• Ariff Kassam, V.P. Product, NuoDB
• Bob Quillan, V.P. Container Group, Oracle
• Sirish Raghuram, CEO and Co-founder, Platform9
• Neil Cresswell, CEO/CTO, Portainer.io
• Sheng Liang, Co-founder and CEO and Shannon Williams, Co-founder and VP of Sales, Rancher Labs
• Bill Mulligan, Container Success Orchestrator, RiseML
• Martin Loewinger, Director of SaaS Operations and Jonathan Parrilla, DevOps Engineer, SmartBear
• Antony Edwards, CTO, Eggplant
• Ady Degany, CTO, Velostrata
• Paul Dul, V.P. Product Marketing Cloud Native Applications, VMware
• Mattius McLaughlin, Engineering Manager & Containers SME, xMatters
• Roman Shoposhnik, Co-founder, Product & Strategy, Zededa