Security, complexity, and lack of skilled professionals, and finding knowledgeable practitioners are the top issues in ongoing container development.
Join the DZone community and get the full member experience.Join For Free
To understand the current and future state of containers, we gathered insights from 33 IT executives who are actively using containers. We asked, "Do you have any concerns regarding the current state of container environments?"
Here's what they told us:
- Containers as an application delivery vehicle bring tremendous value throughout the entire application life cycle. However, as far as security goes, neither containers nor container orchestration delivers an enterprise-grade secure workload environment.
- One of the largest holes in Kubernetes (K8s) today is the idea of multi-tenancy. The Namespace construct exists to segregate resources and permissions, however, it doesn’t create hard and fast boundaries like VMs. For some organizations or groups, this is not a problem—but for larger enterprises seeking to comply with security frameworks or protect themselves from external threats, this may not be enough. Fortunately, the K8s community is doing great work on this issue, and we will likely see a solution take shape in the next 12 to 18 months.
- While I love the capabilities containers enable, the rapid technology adoption and reducing the time to get these new technologies to market can cause security visibility concerns. It’s critical that anyone using containers have the proper security visibility in place to ensure they have the observability needed to ensure containers are behaving as expected and the configuration isn’t leading to unintended consequences.
- We still have to deal with issues like provenance and rebuilding. If I know I have a base layer of knowledge for containers to know what needs to be rebuilt, I need metadata for the lineage to drive. This is a big challenge for a lot of organizations. Omnibus containers end up being giant multi-gigabyte. There is a focus on containers solving everything in the rush to adopt them without changing anything. Another thing that’s a huge risk is people realizing the broad vulnerability due to images on the public registry. More education and learning is needed.
- One area we’re actively working to fill the gaps is ease of use. We need K8s to manage a Docker cluster but it can be complex. Prometheus and Istio add to the complexity. Users have to understand a lot of technology. We're trying to streamline and simplify the experience by providing control without complexity.
- At this point where containers leave off, the orchestration tools pick up. People have an understanding of containers and how to use them. Now we need to learn how to get the most out of containers by driving use of K8s and workflow tools. You do this by building pipelines and having environmental isolation. A problem that existed was network management, but this has been addressed with K8s it takes care of all the work.
- We are seeing the evolution of the ecosystem enabling effective managing, monitoring, and securing the next area where we need solutions to run across every technology choice. A plethora of technologies is being deployed throughout the environment. We need a complete set of tools for development, deployment, and management to enable DevOps teams.
- The complexity of operations is the number one challenge. K8s has a reputation for being easy to deploy and run quickly, but what happens afterward can be difficult. Maintaining the health of K8s is a challenge, bringing back to life, securing, upgrades and backup are all challenging. Ongoing maintenance is challenging and requires a good bit of knowledge.
- A current concern is complexity. It takes six months for someone to get their head around what’s going on. There is overuse and overreliance on third-party UI tools. There is insufficient understanding of the fundamentals.
- Is Docker going to be the frontrunner or is OCI going to displace it? K8s still needs work around persistent storage and volume. The biggest concern for the industry is the complexity of K8s and the lack of people with the proper skillset. This impacts how long it takes to build skills to move past requirements and the speed with which you can automate.
Here’s who we spoke to:
- Tim Curless, Solutions Principal, AHEAD
- Gadi Naor, CTO and Co-founder, Alcide
- Carmine Rimi, Product Manager, Canonical
- Sanjay Challa, Director of Product Management, Datical
- OJ Ngo, CTO, DH2i
- Shiv Ramji, V.P. Product, DigitalOcean
- Antony Edwards, COO, Eggplant
- Anders Wallgren, CTO, Electric Cloud
- Armon Dadgar, Founder and CTO, HashiCorp
- Gaurav Yadav, Founding Engineer Product Manager, Hedvig
- Ben Bromhead, Chief Technology Officer, Instaclustr
- Jim Scott, Director, Enterprise Architecture, MapR
- Vesna Soraic, Senior Product Marketing Manager, ITOM, Micro Focus
- Fei Huang, CEO, NeuVector
- Ryan Duguid, Chief Evangelist, Nintex
- Ariff Kassam, VP of Products and Joe Leslie, Senior Product Manager, NuoDB
- Bich Le, Chief Architect, Platform9
- Anand Shah, Software Development Manager, Provenir
- Sheng Liang, Co-founder and CEO, and Shannon Williams, Co-founder, Rancher Labs
- Scott McCarty, Principal Product Manager - Containers, Red Hat
- Dave Blakey, CEO, Snapt
- Keith Kuchler, V.P. Engineering, SolarWinds
- Edmond Cullen, Practice Principal Architect, SPR
- Ali Golshan, CTO, StackRox
- Karthik Ramasamy, Co-Founder, Streamlio
- Loris Degioanni, CTO, Sysdig
- Todd Morneau, Director of Product Management, Threat Stack
- Rob Lalonde, VP and GM of Cloud, Univa
- Vincent Lussenburg, Director of DevOps Strategy; Andreas Prins, Vice President of Product Development; and Vincent Partington, Vice President Cloud Native Technology, XebiaLabs
Opinions expressed by DZone contributors are their own.