Developers and Containers

To gather insights on the current and future state of containers, we talked to executives from 26 companies. We asked, "What do developers need to keep in mind when working on orchestrating and deploying containers?" Here's what they told us:

Security

• How apps for your own solutions are going to be secured. How the data is going to be secured in motion and at rest. How do the apps interact inside the container and how the app is being used?  How to secure communications between the app and the host and the host and the host. 
• Depends on the goal of the organization. Build, management, update of application with an abstraction of service. More companies need to move to the Netflix and Facebook model, in which developers are responsible for the health of their service in production. Ensure your application is running in a secure, stable, repeatable manner. 
• Most importantly, they need to keep in mind that containers are not magic technology — they still need to use the same logic in safely using resources as they did before with security and efficiency as primary goals. 
• Know what containers can and cannot do for you. Know the environment you are running in. Be aware of the benefits and weaknesses. Focus on your own app. You are responsible for the security of the apps you build. Be aware of your role in securing your infrastructure.

Continuous and Automated Delivery

• Containerize applications. Use continuous delivery. Automate the process. Identify the type of application you are developing. 
• As developers move towards containers, cloud-native applications and microservices for me one of the biggest challenges is to figure out automation and continuous delivery; as you'll be doing lots of releases across lots of different source code repositories and doing all that by hand is going to get old fast.

Other

• Understand the networking requirements, try to minimize cross-container communications, and make sure to embed service discovery in your apps
• Start with a data fabric. It makes everything easier. Focus on the data. You must pay attention to the data pipeline(s).
• 1) Lease privileges without more security capabilities than necessary. Stateless as a possibility. 2) Forward and backward compatibility. 3) Don’t abuse the environment variables. 4) If not stateless need a persistence layer.
• Stay up to date with development literature. Stay tied into open standards community. The community is built for people to work together. Open standards help prevent you from getting locked in. Hold vendors to the open standards. Use open standards as a basis as you build your career.
• Understand workloads. Monitor early to understand their characteristics to build best practices into the orchestration configuration.
• Realize containers cannot fix broken applications. "Lift and shift" is a big effort. Look into Container Pilot that will allow you to take an existing app and then start chipping away with an eye towards a microservices architecture. Start operating under the assumption of distributed services. Be able to monitor and control services between microservices. Docker Inc. is the king of the developer experience on the desktop. Test and develop microservices on K8. Tooling for CI/CD, scanning. This is the minimum viable toolset.
• 1) Go back to basics – pick up a CCNA text. Remember how to subnet and simple networking DNS. Optimize performance with DNS. 2) Talk to companies using K8 (GitLab) to solve business problems about what they’re willing to share. Read Stack Overflow, Medium, and DZone. Reach out to companies about starting open source projects and contributing.
• When developing container-based applications, the design and architecture should fit in a microservices model. It is recommended that one microservice and container should just do one main function. Keep in mind that your microservices and containers could be scaled up and down on the fly. The data should be fully accessible from a distributed system. In addition, containers will do rolling updates periodically so all communication between your applications should be as stateless as possible.
• Look at best practices, K8 patterns, site cards, ambassador cards. Don’t use containers without K8. Look at FaaS while using K8. Stay up to date with this fast-moving space.
• Containers and container applications are synonymous with application servers in the 90’s. K8 provides developers with the next generation application platform built on and operated within a container. It will change how applications are developed for the next 10 years.
• Be agnostic between development and operations. You build and deploy stuff. You cannot ignore troubleshooting and measurement. Understand that what you develop will be deployed in production. Know how to rollback and fix if necessary. You’ll see faster growth in your career and alignment with the business.
• Understand the larger frameworks and connective tissue between components. Which layers ultimately matter and which do not.
• Think about the nuances of your container application. Map every port going in and out. Think about how to store, log, and monitor – this is critical with containers.
• Understand what happens in the layers of Docker file, base image, where the software package comes from, understanding whiteouts, building Docker images and running them through the scanner to see vulnerabilities. Study best practices at the Docker site. Get your hands dirty and know where the potential problems are.
• Developers should focus on making sure their containerized services are stateless, and that DevOps can run multiple containers of that service to spread the load and have customers not lose any data or even notice if they go from container 1 to container 2 of a containerized service. It will help with automatic deployments, updates, rollbacks, troubleshooting (since we can say that container 1 is bad, but container 2 is working), and most of all, scaling production environments.
• Do not use containers as a scapegoat for all errors. Most of the time, your slip-ups are going to be associated with application code as opposed to a misconfiguration of Kubernetes or Docker. Knowing how the content of your container relates to overall application performance is critically important for avoiding issues that are noticeable to your end users.

Here’s who we spoke to:

• Matt Chotin, Sr. Director of Technical Evangelism, AppDynamics
• Jeff Jensen, CTO, Arundo Analytics
• Jaime Ryan, Senior Director, Project Management and Strategy, CA Technologies
• B.G. Goyal, V.P. of Engineering, Cavirin Systems
• Tasha Drew, Product Manager, Chef
• James Strachan, Senior Architect, CloudBees
• Jenks Gibbons, Enterprise Sales Engineer, CloudPassage
• Oj Ngo, CTO and Co-founder, DH2i
• Anders Wallgren, CTO, Electric Cloud
• Navin Ganeshan, Chief Product Officer, Gemini Data
• Carsten Jacobsen, Developer Evangelist, Hyperwallet
• Daniel Berg, Distinguished Engineer Cloud Foundation Services, IBM
• Jack Norris, S.V.P. Data and Applications, MapR
• Fei Huang, CEO, NeuVector
• Ariff Kassam, V.P. Product, NuoDB
• Bob Quillan, V.P. Container Group, Oracle
• Sirish Raghuram, CEO and Co-founder, Platform9
• Neil Cresswell, CEO/CTO, Portainer.io
• Sheng Liang, Co-founder and CEO and Shannon Williams, Co-founder and VP of Sales, Rancher Labs
• Bill Mulligan, Container Success Orchestrator, RiseML
• Martin Loewinger, Director of SaaS Operations and Jonathan Parrilla, DevOps Engineer, SmartBear
• Antony Edwards, CTO, Eggplant
• Ady Degany, CTO, Velostrata
• Paul Dul, V.P. Product Marketing Cloud Native Applications, VMware
• Mattius McLaughlin, Engineering Manager & Containers SME, xMatters
• Roman Shoposhnik, Co-founder, Product & Strategy, Zededa