Thanks to Wei Lien Dang, VP of Product at StackRox, for sharing his thoughts on the state of orchestration and deployment of containers for DZone’s upcoming Containers Research Guide that will be published in early August.
Q: How is your company involved in the orchestration and deployment of containers?
A: StackRox is the industry’s most advanced container security platform. We protect containers and microservices for enterprises deploying them for greater agility, productivity, and efficiency.
Q: What do you see as the most important elements of orchestrating and deploying containers?
A: Orchestrators typically offer three core capabilities: 1) Provisioning – scaling containers up and down dynamically; 2) Scheduling – matching containers to available resources; and, 3) Discovery – ensuring microservices are able to communicate with each other to operate as a single application.
This enables three benefits: 1) Scalability – applications can quickly and easily scale; 2) Reliability and availability – orchestrators employ automation to deploy and run applications, reducing the likelihood of operational issues; and, 3) Flexibility – software development and operations become easier to manage.
Q: Which programming languages, frameworks, and tools do you, or your company use, to orchestrate and deploy containers?
A: We use the Go programming language because of its simplicity, which makes it well-suited for building microservices. Our product is a security platform made up of microservices and integrates with Kubernetes, Red Hat OpenShift, Docker Enterprise Edition, and Mesosphere DC/OS.
Q: How has the orchestration and deployment of containers changed application development?
A: 1) It saves time. Containers provide a standardized, modular unit for packaging applications that deploys and runs consistently across different environments. This reduces the time required for developers to build applications. It also allows developers to focus on building smaller application components rather than having to integrate components within a large, monolithic application.
2) It automates development workflows. Containers enable development processes to benefit from increased automation that reduces complexity.
Q: What kind of security techniques and tools do you find most effective for orchestrating and deploying containers?
A: First, containers that are deployed and orchestrated across a distributed environment are frequently communicating with each other, generating data flows that have to be continuously monitored. Second, security services must be deployed and orchestrated the same way as the applications they are meant to protect. If applications are rapidly changing, constantly scaling, and highly distributed, then security must match the same patterns to be effective.
Q: What are some real-world problems being solved by the orchestration and deployment of containers?
A: Some problems that are addressed by container orchestration and deployment are: the inability to quickly scale applications, friction in software development workflows that span multiple infrastructure environments, and low levels of resource utilization.
Q: What are the most common issues you see affecting the orchestration and deployment of containers?
A: Security continues to be a significant obstacle to deploying containers, particularly in production environments. From a security perspective, orchestration platforms are also another attack surface that need to be protected with appropriate controls to prevent unauthorized access, orchestration, and deployment of containers.
Q: Do you have any concerns regarding the current state of orchestrating and deploying containers?
A: Different orchestration platforms can vary substantially in their functionality. It remains to be seen how much they will standardize over time.
Q: What’s the future for containers from your point of view - where do the greatest opportunities lie?
A: Containers are going to drive significant innovation. Containers are the building blocks that will form the basis for hyperscale computing and the Internet of Things. Large organizations are still early in their adoption of containers and microservices as part of their strategic transitions to building digital businesses that take advantage of these new developments.
Q: What do developers need to keep in mind when working on orchestrating and deploying containers?
A: Developers need to think about how orchestration platforms fit in with existing developer tooling such as the CI/CD (continuous innovation/continuous deployment) pipeline and build management systems. Successfully leveraging orchestration platforms requires ensuring that they are interoperable with tools and workflows across the software development lifecycle.
Q: What have I failed to ask you that you think we need to consider with regards to containers?
A: Whether containers can only be used for new cloud-native applications based on microservices architectures. The answer is no - large organizations are also realizing significant benefits by containerizing their existing legacy apps, which makes them faster, safer, and easier to manage.