I recently attended the DevOpsDays Seattle conference and wanted to share some of the topics of discussion with the Cloud Academy audience.
Unsurprisingly, container talk was everywhere! Most people know Docker as one of the biggest names in this space, and indeed there are multiple Cloud Academy blog posts concerning Docker already. In this crowd, you were definitely behind the curve if you didn’t have anything in containers or many good reasons why you were not using them. If you have not yet learned about or embraced containerization, there is still time to catch up!
Cloud Academy features an Introduction to Docker course and an entire learning path on Docker and Container Technologies. During an open space session titled “Legacy Applications Meet Containers,” attendees spoke of the many benefits of containerization including the following:
- Lock an application down and control access. This may be a feature the application itself currently lacks, but you can add it by securing the container. Almost every DevOps professional had a smile on their face when describing how to use containers to remove the ability to SSH into resources. Fewer ad hoc changes and more robust deployment code, while sometimes a harder path initially, can make life better in the long run.
- Unmoor an application from old hardware and dated infrastructure. This is an essential step if you are looking to migrate a legacy application to the cloud. It also helps you modernize the environment around an application, achieving benefits like greater density or new visualization tools, without touching the application itself.
- Unlock new tools and methods for disaster recovery and high availability. A sprawling legacy application may require an equally ornate set of backup resources in case of an emergency. In contrast, it’s relatively easy to keep secondary warm/hot containers at the ready. However, you’ll need to ensure that the application architecture and container solution properly support horizontal scaling.
There are challenges for implementing a container solution, and attendees brought up several topics that you may want to consider:
- Do you have a security audit solution in mind for your shiny new containers? Too often there is a tendency to throw the containers out into production (new technology!) without a comprehensive plan on how to compliance test, review, and update them.
- How do you break tight coupling or dependencies with other services or systems? Many times you can move the application code, but the application is tied to something else. There are several valid approaches to solving this problem. One involves breaking away pieces of functionality one at a time until there is nothing left of the legacy system. Another approach is to surround the old system with containerized components. Eventually, the old core function is unnecessary, and you can remove it.
- Always factor in the criticality of an application or system. If it works well, doesn’t cost a lot of money to maintain, and is stable, do you need to change it at this time? Are there better targets for your new containerization skills?
In order to meet the challenges and achieve the benefits of containerization, attendees spoke of several techniques and tools:
- Focus on great test suites as you rewrite or break out functions to provide reliable sanity checks. Only you and your team know exactly how your application works. However, familiarity with cloud services gained through one of Cloud Academy’s developer certification learning paths is a great way to learn about the services you may need to leverage in your tests.
- Though potentially difficult at first, leverage the extra restrictions containers offer. This encourages and fosters more coordination between staff and groups. Applications and operations staff will achieve a better understanding of each other’s needs and how to answer the all-important question, “Does this make the company money?”
- Utilize the many great tools out there to make your container endeavors a success. Cloud Academy’s Adam Hawkins has previously discussed how container technologies are more than just Docker. Tools mentioned in the session include Habitat, Apcera, and rkt. Cloud Academy also features a course on the surging Kubernetes.
Other Conference Topics
A few more talks, open sessions, and side conversations brought up some additional points worth considering.
Connecting Your Work to the Customer
How do you connect application performance metrics (APM) to user metrics? Do you have the right tools deployed to demonstrate that your work benefits the customer? Are all of your microservices watched and measured properly? Granular application telemetry data may need to come from a tool like OptimizeIT. However, if your current overall cloud metric view is a little thin, consider Cloud Academy’s course on Advanced Techniques for AWS Monitoring, Metrics and Logging.
How is QA Changing with the Cloud?
How is quality assurance (QA) changing with new cloud technologies? Some services offered by cloud providers such as AWS Device Farm allow you to simulate and automate previously manual tasks. Can you leverage your existing QA staff to design and maintain new tests using these services? Do they have the cloud service training and skills necessary to harness these new tools?
How to Build the Right Thing
An entire session was devoted to the seemingly simple topic of, “How to Build the Right Thing.” Simple, right? You know what you need to build, or do you? What pleases your customers and makes your company money, and how do you apportion limited resources to achieve those goals? Are you properly considering all risk management concerns when devising solutions? Do you understand the difference between what people are asking for versus what they need?
To strengthen your ability to answer the high-level questions, consider one of Cloud Academy’s architect learning paths.
What DevOps Means for Risk Management
What Does DevOps Mean for Risk Management?Adopting DevOps makes the unfamiliar uneasy in two areas. One, they see an inherently risky choice between speed and quality and second, they are concerned that the quick iterations of DevOps may break compliance rules or introduce security vu...
How DevOps Transforms Software Testing
Testing is arguably the most important aspect of software development. Whether manual or automated, testing ensures the software works as expected. Broken software causes production outages, unsatisfied customers, refunds, decreased trust, or even complete financial collapse. Testing mi...
From Monolith to Serverless – The Evolving Cloudscape of Compute
Containers can help fragment monoliths into logical, easier to use workloads. The AWS Summit New York was held on July 17 and Cloud Academy sponsored my trip to the event. As someone who covers enterprise cloud technologies and services, the recent Amazon Web Services event was an insig...
Four Tactics for Cultural Change in DevOps Adoption
Many organizations approach digital transformation and DevOps adoption with the belief that simply by selecting and using the right tools, they will achieve higher levels of automation and gain massive efficiencies as a result. While DevOps adoption does require new tools and processes,...
Get Started with HashiCorp Vault
Ongoing threats of data breaches and cyber attacks remain top of mind for every team responsible for securing cloud workloads and applications, especially with the challenge of managing secrets including passwords, tokens, API keys, certificates, and more. Complexity is especially notab...
Open Source Software Security Risks and Best Practices
Enterprises are leveraging a variety of open source products including operating systems, code libraries, software, and applications for a range of business use cases. While using open source comes with cost, flexibility, and speed advantages, it can also pose some unique security chall...
What is Static Analysis Within CI/CD Pipelines?
Thanks to DevOps practices, enterprise IT is faster and more agile. Automation in the form of automated builds, tests, and releases plays a significant role in achieving those benefits and creates the foundation for Continuous Integration/Continuous Deployment (CI/CD) pipelines. However...
What is Chaos Engineering? Failure Becomes Reliability
In the IT world, failure is inevitable. A server might go down, an app may fail, etc. Does your team know what to do during a major outage? Do you know what instances may cause a larger systems failure? Chaos engineering, or chaos as a service, will help you fail responsibly.It almost...
10 Ingredients for DevOps Transformation with Mark Andersen
At Capital One, DevOps is about delivering high quality, working software, faster. This means software that is reliable, secure, usable, and performant while providing value and accomplishing those important end user goals. Everything is about speed of delivery and getting that feedback...
SQL Injection Lab: Think Like a Hacker
Security is IT’s top spending priority according to the 2017/2018 Computer Economics IT Spending & Staffing Benchmarks report*. Given the frequent changes and updates in vendor platforms, the pressure is on for IT teams who need to keep their infrastructures and data secure. As brea...
Women in Tech: Zamira Jaupaj, DevOps Engineer
In building an enterprise culture of cloud, DevOps skills complement the enterprise’s need to automate development, testing, deployment, and operations processes for their public cloud deployments. In this latest post in our Women in Tech series, we’ll be talking to Zamira Jaupaj, a Dev...
Mesosphere to Incorporate Kubernetes into DC/OS
The announcement that Mesosphere is going to incorporate Kubernetes into DC/OS has generated a fair amount of buzz in the industry, with the consensus landing largely on the side that this is a sign that Mesosphere is ceding to Google’s open source software. I have a different perspecti...