The Power and Pitfalls of Containers: DevOpsDays Seattle conference 2017

I recently attended the DevOpsDays Seattle conference and wanted to share some of the topics of discussion with the Cloud Academy audience.
Unsurprisingly, container talk was everywhere! Most people know Docker as one of the biggest names in this space, and indeed there are multiple Cloud Academy blog posts concerning Docker already. In this crowd, you were definitely behind the curve if you didn’t have anything in containers or many good reasons why you were not using them. If you have not yet learned about or embraced containerization, there is still time to catch up!
Cloud Academy features an Introduction to Docker course and an entire learning path on Docker and Container Technologies. During an open space session titled “Legacy Applications Meet Containers,” attendees spoke of the many benefits of containerization including the following:

  • Lock an application down and control access. This may be a feature the application itself currently lacks, but you can add it by securing the container. Almost every DevOps professional had a smile on their face when describing how to use containers to remove the ability to SSH into resources. Fewer ad hoc changes and more robust deployment code, while sometimes a harder path initially, can make life better in the long run.
  • Unmoor an application from old hardware and dated infrastructure. This is an essential step if you are looking to migrate a legacy application to the cloud. It also helps you modernize the environment around an application, achieving benefits like greater density or new visualization tools, without touching the application itself.
  • Unlock new tools and methods for disaster recovery and high availability. A sprawling legacy application may require an equally ornate set of backup resources in case of an emergency. In contrast, it’s relatively easy to keep secondary warm/hot containers at the ready. However, you’ll need to ensure that the application architecture and container solution properly support horizontal scaling.

There are challenges for implementing a container solution, and attendees brought up several topics that you may want to consider:

  • Do you have a security audit solution in mind for your shiny new containers? Too often there is a tendency to throw the containers out into production (new technology!) without a comprehensive plan on how to compliance test, review, and update them.
  • How do you break tight coupling or dependencies with other services or systems? Many times you can move the application code, but the application is tied to something else. There are several valid approaches to solving this problem. One involves breaking away pieces of functionality one at a time until there is nothing left of the legacy system. Another approach is to surround the old system with containerized components. Eventually, the old core function is unnecessary, and you can remove it.
  • Always factor in the criticality of an application or system. If it works well, doesn’t cost a lot of money to maintain, and is stable, do you need to change it at this time? Are there better targets for your new containerization skills?

In order to meet the challenges and achieve the benefits of containerization, attendees spoke of several techniques and tools:

  • Focus on great test suites as you rewrite or break out functions to provide reliable sanity checks. Only you and your team know exactly how your application works. However, familiarity with cloud services gained through one of Cloud Academy’s developer certification learning paths is a great way to learn about the services you may need to leverage in your tests.
  • Though potentially difficult at first, leverage the extra restrictions containers offer. This encourages and fosters more coordination between staff and groups. Applications and operations staff will achieve a better understanding of each other’s needs and how to answer the all-important question, “Does this make the company money?”
  • Utilize the many great tools out there to make your container endeavors a success. Cloud Academy’s Adam Hawkins has previously discussed how container technologies are more than just Docker. Tools mentioned in the session include Habitat, Apcera, and rkt. Cloud Academy also features a course on the surging Kubernetes.

Other Conference Topics

A few more talks, open sessions, and side conversations brought up some additional points worth considering.

Connecting Your Work to the Customer

How do you connect application performance metrics (APM) to user metrics? Do you have the right tools deployed to demonstrate that your work benefits the customer? Are all of your microservices watched and measured properly? Granular application telemetry data may need to come from a tool like OptimizeIT. However, if your current overall cloud metric view is a little thin, consider Cloud Academy’s course on Advanced Techniques for AWS Monitoring, Metrics and Logging.

How is QA Changing with the Cloud?

How is quality assurance (QA) changing with new cloud technologies? Some services offered by cloud providers such as AWS Device Farm allow you to simulate and automate previously manual tasks. Can you leverage your existing QA staff to design and maintain new tests using these services? Do they have the cloud service training and skills necessary to harness these new tools?

How to Build the Right Thing

An entire session was devoted to the seemingly simple topic of, “How to Build the Right Thing.” Simple, right? You know what you need to build, or do you? What pleases your customers and makes your company money, and how do you apportion limited resources to achieve those goals? Are you properly considering all risk management concerns when devising solutions? Do you understand the difference between what people are asking for versus what they need?
To strengthen your ability to answer the high-level questions, consider one of Cloud Academy’s architect learning paths.

Written by

Eric is a Lab Researcher and Developer working to add to Cloud Academy's library of hands-on labs. He is an IT veteran who enjoys the ever-changing landscape of cloud computing. He also relishes live classical music performances, because sometimes engineering is better heard than seen.

Related Posts

— December 6, 2018

What DevOps Means for Risk Management

What Does DevOps Mean for Risk Management?Adopting DevOps makes the unfamiliar uneasy in two areas. One, they see an inherently risky choice between speed and quality and second, they are concerned that the quick iterations of DevOps may break compliance rules or introduce security vu...

Read more
  • DevOps
— October 25, 2018

How DevOps Transforms Software Testing

Testing is arguably the most important aspect of software development. Whether manual or automated, testing ensures the software works as expected. Broken software causes production outages, unsatisfied customers, refunds, decreased trust, or even complete financial collapse. Testing mi...

Read more
  • DevOps
— August 8, 2018

From Monolith to Serverless – The Evolving Cloudscape of Compute

Containers can help fragment monoliths into logical, easier to use workloads. The AWS Summit New York was held on July 17 and Cloud Academy sponsored my trip to the event. As someone who covers enterprise cloud technologies and services, the recent Amazon Web Services event was an insig...

Read more
  • AWS
  • AWS Summits
  • Containers
  • DevOps
  • serverless
Albert Qian
— August 6, 2018

Four Tactics for Cultural Change in DevOps Adoption

Many organizations approach digital transformation and DevOps adoption with the belief that simply by selecting and using the right tools, they will achieve higher levels of automation and gain massive efficiencies as a result. While DevOps adoption does require new tools and processes,...

Read more
  • DevOps
— July 24, 2018

Get Started with HashiCorp Vault

Ongoing threats of data breaches and cyber attacks remain top of mind for every team responsible for securing cloud workloads and applications, especially with the challenge of managing secrets including passwords, tokens, API keys, certificates, and more. Complexity is especially notab...

Read more
  • DevOps
  • HashiCorp Vault
— June 11, 2018

Open Source Software Security Risks and Best Practices

Enterprises are leveraging a variety of open source products including operating systems, code libraries, software, and applications for a range of business use cases. While using open source comes with cost, flexibility, and speed advantages, it can also pose some unique security chall...

Read more
  • DevOps
— June 5, 2018

What is Static Analysis Within CI/CD Pipelines?

Thanks to DevOps practices, enterprise IT is faster and more agile. Automation in the form of automated builds, tests, and releases plays a significant role in achieving those benefits and creates the foundation for Continuous Integration/Continuous Deployment (CI/CD) pipelines. However...

Read more
  • DevOps
— March 29, 2018

What is Chaos Engineering? Failure Becomes Reliability

In the IT world, failure is inevitable. A server might go down, an app may fail, etc. Does your team know what to do during a major outage? Do you know what instances may cause a larger systems failure? Chaos engineering, or chaos as a service, will help you fail responsibly.It almost...

Read more
  • Cloud Computing
  • DevOps
— December 7, 2017

10 Ingredients for DevOps Transformation with Mark Andersen

At Capital One, DevOps is about delivering high quality, working software, faster. This means software that is reliable, secure, usable, and performant while providing value and accomplishing those important end user goals. Everything is about speed of delivery and getting that feedback...

Read more
  • Cloud Migration
  • DevOps
— October 5, 2017

SQL Injection Lab: Think Like a Hacker

Security is IT’s top spending priority according to the 2017/2018 Computer Economics IT Spending & Staffing Benchmarks report*. Given the frequent changes and updates in vendor platforms, the pressure is on for IT teams who need to keep their infrastructures and data secure. As brea...

Read more
  • DevOps
  • Security
  • SQL injection
— September 15, 2017

Women in Tech: Zamira Jaupaj, DevOps Engineer

In building an enterprise culture of cloud, DevOps skills complement the enterprise’s need to automate development, testing, deployment, and operations processes for their public cloud deployments. In this latest post in our Women in Tech series, we’ll be talking to Zamira Jaupaj, a Dev...

Read more
  • DevOps
  • Women in Tech
— September 8, 2017

Mesosphere to Incorporate Kubernetes into DC/OS

The announcement that Mesosphere is going to incorporate Kubernetes into DC/OS has generated a fair amount of buzz in the industry, with the consensus landing largely on the side that this is a sign that Mesosphere is ceding to Google’s open source software. I have a different perspecti...

Read more
  • DevOps
  • Docker
  • Kubernetes