Are containers the key to hybrid cloud portability?
At SHI’s April customer summit, we discussed how most companies are leveraging either hybrid or multi-cloud and shared some numbers to prove it. In their 2018 State of the Cloud Report, RightScale determined that 81 percent of enterprises have adopted hybrid/multi-cloud, along with 64 percent of companies in the SMB space.
This should come as no surprise. As organizations move more into the cloud, they recognize there is not a “one-size-fits-all” cutover and they become multi-cloud by default. Different clouds fulfill different use cases. Simply leveraging multiple clouds isn’t enough. Organizations need to build an entire multi-cloud strategy, with each platform and provider playing a unique role in meeting business objectives.
Why have a multi-cloud strategy?
There are myriad reasons why your organization might embrace a multi-cloud strategy, such as:
- You want to optimize costs.
- You prefer one provider’s service over another.
- A cloud provider lacks a business-critical service.
- You want to avoid provider lock-in.
Of all of the above, avoiding provider lock-in is the most common. Leveraging native services within a cloud provider is a good cost optimization strategy, but it increases the possibility of provider lock-in. And simply having a multi-cloud strategy doesn’t make your workloads portable. So, how do you leverage a true hybrid (or multi-) cloud strategy to retain portability?
Containers aren’t new. The notion of breaking down and containerizing applications into micro-services, as well as providing cloud portability has been around for some time. Containers certainly aren’t the only way to avoid vendor lock-in, but in my opinion, they are one of the most viable options when used with vendor-agnostic management and deployment methods.
Containers take abstraction a layer beyond virtualization. Once an application is running successfully within a container, there needn’t be concern about OS dependencies. Containers are lightweight, portable, and consistent across the development, testing, and production environments.
So why haven’t containers been the panacea of cloud portability before now?
A step in the right direction
Containerizing applications reduces the level of effort associated with migration between clouds, but it doesn’t make it a slam dunk. Just like with VMs, you’re largely leveraging the cloud providers’ infrastructure via APIs to deploy and manage your containers, similar to deploying cloud-native services like Lambda or Elastic Beanstalk. For example, deploying Docker containers on AWS’ ECS services or on Microsoft’s AKS is still leveraging the providers’ proprietary interfaces and cloud management services.
What has changed is how containers and the applications within them are deployed and managed into cloud infrastructure.
The confluence of Docker, Kubernetes, and Open Service Broker
Estimated to be the top choice for 80 percent of businesses, Docker is by far the most dominant force in the container space. It’s simple for developers to access, use, and deploy in both on- and off-premises clouds.
Kubernetes is a very popular open source tool used to automate deployment and management of containers. It’s a container orchestrator juggernaut – it currently holds 50 percent of the market share, and growing.
Finally, the Open Service Broker (OSB) API ties services across cloud providers and on-premises clouds to different platforms, such as Kubernetes.
Tying all three together creates 1) application portability in the form of containers, 2) the ability to orchestrate the deployment and scalability of these containers, and 3) the ability to consume resources across cloud environments and infrastructures. The resulting suite maximizes application portability across cloud infrastructure.
With the advent of any new technology comes well-deserved questions about security. Container security has evolved significantly, and the good news is, it is only getting better, which leaves the door open to broader use cases.
Containers are essentially a bunch of instances sharing an OS, while VMs are a bunch of OSs sharing hardware. The difference introduces different security challenges. The good news is that security software has evolved to address the challenges of containers. Existing solutions address multi-tenant container environments, entire container stacks, and running containers. Why is this important?
If you’re familiar with Docker, you know there are many layers: the host, the image, the registry, the daemon, and the running containers. Each of these requires measures to ensure they are secure, so even if a vulnerability is introduced, it can be isolated and addressed at the appropriate level. Container networking is of particular importance because containers are not only required to talk among themselves to tie services together that would normally be part of one monolithic application, but also potentially, to the outside world.
A perfect, portable, cloud-agnostic world?
Have we reached the pinnacle of cloud portability? Not exactly. It still requires some degree of effort and planning to migrate applications and scale them seamlessly across cloud environments, even when refactoring applications into a containerized world.
The good news is, these tools, like everything in the cloud world, are rapidly evolving, and new services and innovations appear every day to optimize workloads, security, disaster recovery, and portability. It can be hard to keep up. Containers and the associated management options are just another useful, ever-evolving option to incorporate into a multi-cloud strategy.