VM Admins Must Learn To Be Container Admins
Kiran Kamity
Founder & CEO at Deepfactor | Host @ "Next-Gen AppSec Series" | TEDx Speaker
IT Team Is Slowing Me Down!
Developers have been the primary drivers and adopters of container tech over the last couple of years. The agility benefits that containers provide have been driving developers to use Docker (or other container runtimes) to create containerized applications. Over the last year and a half at ContainerX (@ContainerXinc), as part of conversations with dozens of enterprises, we kept hearing dev and ops folks say this constantly -
My IT is slowing me down with its slow VM provisioning, which is why I want to setup my own environment & run containers.
This belief, I think, is detrimental, and is in fact, going to hurt the enterprise in the long run. In reality, there are two separate problems to be addressed -
- Fixing the VM provisioning process
- Enabling IT to 'manage containers' in addition to 'managing VMs'
VM Provisioning Delays Are A Process Issue
The actual VM creation process is actually pretty quick as most of us know. In some organizations, the process of getting access to a VM takes a while (a few days to weeks in some cases) purely because of the paperwork and approvals needed to let IT create these VMs for the developer requesting it. And building your own departmental infrastructure farm either on-prem or on the public cloud isn't going to 'fix' this! You may make it better in the short term for your own team, but the developer will pretty quickly run into her 'day job' of writing code, and the infrastructure maintenance issues will be neglected. This could eventually lead to either a part time 'night job' of maintaining VMs or the infrastructure 'getting out of date'. You also run the risk of this departmental infrastructure not meeting the same corporate security standards. Moving to containers isn't going to solve this either.
In fact, you shouldn't move to containers because you think your IT team is slow! You should move to containers if there is a real benefit with respect to application agility or cost.
Bottomline - If VM provisioning is super slow in your company, try to discuss the process of approvals and see if there is something there that can be automated or eliminated. Trying to build departmental infrastructure by going behind/around IT is only going to make things worse in the long run.
Enabling IT To Manage Container Infrastructure
Once you know you want to use containers, the best way to ensure success is to bring IT or Ops into the equation and making them equal stakeholders in this project. After all, creating a containerized application is only one part of the problem. Building/procuring and maintaining the infrastructure to run containers is equally important. You may not really care about it during the POC stage. But planning for it while the developers are containerizing their applications, will help enable IT or Ops to have a 'corporate-blessed' infrastructure ready to go, by the time the developers are ready with the containerized application.
Today, most IT teams are providing VMs to developers, who then install Docker engine and tie up storage/networking etc manually. This is because IT is still not ready to manage containers. Ideally, IT should be providing a container host (or a cluster/pool/ environment) when developers want to run containers. As containers become a first class citizen over the coming months/years, there should be a process in place for IT to maintain a container infrastructure environment, and provide quick and easy access with appropriate access controls to multiple developer teams.
How Do I Enable IT To Manage Containers?
If your company's DNA is to build rather than buy, train the IT organization to build container clusters using several opensource tools like Mesos, Kubernetes or Docker. If you do not want a Do-It-Yourself project & would rather get going quickly with a commercial offering, you can always reach out to us at ContainerX (www.containerx.io, @ContainerXinc).
___
Sign up for ContainerX beta @ ContainerX's website
Twitter @ContainerXincLinkedIn www.dhirubhai.net/company/containerx
CGO at NES-BWB
9 年The agility and flexibility of containers are without question. But there are still many hurdles to clear in regards to performance. If the application is sensitive and/or has bandwidth requirements, the placement of the container (bare metal, in VM, etc) and the tuning of that container can become quite onerous. I am excited for the evolution of containers but in particular, the networking is still fairly primitive and needs more of both time and focus to evolve.
Focused on GenAI for NatSec | ML certified & Sr. Solutions Architect @ AWS
9 年VMware's vRealize Automation combined with VMware's PhotonOS, gives your customers the ability to provision VM's on their own and PhotonOS gives developers containers as well with vRealize Orchestrater being the glue for it all. It's truly a great solution stack.
VP & GM | CEO | AI Cloud | x-Google I GTM Leadership | Transformation Leader
9 年I agree, Kiran, developers are pushing container for all benefits it brings to the table. However, I have meet a few enterprise companies and the feedback is they do not need that, than you ask how their VM provision process work and their SLA and the answer is: we are doing well, and we provide a VM in 24 hours after all paper process be approved and at the end, they believe is ok. that mind set is changing for sure, and developers need to push stronger for agility, and that is why everybody uses SaaS models and why shadow IT exist. Container as a service has more traction than on-premise