9 minute read
MANAGING CONTAINERS
MANAGING CONTAINERS WITH KUBERNETES
Kubernetes and its variants from leading vendors have taken the lead in helping manage containers in multi cloud environments
– By R. Narayan
In the past few years, Container technology has become quite integral to how workloads are managed on cloud and across. As the multi-cloud era goes mainstream and with the need for flexibility of moving applications across clouds or between cloud and on-premise, Containers help achieve that portability challenge as they essentially decouple applications from the OS and rest of infrastructure underneath. This makes it easier to deploy the containers across other clouds or OS.
Containers by definition cannot be changed as they have an immutable code that maybe running and with a ready to run software package stored as an image. To make changes, a containerized image needs to be recreated with the change included. The software to execute a container is called container runtime and there are several container runtimes including Docker, containerd, CRI-O etc.
While containers help run the workloads, they still need to be managed as there could be issues such as a container that isn’t running and needs to be replaced by another, which is where there is the need for a container management system. Kubernetes has emerged in recent years as the popular orchestration system for managing containers while Docker itself remains the popular container technology. Kubernets is perhaps being seen as one of the fastest-growing infrastructure platforms.
Kubernetes had been set up by Google as an open source project back in 2014. It is used to automate application deployment, scaling, and operations of containers. It helps execute provisioning and scheduling containers/clusters to ensuring container availability, managing and monitoring containers etc.
According to Paulo Pereira, Director, Systems Engineering – Emerging Markets and Eastern Europe at Nutanix, “Docker is a container technology, like many others in the market while Kubernetes is an orchestration tool for containers, be that docker or something else.”
Michael Cade, Senior Technologist Product Strategy at Veeam Software gives a more descriptive analogy to illustrate the difference between a container such as Docker and Kubernetes. He says, “While Kubernetes is a container orchestration engine, Docker is a container engine. Think of a hotel with all its rooms for sale or rent to the public. As the hotel owner, you can choose to manage the room booking and sales process yourself or you can let a well-known travel site sell your rooms for a small fee or overhead. The rooms can be considered as containers and can absolutely be run alone with no container orchestration (this would be the commercial travel site) but and this depends on the value, it can be managed by a travel site, the travel site will look after the vacant rooms and potentially discount rooms to be sold cheaper to fill them or the other way in terms of increasing prices. Think of this as the way of orchestrating workloads up and down dynamically making sure the service is not only available, but it can deal with demand.” Michael Cade Senior Technologist Product Strategy, Veeam Software
While Kubernetes is open source, there are variant distributions of the open source platform from different vendors under different names, such as OpenShift for instance from Red Hat, SUSE CaaS Platform, Nutanix Karbon, VMWare Tanzu etc.
Ihab Farhoud, Director, Solutions Engineering – METNA, VMware METNA says, “Kubernetes is the open source and reliable platform for managing/orchestrating cloud native/modern containerized Apps. Hence, it plays a pivotal role in private/public and multi-cloud environments as it enables applications portability and flexibility (across multiple clouds) and it increases developers and operations productivity, among other benefits, for the container ecosystem.”
VMware announced recently that it offers vSphere with Tanzu as a developer-ready infrastructure, arguably delivering the fastest way to get started with Kubernetes. It helps configure an enterprise-grade Kubernetes infrastructure leveraging the existing networking and storage in as little as an hour.
With different leading vendors now offering different Kubernetes variants to enable customers with application modernization and containerization, these different variants also come with better support than working with the open source product by itself as it could be complex and challenging to configure. Essentially, Kubernetes helps you manage operations of a production environment running containerized workloads.
Paulo Pereira, Director, Systems Engineering – Emerging Markets and Eastern Europe at Nutanix says, “Kubernetes are absolutely critical to manage a large deployment of containers. Containers are the ultimate answer to the issue of portability of applications between private clouds and public clouds. Much has been done with virtual machines but it’s the container technology that really makes this process easy.”
Nutanix provides Nutanix Karbon which is an enterprise-grade Kubernetes Certified distribution that simplifies the provisioning, operations and lifecycle management of Kubernetes with a native Kubernetes experience. Karbon makes it simple to deploy a highly available Kubernetes cluster and operate web-scale workloads.
Responding to how important Kubernetes is from the point of view of data management in the hybrid/ multi-cloud IT infrastructure/ environments, Michael Cade, Senior Technologist Product Strategy at Veeam Software explains that Businesses would be looking at it as a convenient way to move workloads and data freely between clouds as well as between cloud and on site.
He elaborates, “I would answer this in a similar way as when virtualisation came along. It doesn’t mean that it wasn’t integral for every business small and large to adopt virtualisation, some did, and some didn’t to begin with. But fast forward to 20 years with virtualisation. I would say a large percentage of businesses have a majority of their workloads now running some form of virtualisation. Kubernetes as a container orchestration platform is something that many net new businesses will start with today and more mature companies will be looking to invest time, effort and learning in this area to see if it can help adapt businesses be faster, efficient and more performant as well as giving the business an edge in their markets. I think you could also look at Cloud-based Infrastructure-as-a-Service as another trend that we saw come up pretty fast and has been strongly and widely adopted. Being able to move workloads and data freely between platforms regardless of source is something all businesses should be considering.”
SECURITY CONCERNS Cloud native Security is seen as a function of securing four layers, from the base to the topmost as Kebernotes.io points out. The four layers are code, containers, cluster and cloud and if a base layer is vulnerable, securing the upper layer alone wouldn’t make a difference.
Michael says, “Kubernetes doesn’t change or remove any of the security challenges or vulnerabilities with a platform, applications, workloads or data. Kubernetes.IO has some in depth documentation and they reference a number of times regarding “The 4C’s of cloud native security:” Code, Container, Cluster and Cloud / Corporate Data center. Each layer of the Cloud Native security model builds upon the next outermost layer. The Code layer benefits from strong base (Cloud, Cluster, Container) security layers. You cannot safeguard against poor security standards in the base layers by addressing security at the Code level.”
So the base layer, which is the cloud, needs to be quite secure and most trusted. But standards are still evolving although there are enough Best Practices available. When an open source Kubernetes is used, all the security controls need to be configured at your end. The various Kubernetes distributions from vendors would
however come with pre-configured security controls.
Ihab says, “Like any complex system, there are many security and vulnerabilities challenges. Many security problems in early versions of Kubernetes have been resolved in recent versions. But there are still risks that must be understood before trusting it with production data. Best practices in Kubernetes security are rapidly evolving.”
Veeam as a data management leader for cloud infrastructure added a new dimension to its offerings with its partnership announced earlier this year with Kasten’s whose K10 Data Management Platform is purpose-built for Kubernetes, providing enterprise operations teams an easy-to-use, scalable, and secure system for Kubernetes backup and application mobility with operational simplicity.
Michael says, “Simply put, the vision and strategy for Veeam Software is to supply our customers with the ability to protect their data in whatever form that it is presented in. The complexity that these early adopters are finding is the lack of data management and data integrity when it comes to protecting Kubernetes and container workloads. Kubernetes and containers are often compared to Virtual Machines but it is a very different approach. It is very much focused on a different persona., The person that looks after the lifecycle of containers in a Kubernetes environment is not your traditional operations infrastructure admin. They are focused on the application and have more of a DevOps function, but also understand the platform where the application lives. Bringing the infrastructure or platform closer to the application carries its own benefits anyway. But this same approach means that data integrity has to be looked at differently than how we approach virtual machine backup, which has been our focus for 14+ years. This is where Kasten completes that ability to protect these new cloud native workloads."
ADVANTAGE EARLY ADOPTERS As the shift to the multi-cloud infrastructure gains further momentum, the popularity of containerized applications is also growing. And as Kubernetes is open source based, it offers the convenience to porting applications across the multiple environments without the fear of losing out on either availability or performance.
Ihab says, “Increasingly we see that reliable, secure and flexible applications are key to success in just about every vertical, and Kubernetes is a key pillar of developing, delivering, scaling and maintaining applications, irrespective of which vertical and geography an organization might be operating in."
For innovative organizations looking to develop and scale their own softwares as well, there is a good reason as to why they should be adopting container technology.
Paulo say, “Every organization who is developing their own software and is interested in designing applications, which can scale horizontally must have their sights on container technology. Paulo Pereira Director, Systems Engineering – Emerging Markets & Eastern Europe, Nutanix
There isn’t any vertical who can benefit more than other. Whoever is ahead has a competitive advantage. Speed is power and this technology offers a way to release and scale quickly.”
There is in fact an acceleration in terms of container adoption. And it is a reasonable assumption that many among those deployments would be using Kubernetes to orchestrate their container system.
Michael adds, “ESG recently released an eBook of research that covers this exact question and some more trends seen in this space. [Data Protection for Containers] released in September 2020 outlines that amongst those surveyed, 67% currently use containers for production applications. This shows that we are in a full acceleration phase for container adoption. This is only going to continue over the next 24 months. In terms of particular verticals or areas, I would say broadly that Enterprise and Start Ups are the most likely to have the ability to go all in on containers and Kubernetes.”
The global application container market is growing significantly, led by the increasing number of container orchestration services, container data management, container security services etc being available as well as deployed. It is a fair bet that the deployment of various flavors of Kubernetes from different vendors would contribute a big chunk to that expected growth as enterprises look to deploy more containerized workloads .