{"id":19976,"date":"2016-01-20T17:26:23","date_gmt":"2016-01-20T17:26:23","guid":{"rendered":"http:\/\/www.businesscloudnews.com\/?p=243342"},"modified":"2016-01-20T17:26:23","modified_gmt":"2016-01-20T17:26:23","slug":"containers-3-big-myths","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/containers-3-big-myths\/","title":{"rendered":"Containers: 3 big myths"},"content":{"rendered":"<p><strong><a href=\"http:\/\/www.businesscloudnews.com\/files\/2016\/01\/schneider.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignright size-full wp-image-243362\" src=\"http:\/\/www.businesscloudnews.com\/files\/2016\/01\/schneider.jpg\" alt=\"schneider\" width=\"200\" height=\"200\" \/><\/a>Joe Schneider is DevOps Engineer at Bunchball, a company that offers gamificaiton as a service to likes of Applebee&#8217;s and Ford Canada. <\/strong><\/p>\n<p><strong>This February Schneider is appearing at <a href=\"http:\/\/containerevent.com\/\">Container World<\/a> (February 16 &#8211; 18, 2016 Santa Clara Convention Center, USA), where he\u2019ll be cutting through the cloudy abstractions to detail Bunchball\u2019s real world experience with containers. Here, exclusively for Business Cloud News, Schneider explodes three myths surrounding one of the container hype\u2026<\/strong><\/p>\n<p><strong>One: \u2018Containers are contained.\u2019 <\/strong><\/p>\n<p>If you\u2019re really concerned about security, or if you\u2019re in a really security conscious environment, you have to take a lot of extra steps. You can\u2019t just throw containers into the mix and leave it at that: it\u2019s not as secure as VM.<\/p>\n<p>When we instigated containers, at least, the tools weren\u2019t there. Now Docker has made security tools available, but we haven\u2019t transitioned from the stance of \u2018OK, Docker is what it is and recognise that\u2019 to a more secure environment. What we have done instead is try to make sure the edges are secure: we put a lot a of emphasis on that. At the container level we haven\u2019t done much, because the tools weren\u2019t there.<\/p>\n<p><strong>Two: The myth of the ten thousand container deployment <\/strong><\/p>\n<p>You\u2019ll see the likes of Mesosphere, or Docker Swarm, say, \u2018we can deploy ten thousand containers in like thirty seconds\u2019 \u2013 and similar claims. \u00a0Well, that\u2019s a really synthetic test: these kinds of numbers are 100% hype. In the real world such a capacity is pretty much useless. No one cares about deploying ten thousands little apps that do literally nothing, that just go \u2018hello world.\u2019<\/p>\n<p>The tricky bit with containers is actually linking them together. When you start with static hosts, or even VMs, they don\u2019t change very often, so you don\u2019t realise how much interconnection there is between your different applications. When you destroy and recreate your applications in their entirety via containers, you discover that you actually have to recreate all that plumbing on the fly and automate that and make it more agile. That can catch you by surprise if you don\u2019t know about it ahead of time.<\/p>\n<p><strong>Three: \u2018Deployment is straightforward\u2019 <\/strong><\/p>\n<p>We\u2019ve been running containers in production for a year now. Before then we were playing around a little bit with some internal apps, but now we run everything except one application on containers in production. And that was a bit of a paradigm change for us. The line that Docker gives is that you can take your existing apps and put them in a container that\u2019s going to work in exactly the same way. Well, that\u2019s not really true. You have to actually think about it a little bit differently: Especially with the deployment process.<\/p>\n<p>An example of a real \u2018gotcha\u2019 for us was that we presumed Systemd and Docker would play nice together and they don\u2019t. That really hit us in the deployment process \u2013 we had to delete the old one and start a new one using system and that was always very flaky. Don\u2019t try to home grow your own one, actually use something that is designed to work with Docker.<\/p>\n<p><strong><em>Click <a href=\"http:\/\/containerevent.com\/\">here <\/a>to learn more about Container World (February 16 &#8211; 18, 2016 Santa Clara Convention Center, USA),<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Joe Schneider is DevOps Engineer at Bunchball, a company that offers gamificaiton as a service to likes of Applebee&#8217;s and Ford Canada.<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3873,3874,2061,1297],"tags":[112],"class_list":["post-19976","post","type-post","status-publish","format-standard","hentry","category-bunchball","category-container-world","category-containers","category-opinion","tag-devops"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/19976","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=19976"}],"version-history":[{"count":2,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/19976\/revisions"}],"predecessor-version":[{"id":20001,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/19976\/revisions\/20001"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=19976"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=19976"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=19976"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}