Did you know that 34% of IT Decision Makers reported they are concerned with adopting containers due to a lack of full visibility?1
Containers are small, agile, and easy to spin up. As a result, they tend to spread quickly, which can ultimately lead to sprawl. Sprawl exists when containers propagate unfettered, consuming resources and negatively impacting other containers or applications. Since containers work on the concept of shared resources, even small changes can have a widespread impact. By breaking deployments into smaller, more manageable parts, we ultimately increase the number and complexity of items to control. Maintaining a manageable number of containers will prevent mishandling, misconfiguration, and resource fragmentation. Visibility helps to keep container use in check, yet it’s often overlooked in the early stages of container adoption. If your current asset management teams are struggling to keep up with the state of physical machines, patches, and apps, the widespread proliferation of containers will only add to the challenge. Furthermore, unmanaged container use may become a security issue, as it can potentially increase the overall attack surface and make systems more vulnerable to threats.
4 Steps to Maintain Proper Visibility with Containers
The use of containers is on the rise. Maintaining visibility into container usage and growth will bring adopters closer to their benefits by actively seeking to avoid problems before they happen. So, what exactly can a company that is new to the use of containers do to ensure proper visibility before diving deep into their use? Here are some suggestions.
- Understand your security requirements
- Document your compliance requirements
- Recognize your host resource requirements
- Map out precisely what your container life cycle looks like (or will look like)
Since containers are highly mobile and flexible assets, there must be a way to see precisely where the containers are, what exactly they are doing, and on what data they are operating. There is a need for sufficient controls to apply policies and constraints to each container as they spin up, move around, and shut down. And it has become increasingly important to be able to control data movements within virtual environments, including where it can go and what resources it can consume, all while ensuring encryption and compliance controls remain in place.
Yet, with the proper insight into container use, the data provided can help with provisioning, orchestration, version control, and infrastructure management, and becomes an essential part of an ongoing containerization strategy. Containers allow IT to run services in isolation, with high fault tolerances, and with better management over resource provisioning. Containers have an intentionally short lifetime, averaging about 2.5 days while traditional and cloud-based VMs have an average lifespan of 23 days. Because of their short lifetimes and hardware-agnostic behavior, containers pose new challenges to IT requiring the need for additional infrastructure monitoring. The lightweight nature of containers allows them to spin up so frequently and change so rapidly that they become much more difficult to monitor and understand than a physical or even a virtual host.
Check out the video below titled, “4 Tips for Overcoming Visibility Challenges.”
Since containers live in the loosely monitored space between hosts and applications, traditional application performance and infrastructure monitoring tools lack the visibility needed to keep containers under control. Gaining insight into container use requires a unique set of monitoring tools not typically available to most technology departments. These specific tools are necessary because container resource management applies all the way through the stack, from physical infrastructure to shared files and operating systems — well beyond the reach of common resource monitoring tools. Since containers share resources, and can even limit access to other applications, there is an increased urgency to understand the exact resources they are consuming. Visibility is not only crucial in monitoring the utilization of physical resources like memory and CPU, but also extends to application, file, and operating system resources.
In response to this growing need of visibility, we see a host of purpose-built container monitoring solutions that help deal with these new complexities, most of which allow for real-time visibility into both virtualized and containerized applications. Not only do they monitor for acute performance indicators such as latency and response time, they also provide visibility into a host of shared resources such as .dll’s, .bin files, and server and network utilization.
Next Steps: Questions about containers? Try to find the answer in this comprehensive guide on containers.
- IDG Research commissioned by WEI, November 2017.