Senior Solutions Architect

Are you ready?

Containers are becoming increasingly practical in application development environments; but is your organization ready for operating a container-based environment? Using containers is more than adopting a new tool; to be successful, you need to operate them effectively.

In fact, more organizations are planning to use containers in production environments, which makes the question about operationalizing containers more urgent.

What does operationalization mean?

It means looking beyond the technology. It requires organizational considerations in a board range of areas from performance monitoring, patching, and releasing, to team structures and roles and responsibilities.

VMware offers a number of solutions that support Containers:

  • Photon OS – an open source Linux operating system optimized for containers, cloud-native applications, public cloud platforms and VMware infrastructure. The operating system helps you securely build, test, run and manage containerized applications. Photon OS can be integrated with VMware’s vRealize Automation, which means you can easily offer something like Containers-as-a-Service to your developers.
  • vSphere Integrated Containers (VIC) – which is a container runtime for vSphere, allowing developers familiar with Docker to develop in containers and deploy them alongside traditional VM-based workloads on vSphere clusters, and allowing for these workloads to be managed through the vSphere UI in a way familiar to existing vSphere admins. Basically, each container would run in a single VM, making each container represented by a VM, which would streamline container management using existing vSphere skills.
  • VMware Integrated OpenStack with Kubernetes – known as VIO-K enables you to deploy and maintain enterprise-class Kubernetes clusters in an OpenStack environment. You deploy Kubernetes clusters through the VMware Integrated OpenStack utilizing a Kubernetes vApp in vCenter. The vApp provides a workflow that guides you through and completes the Kubernetes deployment process.
  • Pivotal Container Service (PKS) – scheduled for initial release in early 2018, PKS enables customers to deploy and consume container services on vSphere with Kubernetes. PKS leverages the robust vSphere platform to provide high availability, operational efficiency, and security with tight NSX integration.

For the purposes of this discussion, I’m going to focus in on VIC and Photon. They are the most basic solutions and represent an easy on-ramp for customers that are completely new to container technology. While both tools are suitable for Development and Production environments, the ease of deployment of Photon OS containers makes it suitable for developers or proof-of-concepts, while the more sophisticated features of VIC make it ideal for production environments.

What are considerations needed for operating Containers?

Operationalization efforts need to focus on the following areas:

  • Migrating from Dev to Production: How do you plan the migration of your containers from the development environment to the Production environment? A continuous-delivery process will need to be designed to ensure proper container validation in a pre-production environment before releasing to Production.
  • Capacity Planning: As containers are, by definition, small and instantly available for deployment, container-sprawl may become a real issue and therefore forward-looking demand needs to be analyzed in order to ensure enough capacity is available to satisfy requirements.
  • Monitoring: New technology will mandate new monitoring tools be established to ensure issues are captured early. One advantage of using vSphere Integrated Containers is that existing tools such as vRealize Operations can be used to monitor containers. Once the tools are established, dashboards and reports will need to be designed. This will require defining the kind of issues staff should be looking for in the containers’ environment as well as how they can troubleshoot and perform root cause analysis.
  • Event management: A process is required to manage events generated by the container environment. Events will need to be matched to recent and archived events, categorized, and assigned to support staff.
  • Change Management: The existing change management process will need to be enhanced to handle the case for containers, which can be deployed, destroyed and redeployed rapidly. These changes need to be pre-approved, and possibly each change recorded as a standard change. What will be the on-going role of the CAB?
  • Governance: You will need to implement your own internal container registry. RBAC and security processes will be required to ensure that only approved containers are submitted to the registry. Only company-approved security scanned containers can be deployed into production and only approved staff has access to commit, deploy and manage containers in production. How do you build this into your CI/CD pipeline?
  • Team Structure: Another major consideration is the roles and responsibilities of the various staff members making up the Cloud Services Team(s).
    • Who will be responsible for using containers as the basis
      for their service?
    • How will their skills and responsibilities be updated?

For example, the Service Administrator will need new skills for managing the new containers’ environment. The Service Analyst role needs to be developed and trained to monitor the deployed containers and analyze handling of potential issues.

This is the first in a series of blog articles on containers. In part one, I have outlined the top areas of consideration for operationalizing containers in a development and production environments. In the coming weeks, I will focus on each of the areas I have outlined in more detail. If you’re considering containers or already beginning to use them, you’ll want to stay tuned.

Ahmed Al-Buheissi is a Senior Solutions Architect with the VMware Operations Transformation global practice and is based in Melbourne, Australia. Ahmed specializes in defining the operational (integrated organization, people, process, and application of VMware technology) approaches and best practices required for service automation in a cloud environment.