In case you haven’t noticed, we are on rapid march towards realising full capacity of cloud infrastructure & its services. Having multi cloud, hybrid infrastructure & avoid vendor locking is the dream!
Building & running your apps in container on cloud is major step towards the dream. Few months back I wrote, presented & talked on Docker with DevOps - One step towards Microservices, Docker Ecosystem for Microservices & Self-Healing Systems using Docker. These blog posts/presentations help you in understanding basics & benefits of cloud, Docker, DevOps.
Containers (aka Docker) comes with some benefits & complexities. Your apps in container without container management framework, are like your luxury car without wheels & steering.
This post is series of questions & answers, I ask myself & answer myself. Weirdo!
Let’s start . . .
What is Container Management Framework?
A container management framework is a solution used to build, ship & deploy your app in containers. Docker, as a container has become a standard.
Container Management Framework helps you to build CaaS (Container as a Service) solution.
Containers as a Service (CaaS) is a model where IT organisations and developers can work together to build, ship and run their applications anywhere. CaaS enables an IT secured and managed application environment consisting of content and infrastructure, from which developers are able build and deploy applications in a self service manner.
Are they different from Container Orchestrator tool?
Yes… Orchestration is just a piece of the puzzle, but choice of the orchestration layer often drives the ‘Container Management Framework’ selection decision.
Some popular container orchestration tools are as following.
Don’t be blinded by orchestration capabilities. Focus on governance, security and policy enforcement; this will be the most important factor for production workloads.
Orchestration tools are very much IT operation (ITOps) focused & don’t solve full life-cycle of application (Dev).
Container Management Framework goes beyond the orchestration & will not only integrate the various management elements to form a whole, but also ensure that the management elements are compatible with each other.
Good! Can you name some of Container Management Framework?
Sure, followings are some popular container management frameworks.
- Docker Enterprise
- RedHat OpenShift
- Mesosphere Enterprise DC/OS
- CoreOS Tectonic
From popular cloud providers:
Ok, what does container management framework bring on table?
1) Scheduling of containers:
Placement, replication, scaling, rescheduling, upgrades, rollback of containers.
2) Computing resource management:
Memory, cpu, volume, port, ip, image, network of containers.
3) Management of services:
Service discovery & orchestrating multiple containers together (using label, group, namespace, load balancing, readiness checking, health checking).
Access control, isolation, resource utilisation, limits & quotas, network segmentation & encryption.
All above capabilities are usually solved by orchestration tools. There are more container management framework, can do for us.
Okey! what else can container management framework do for us?
They should provide seamless integration with -
5) Image registry:
A place where you can store & distribute container (Docker) images.
- Docker Trusted Registry
- Docker Hub
- AWS ECR
- Google Container Registry
- Azure Container Registry
6) Source Control Management:
A version control system, where your code, configs & documents are being stored.
7) Persistant Storage:
Place to store all your app data. A software-defined storage (SDS)
Data is mission critical & storage technologies in container world, to support stateful services, are yet to be matured.
You may want to continue with your traditional storage solution until world settles for stateful containers.
8) Security solutions:
Enforce security policies, manage secrets, security scanning, image signing.
9) Load balancer:
To manage & distribute your external traffic.
Log management, Metrics collection, time-series monitoring, analytics & visualisation & alerting
11) Authentication & authorisation:
Policy compliance, role based access control (RBAC), app to app communication
12) Continuous Integration:
Developers to integrate code into a shared repository & verified by an automated build, allowing teams to detect problems early
13) Continuous Delivery:
Release into production of application that passes the automated tests, after necessary approvals
Brings all the pieces (system alerts, notification etc.) and people/teams you need together. Enables ChatOps.
Hummm… anything else they should be integrated with…
Probably also with -
15) Cloud provider services
16) Billing system
17) Auditing system
Phew! That’s exhaustive list!
Anything container management framework can’t do or will not do?
Infrastructure (computing, network & storage) provisioning, scaling up / down, upgrading / rollback / security fixes.
Manage itself (Container Management Framework):
Install / bootstrap, upgrade / rollback / security fixes, disaster recovery of container management framework itself.
WHAAAT !!? Then… how am I gonna get those things done?
That is out of scope of container management. You should have cloud infrastructure.
Use infrastructure provisioning tool to provision your infrastructure & use some configuration management tool to setup your container management framework.
Don’t forget to have disaster recovery plan in place.
Can you give your recommendations on container management frameworks?
Recommendations!? No! I can’t & I should not. one size doesn’t fit all.
But I can suggest you how to reach on your decision to choose one.
First choose a cloud provider (public / private).
Decide on what cloud services you are gonna use to build infrastructure (VMs / bare metal).
Make a checklist (based on your need) as listed above in this post & see which Container Management Framework best suited to you.
Choose tools which will help you to create infrastructure, deploy container management framework & upgrade / patch it.
Don’t forget to adopt DevOps tools & principles for your apps. Check DevOps - An Introduction.
I would love to listen your feedback.