How to successfully use containers

Containers are making software development more efficient, but there are also limitations.
10 June 2019

Making developers’ lives easier. Source: Shutterstock

In traditional software development, code developed in one environment doesn’t necessarily run the same when deployed in another; there often are bugs and errors.

Running software in containers in the cloud can help developers overcome many of these issues, and adoption of containerization ecosystems like Docker and Kubernetes continues to grow. In fact, 451 Research predicts that application container technology will grow by 40 percent before 2020. And Gartner predicts that by 2022, more than 75 percent of global organizations will be running containerized apps in production.

Why containers?

Containers are making developers’ lives easier by changing the way software delivery is done.

They hold a great deal of promise, particularly in terms of increasing developer speed and efficiency across hybrid infrastructures. Containers, typically, are a collection of pieces of software and environment that run together as a coherent system. Developers make these systems in the form of container images, test them and make sure they’re acceptable, then deploy them to large environments where the container platform instantiates identical replicas from the image, ensuring it’s the same software running everywhere. The reason that there’s a need for containerization is that it enables repeatable deployments of identical software.

Containers require fewer system resources than hardware or traditional virtual machine (VM) environments because they don’t include operating system images. With VMs, developers may need to buy more hardware because they reach capacity more quickly. Though workloads can certainly be placed in VMs, using containers is a superior approach because it has a better chance of success as cloud computing moves from simple to complex, distributed architectures.

Applications running in containers can be deployed easily to multiple, different container platforms and cloud providers. Containers make software delivery simpler and more predictable because they provide a consistent deployment environment that can be used at all stages of the delivery pipeline. Whether you’re building your software, testing your software or deploying software in production, you can use the same environment to host the software. Containers also can help enterprises modernize legacy applications and create new cloud-native applications that are both scalable and agile.

Containers add value but carry risk

It’s important to understand what containers can and can’t do. For instance, they do eliminate some concerns around how the differences between your development environment and your production environment will affect your application. But containers aren’t totally immune to the types of bug and error concerns that plague traditional software development. The fact that flaws, outages and security incidents still occur is proof that testing tools don’t catch 100 percent of issues.

In fact, a recent report by Snyk found that the top 10 most popular Docker images each contain at least 30 vulnerabilities. On top of that, if you install any container with an older version of an application, there’s a high likelihood that it will contain vulnerabilities.

And that means your organization is still at risk for potential system outages and downtime that can cause significant economic and reputational impact. The Ponemon Institute Cost of a Data Breach Study 2018 found that an hour of disruption can cost a small company US$8,000, a medium company US$74,000, and larger enterprises roughly US$700,000. It’s been a challenge in IT that problems come up with mixed-and-matched software, and that’s what containers solve. However, the issue is that if someone creates an exploit that works against one container, now there will be identical software running everywhere – and it’s going to work against all those containers.

A new approach

Rather than just proceeding with sticking applications in containers and running with them, a new approach is needed when it comes to testing, to help ward off these potential problems.

QA teams need to make sure they test containerized apps under all the circumstances that might be present in production. That’s because containers could behave differently due to variables ranging from system hardware to unexpected network traffic. And by testing in production, bugs are detected before they go live, and threats are isolated before they have an impact.

Increased success, lowered risk

Containers offer many benefits when it comes to software applications and software testing, but they also bring some drawbacks. Containers can be used effectively for their predictability and manageability, but their usage cannot be treated like a silver bullet. It’s important to understand the potential concerns and make sure these are taken into consideration when using them. Their effective use helps you release bug-free, vulnerability-free software that serves customers well and reduces the risk of expensive downtime.

This article was contributed by Robert Ross, CTO of Curtail.