2016 Year in Review: Container Technology

By Flux7 Labs
January 6, 2017

Container technology was a well-read topic on the Flux7 blog in 2016, joining our blog on Continuous Integration Best Practices(CI/CD) and AWS Configuration Management as subject areas that received the most attention from our readers. From hardening containers to container based cloud migration frameworks and Docker-based microservices architecture, our DevOps consultants published a great deal of analysis, advice and best-practice approaches to help our readers achieve success with containers in AWS.
Containers, like Docker, continued to gain popularity in 2016 for their ability to serve as automated deployment tools for any application as a lightweight, portable, self-sufficient package that will run virtually anywhere. Businesses across industries are examining how container technology can help them become more agile, improving the quality and reliability of their applications. Our five most popular blogs on the topic cover these subjects and more:  

Docker Security, Hardened Containers and a Layered Strategy
As adoption of Docker grows, so do the number of questions we get about container security, so we eagerly reviewed in this article the new security features of Docker 1.10. The theme of this release was around providing an additional layer of isolation to further increase security. This directly addresses how we like to think about the topic here at Flux7, as best viewed through the lens of layered security. When paired with Linux OS seccomp, CIS Benchmarking and other security tools, it is easy to see how Docker security has grown significantly, all while helping to continue to facilitate the DevOps benefits for which Docker has become exceedingly popular.

Docker Security Scanning: Deep Visibility to Container-Based Vulnerabilities
Continuing with the theme of container security, we turned our sites to Docker Security Scanning. It continuously monitors for new vulnerabilities, provides a detailed list of all the Docker container layers and components, and provides notifications when new vulnerabilities are found. In this article we share two use cases for Docker Security Scanning and hint at our Dockercon presentation with Fugro. (You can click through here to watch a recording of that session, Overseeing Ship’s Surveys & Surveyors Globally Using IoT & Docker.)

Top Ten Considerations When Planning Docker-Based Microservices
As our readers likely know, Docker is a natural fit for a microservices architecture as it inherently features autonomy, automation, and portability. Known for its ability to encapsulate a particular application component and all its dependencies, Docker enables teams to work independently without requiring underlying infrastructure or the underlying substrate to support every single one of the components they are using.

Moreover, Docker makes it really easy to create lightweight, isolated containers that can work with each other while being very portable. Thus Docker is a natural fit for microservices when creating a microservices substrate on which Docker containers can run. Given these benefits, our clients often ask us about the potential stumbling blocks to a Docker-based microservices approach. In this article we shared the top five process considerations and in a subsequent post, Top 5 Technology Design Points for Docker-Based Microservices we share the top five technology considerations — all based on our experience with organizations of various sizes and across industries.

AWS re:Invent 2016 and Container-Powered Migrations
At the re:Invent conference we had the opportunity to present a Flux7-powered case study of a successful containerized migration to AWS. As part of the session, “Getting Technically Inspired by Container Powered Migrations”, Flux7 CEO, Aater Suleman, shared Flux 7’s work with Rent-A-Center to perform a Hybris migration from their datacenter to AWS. This article walks through the technical journey of the creation of a cloud migration framework and refactoring using container technology. For more information about this case study, please see our blog post with Rent-A-Center at AWS.

New Amazon Linux Container Image Removes Branch from Decision Tree
AWS kicked off November with the announcement of a new Amazon Linux container image for cloud and on-premises workloads. As power users of AWS, EC2 and Docker, our AWS consultants were excited about this news as it will greatly ease the upfront planning process for clients, eliminating a dimension from the complex decision matrix we navigate designing a Docker-based setup in AWS. This article walks readers through the reasons why the new Linux container image removes a critical decision-making hurdle.

In our last installment of this four-part series on the most popular topics of 2016, we will take a look more broadly at cloud computing and how the themes we’ve covered thus far play a critical role in creating production-ready, secure, compliant and highly scalable solutions. For ongoing tips, tricks and analysis, please subscribe below.