Devs love containers -- and ops should, too

Docker containers have dramatically improved the efficiency of software development, and now pioneering ops folks are starting to see the benefits

Devs love containers -- and ops should, too

Unless you’ve been living under a rock, you’ve heard about the benefits of Docker containers: easy packaging of applications for portability and quick deployment, along with a much smaller footprint than VMs (virtual machines). But as Scott McCarty of Red Hat told me in an interview last week, containers are still “five to seven years out before you see the kind of adoption you see in virtualization,” an estimate similar to others I’ve heard.

So what’s the payoff from all the Docker container hoopla in the meantime?

I see a bunch of developers raising their hands. Yes, Docker has already made it much easier for developers to build and test applications without having to wait around for ops to provision VMs. And in many startups as well as advanced tech giants like Google, containers run in production today. Docker containers empower developers.

But even in the near term, the benefits of containers don’t stop there, argues McCarty. “There is a push among early adopters to containerize all kinds of stuff,” he says. In other words, ops is already seeing the advantages of containers, including packaging up some commercial applications. What sort of workloads? McCarty provides a taste:

You look at BIND or DNS or web servers, you look at open source databases and data stores, you look at Java -- they’re all pretty easy to do. Ruby, Python, all these types of workloads are fairly easy. You move into CA Spectrum Network Analyzer, which is an actual workload one of my customers moved into a container, and that gets a little bit harder ... but they got it working.

We’re not just talking about containerization for its own sake. The ability to spin up containers and make them go away in the blink of an eye offers unprecedented convenience. McCarty provides a simple example:

A scanner is not something you want running all the time; it’ something you deploy when there’s a problem. Imagine you have an Oracle database server. You don’t want to necessarily install CA Spectrum Network Analyzer on a critical database server, but you might pull down a Docker container and run it because it’s contained within that file system and it’s not going to pollute the rest of the server with other software. That’s a use case that works right now today that most people are kind of missing.

This isn’t the first time I’ve heard about the operational benefits of containers. Back in June, Microsoft Azure CTO Mark Russinovich suggested that some of his customers were already containerizing legacy applications to deploy and manage them more easily.

McCarty was happy to provide a more dramatic example. Recently, Duke University’s website was hit by a DDoS attack, and containers came to the rescue even though Duke had only begun experimenting with Docker:

The attack brought the entire campus to a crawl, because they use their main load balancers for everything on the campus, including the main website ... My friend [senior automation engineer] Chris Collins, a Red Hat customer, told the CIO: “I think I can put this in a container and move it out to Amazon in no time.”
Within 20 minutes he had the main website packaged up in Docker containers and shipped it out to Amazon ... literally by doing a Docker push to a registry, pulling the site down out there, and running it. They changed the DNS and as the DNS moved over, the attack moved over. They took a ton of load off the load balancers and brought everything back to normal.

As you might guess, this episode sold the CIO on containers. He’d never seen something happen that fast before; migrations are supposed to take months. Now Duke is tackling all kinds of use cases with containers.

There are issues with containerizing big applications -- particularly commercial ones with restrictive licensing. Plus, as McCarty observes, “None of the software that we have today was designed to run in containers, none of it ... There are still a ton of workloads that need to run in VMs.”

That's just a fact. But as not only developers, but also the rest of IT discovers what containers can do, it’s going to be fascinating to see the creative ways operations puts Docker and its related container technologies to work.