What’s Running inside Your Containers? How about Now?
“You may get a new physical server once a month, you may get a new VM once every ten, fifteen, or 20 minutes. You may get a new container once every ten seconds.”
-Kenaz Kwa, Puppet
It didn’t take long during our conversation with Puppet’s Kenaz Kwa and Tyler Pace to understand the challenge of maintaining an accurate assessment of what’s running in your organization’s containers. And once you do know, how long is that information accurate if 10’s, 100’s, or even 1000’s of new containers are being launched every day?
Kwa shared how as organizations begin to package different types of applications into containers—especially large, traditional applications—the surface area for a potential attack increases. And while security will always be a major concern, it’s far from the only concern that comes with increased container adoption.
Pace described the variety of problems a lack of visibility into a rapidly growing number of containers presents.
“First it’s the proliferation of the number of objects you’re concerned about. When customers go from physical servers to virtual machines it’s about a tenfold increase. 250 servers to 2,500 virtual machines, and we’re starting to see another tenfold increase. 2,500 VMs can become 25,000 containers…You have a volume of information that’s also rapidly changing, and that can create user experience problems, visualization, trying to understand even a small degree of awareness of what’s running in your environment at that scale is an unsolved problem…”
You can hear the rest of our conversation with Kenaz Kwa and Tyler Pace in the latest episode of The Skytap Podcast, recorded live from Dockercon 2017 in Austin, Texas.