Containers are similar to Virtual Machines (VMs), with file systems, Central Processing Units (CPUs) and their own memory, but with the added benefit of being decoupled from the underlying infrastructure, so they are portable. Thus, they offer a new way to build, organise and run cloud applications, which are scalable, agile, faster and quicker to deploy.
Containerisation allows businesses to drive up server utilisation, adding value by reducing unnecessary resources, and container orchestration allow businesses to auto-mount the storage of choice, whether local or in the cloud, for unprecedented flexibility and agility.
It also offers automated roll out and rollback, which allows for swapping between restore points and going back to any given point in time. Faster reaction and time to market are hugely beneficial when business demands such agility. If Kubernetes is properly implemented, the biggest benefit is seen in the productivity gains of the organisation and its staff, and the improvements in go-to-market speed.
This technology also provides more time on code, which means businesses have more time to develop features their customers want and spend less time on debugging. Kubernetes can be commissioned on the fly, and guarantee consistency for deployment, for improved testing capability.
Furthermore, it reduces spend on operating system licences and decreases the number of manhours required to patch and fix. It also decreases the need for costly support for legacy environments and is open source so there are many support resources available.
However, as with any technology implementation, the biggest challenge is ensuring adoption by IT operations and staff, thus ensuring that people, processes and technologies work together. In addition, backup and recovery, data management and security are still requirements, so businesses need to consider how these will be affected by the adoption of containerisation.
Although containers enable speed, portability and microservice architecture, they also introduce a few risks: they may create security blind spots and increases the attack surface because the distributed nature of containers makes it more difficult to maintain visibility. This distributed nature also separates components, potentially creating gaps where security risks could creep in.
When an application is installed, troubleshooting becomes a challenge due to the sheer number of opportunities for misconfiguration and vulnerability. In addition, it does not provide a native mechanism to encrypt, manage and share sensitive information, meaning that a data management system becomes a crucial component.
Organisations wanting to get the most out of their Kubernetes investment must have strong governance policies and procedures in place. Businesses need to look at how images are being built, how sensitive data is being handled, stored and accessed.
From a security perspective, visibility is critical in terms of understanding what is being deployed, where and how, who is accessing it, and whether or not it is compliant with enterprise requirements.
