Thanks to everyone who reached out following last week’s inaugural IT Modernization Week in Review blog. Containers and container orchestration were in the news this week and that should come as little surprise as container adoption continues to grow. In fact, Gartner predicts that by 2020, more than 50% of global organizations will be running containerized applications in production, up from less than 20% today.
Docker announced Docker Enterprise Edition 2.0 this past week. This announcement expanded several features of the enterprise version of the container system, including support for both Swarm and Kubernetes, allowing both orchestrators to operate together in the same cluster. This means that developers can deploy to Swarm and migrate to Kubernetes using the same compose file. And, regardless of which orchestrator is used, apps can be managed in the same control plane.
We also learned that the latest version of Docker EE features new secure application zones, which help provide greater security by integrating with LDAP and Active Directory to create logical and physical separation in the same cluster as well as set resource access policies. With this new release, you can also set policies around image promotions to automate the process of moving an app from test to QA to staging. And you can enforce rules as to which apps are allowed to be deployed into production.
This release resounds with us because as an AWS consulting partner, one of the approaches we like to take is Security by Design, building security features like security rules, processes and controls into the system from the beginning. With security an inherent part of the system, organizations are able to effectively balance security and agility.
Containers in AWS
Netflix is an oft-touted AWS-based DevOps case study. Successfully delivering almost 7 billion hours of videos to nearly 50 million customers in 60 countries per quarter requires agility and a relentless focus on quality. One of the ways that Netflix has found to empower its DevOps processes is its home-grown container solution, Titus.
According to Netflix, its use of containers has grown from thousands per week to as many as three million containers launched per week this month, all with Titus. Titus hosts thousands of applications globally over seven regionally isolated stacks across tens of thousands of AWS EC2 virtual machines. Now Titus is available to you as Netflix has made it open source. Given Netflix’s use of AWS, Titus has tight integration with the platform:
- supporting IAM roles, which allow secure EC2 applications to run unchanged,
- using AWS Auto Scaling to provide container cluster auto scaling with the same policies that would be used for virtual machines,
- supporting full IP stack containers and AWS load balancing
As Netflix notes in its blog, all these features together enable containerized applications to transparently integrate with internal applications and Amazon services.
Last, HashiCorp made some news around its Terraform Enterprise, announcing in a press release a new option to install a private instance of HashiCorp Terraform Enterprise in private datacenters and public clouds. According to the company, this ability will help enterprises address business and regulatory compliance requirements. As an AWS consulting partner, we are excited to see that AWS will be among the initial deployment platforms, along with Microsoft Azure, Google Cloud Platform (GCP), and VMware.
For additional reading on Terraform, consider these stories from our DevOps blog:
- Infrastructure Provisioning Update: Terraform and CloudFormation
- Flux7 Take: HashiCorp News & DevOps Best Practices
- How to Organize Infrastructure as Code in your Source Code Repository