Arguably, the hottest trend in cloud today is containers, a foundational technology for server virtualization and cloud application deployments.
The key advantage containers have over the more traditional hypervisor and virtual machine-based approach is that each container workload can share a host OS, rather than each virtual machine having it’s own host or guest OS image. A virtual machine takes up considerably more space in memory, and takes more time (minutes rather than fractions of seconds) to deploy and provision. (See figure below)
With such lightweight, efficient workload instances, monolithic applications can be broken down into small, reusable, easily allocated components in a much more modular fashion. This modular, componentized design of applications is called micro-services, and is helping organizations increase their agility and accelerate application design and deployment.
The portability of these lightweight, efficient containers has also been a boon to advancements in DevOps, an increasingly popular application development methodology that better aligns application development organizations with IT departments. DevOps enables a process called continuous integration; meaning small incremental changes to applications (potentially as micro-services) can be rolled out very quickly to meet immediate business requirements, rather than traditional monolithic application development cycles.
Achieving the rapid, incremental deployments-on-demand of DevOps requires a great deal of infrastructure and deployment automation, which can only be achieved with a policy-based SDN automation platform like the Nuage Networks Virtualized Services Platform. With SDN, infrastructure changes, application provisioning and cloud orchestration are all handled programmatically, rather than manually by IT.
But even with the advantages of containers, they are not an obvious replacement for virtual machine (VM) deployments in all cases. VMs still have some key advantages for mission-critical applications like security, high-availability features, and orchestration tools.
From a security perspective, because containers share the same OS kernel, the “attack surface” from one container workload to another is quite large and it’s relatively complex to ensure complete isolation of tenant applications in a multi-tenant environment. With each VM running in its own OS, the connections between VMs are only through the shared hypervisor, a considerably less complex infrastructure component to monitor and secure.
VMs and containers are going to exist side-by-side in enterprise private clouds and service provider networks for many years to come. Since both VM and container formats require virtual networking infrastructures (virtual Ethernet ports, overlay networking and an SDN controller), it is critical to choose an SDN platform that is designed from the ground up for both environments. The Nuage Networks VSP is just such a virtual networking and SDN platform.
The VSP makes the network as dynamic and consumable as the compute infrastructure through the automated instantiation of network services. As the leading open, vendor-agnostic SDN and virtual networking platform in the industry, the VSP provides the ideal solution for heterogeneous cloud environments, with the flexibility to deploy new application and cloud technologies and services in the future without fundamentally changing out the infrastructure.
What about Cloud Orchestration?
Nuage Networks also takes the most open, vendor agnostic approach to cloud orchestration tools and platforms of the leading SDN vendors, particularly with regards to support for OpenStack. OpenStack is one of the leading cloud platform technologies that is evolving to support containers. The OpenStack Foundation whitepaper on container technology states:
Container support is just another example of the basic value proposition for OpenStack – that by utilizing OpenStack as the foundation of a cloud strategy, you can add in new, even experimental technologies, and then deploy them to production when the time is right, all with one underlying cloud infrastructure – without compromising multi-tenant security and isolation, management and monitoring, storage and networking and more.
But organizations also need the flexibility to run other cloud management systems across their container and VM environments besides OpenStack. Many organizations are looking at a range of container-specific orchestration tools such as Docker Swarm, Kubernetes and Apache Mesos.
Much like OpenStack’s primary purpose, these tools automate the resource allocation, container packaging, deployment and provisioning in large-scale cloud environments and help IT administrators cope with container sprawl. In fact, each of these container orchestration engines can run within OpenStack, which can orchestrate across the entire infrastructure (servers, network, storage, etc.), as well as across VM, container-based and physical applications.
For an example of how the VSP can help automate your container-based application deployments, check out this demonstration from Networking Field Day 8 showing the scalability that only Nuage can provide.