The rise of containers and serverless computing has some folks asking if the time of the virtual machine (VM) is over. Of course, we haven’t reached the end of the VM era, but we have seen accelerated cloud adoption amid the COVID-19 pandemic.
This acceleration is moving the needle on containers and serverless computing and enabling businesses to optimize further—just as the adoption of virtualization did. With the increased adoption of cloud-based Platform as a Service (PaaS) and Software as a Service (SaaS) offerings, responsibility for the Infrastructure as a Service (IaaS) layer, which includes VMs, will continue to shift to cloud service providers.
Gartner, Inc. predicts 90% of global organizations will be running containerized applications in production by 2026—up from 40% in 2021. In addition, 20% of all enterprise applications will run in containers by 2026—up from fewer than 10% in 2020.
The cloud, containers and serverless technology provide great value. However, they also require the organizations that use them to think and act in new ways. This article explores containers and discusses three considerations your organization needs to address when using these technologies.
What Are Containers?
Containers provide efficiency and optimization for IT operations. Every VM is packaged with an operating system (OS) layer. With containers, you have a shared OS layer abstracted by the container engine, allowing you to use containers like interchangeable building blocks.
Container technology offers several benefits, which organizations need to understand to use this technology well. Containers:
- Enable innovation by accelerating application development, allowing organizations to rethink their services and quickly bring new capabilities to market
- Support an agile DevOps approach, enabling you to deliver software 200 times more frequently
- Offer the promise of building once and deploying anywhere
Tip 1: Ask Yourself If You Need Compute Running All the Time
Serverless technology works like an API call. It allows you to invoke functions without running your container or VM. For example, if you have a data ingest functionality that picks up data once every few hours, you don’t have to run that service 24/7 to ingest data for a few seconds. Instead, you can use serverless technology on demand for that job.
This is a great way to optimize your IT spending. This is possible because cloud providers now offer serverless functionality. Serverless technologies are often supported as stateless containers launched on demand in the back end, and the cloud provider fully manages their life cycle, enabling greater operational efficiencies.
This represents a massive rethink in computing. Ask yourself whether you need compute running all the time. If the answer is no, you can employ serverless technology anytime on demand. The serverless approach requires zero infrastructure management and offers agility and scalability. Companies including Netflix have adopted it to deliver highly available services to millions of customers.
Tip 2: Underpin Container and Serverless Efforts With Security
Cyberattacks have increased in recent months. In embracing containers and serverless technology, ensure your efforts are underpinned with security—and keep in mind that securing these new technologies requires a new approach.
People are comfortable with approaches such as antivirus, patching and endpoint protection for securing VMs. With containers, you have to shift to address security earlier in the development life cycle. Securing containers involves more than scanning the contents of a container. It requires integrating and automating security checks along the development cycle from start to finish. In this way, container security is mandating and partly enabling DevSecOps as the next evolution of continuous integration/ continuous delivery (CI/CD) pipelines for enterprise software development.
Securing serverless technology is like securing APIs. It would be best if you protected against threats, including malicious parameter data, identity attacks and attacks on insecure transport. In addition, you need to make sure hackers can’t inject serverless functions with harmful data or stage denial-of-service attacks or mine for private data.
Also, address identity and access management as part of your container and serverless strategies. If those are your endpoints, you need to ensure they’re secure. Assume you’re using serverless technology to ingest and retrieve some secure data. You want to restrict access to that data by creating role-based access. Unfortunately, people sometimes forget about this critical aspect of security.
Tip 3: Consider the Human Element
The move from physical servers to VMs took time and effort for people to get comfortable with and adopt. However, initial concerns about the overhead of a hypervisor and resource contention by multiple workloads have been largely mitigated now.
Containers and serverless technology require an even more significant cultural shift. That changes the skills you need for IT operations. Now, you don’t need resources doing VM management tasks like patching, for example. As you adopt containers and serverless technology, make sure you transform your workforce to acquire digital and cloud-native skills and adopt more of a DevSecOps stance to address new requirements.
The cloud has helped organizations meet the challenge of today’s world to expedite business transformation and become more agile, competitive and resilient. Adopting containers and serverless technologies as part of your cloud transformation journey can help you go even faster, bringing business services to market more quickly with a lower total cost of ownership.
It’s a whole new world.