Containers sure may be the next big thing, but they are not for everyone. Whether you use containers on AWS, or stick to the traditional instance based workload, will depend on a number of factors.
We went over a bunch of different benefits of using containers to develop your cloud infrastructure, now let’s take a look at the few challenges of the technology — some of which could affect your cloud presence rather drastically, if you or your company is not prepared.
A picture has been painted, a story told, to the masses that are developing cloud applications to quickly adopt containers. But like most things in life, there is another side to this coin. And that is, having the necessary amount of knowledge and skills to enable this new technology.
With all the upsides of using containers on the cloud, like portability, ease of development, and scalability, there are a few downsides to consider as well. Limitations and impediments there are a few, when using containers in both public and private clouds.
Here they are:
It is imperative that you learn the security related limitations of containers before you use them to build your applications. Most security admins still don’t get containers, don’t fully understand the technology, don’t completely comprehend the fact that containers in the cloud don’t have the same security boundaries as virtual machines.
The most prominent being the notion that hackers now have two areas they can exploit — they can find a flaw in the operating system to get access to the container, or find a vulnerability in the container to gain access to the underlying server.
And since containers share components and kernel with the OS, they are inherently weaker and more vulnerable. Mostly due to the fact that they require a deep level of authorization, usually root or administrator access.
Container creation process is another problem, as the container will only be as secure as the state of security of the organization that is creating it. This is all that more important when you leverage containers from public repositories. You need to ensure that you are downloading a legitimate and secure container.
Not all applications are suited for containers, and actually using them makes these applications more complex than they ought to be. There are some applications that are best left monolithic — particularly if they don’t need to scale. Breaking them up into a series of containers will not only make the app more complicated, it may even hinder portability, as all the parts will have to be bundled together.
When done right, containers can save you thousands off of your cloud bill, hundreds of thousands even, in some cases. But in most situations, it is easy to create a container mess in the cloud. Since containers can be launched at a rapid pace, there may be cases where you consume more cloud resources without the understanding that you are doing so.
An orderly shutdown of containers that are not in use is a must if you want to keep costs low.
Containers are a different breed, compared to virtual machines. Because a VM packs in the operating system, drivers, and application components, it is easy enough to migrate a virtual machine to any other cloud platform, as long as a compatible hypervisor is available. Not so much with containers, as they are a lot more coupled with the OS, due to the simple fact that most developers build a large number of dependencies into their containerized applications.
It is for this reason that many Linux containers developed for Docker, cannot run on the current version of Windows Server. This situation is quickly improving, but incompatibilities still remain.
While the benefits outweigh the drawbacks of containers, ultimately, your decision on whether to use them should depend on your skill level and cloud requirements. If you are just starting out, and want to begin by creating a small cloud, then by all means dab into it. But if you are a lone developer tackling an expansive project, then it is a good idea to make sure you know the ins and outs of containers first.
Same goes for large scale enterprise projects. Containers may sound impressive, and work great for your organization too, but they have their peculiar little pitfalls — pitfalls that you absolutely have to cover before you go all in with them.