Edison encountered a problem when inventing the light bulb, that is, the light bulb needs a wire to connect with the lamp. Until today, the spiral bulb base (also known as the Edison screw base) has become the standard, which allows almost all bulbs to be screwed onto the lamp, whether it is a table lamp or a chandelier.
The Docker container invented by Solomon Hykes ten years ago has a similar effect, that is, by packaging, any Linux application can be inserted into any Docker container on all Linux OS, without cumbersome installation. Its biggest advantage is that multiple containerized applications can be inserted into a single instance of the operating system, and each application is securely isolated from each other, and only communicates with the operating system through the Docker API.
Compared with the VM (Virtual Machine), a common tool for deploying and extending applications on the physical computer in the form of a cloud, this shared mode stack is much lighter. Due to its lightness and portability, developers can process multiple containerized applications on a laptop and upload them to a selected platform for testing and deployment. In addition, compared to VMs, containerized applications start faster, requiring only a blink of an eye, and VMs usually take a minute to start.
To master the actual impact of containers, users also need to understand the microservices model of the application architecture. Many applications will be broken down into small single-purpose services that communicate with each other through APIs, so each microservice can be updated or extended independently (this is very different from traditional monolithic applications). It turns out that microservices and containers are a perfect pair.
How to make containerized microservices work together perfectly, just like an application? At least for larger microservices applications, they can use Kubernetes. As an open source orchestration engine, Kubernetes allows users to deploy, manage, and extend microservices applications and ensure the availability of microservices-based applications. They can also be moved across platforms if needed.
Now that the era of microservices has arrived, whether new services can be expanded instantly or updated without downtime is critical to a large number of modern applications. No matter how these services are managed, the container will establish its own standardized and concise interface.
Large-scale application of containers to production
In the article “Containers and Kubernetes: Three Successful Change Cases” (please follow this newspaper’s follow-up report), special author Bob Violino discusses the use of Kubernetes by Expedia, Clemson University, and financial services company Primerica. UK Group editor Scott Carey wrote an article called “Kubernetes Meets the Real World: Three Success Stories” (see Issues 5-6 of this issue), which examines Bloomberg, News UK and travel data provider Amadeus Similar efforts made. As Barry Pellas, Chief Technology Officer of Primerica said, “It is challenging to have the right skill team to develop properly in a Kubernetes environment.” But whether it is challenging or not, for large-scale coordination of containerized services, Kubernetes Now it has become a widely accepted solution.
The advantages of Kubernetes are very suitable for solving the difficult problem of container networking. As explained by Network Edward’s contributor John Edwards in “Digital Transformation Needs to Focus on Container Networks” (see issues 7-8 of this issue), container networks have little resemblance to data center networks. Not only is the container network completely defined by software, but Kubernetes itself can handle all routing requests and network connections without human intervention. All these connected services are collectively referred to as a service grid, which belongs to another open source project, Istio, whose focus is on processing, that is, allowing administrators to manage traffic, control policies, and discover services.
Istio also provides some security measures, such as TLS secure communication between services. However, containers in production are a completely new field, and some large companies have decided to keep security in their hands. Lucian Constantin, a senior writer on the CSO website, explained in detail the article “How does Visa build a container security solution” (please follow the follow-up report of this newspaper) on container monitoring, security policy implementation, and incident detection and remediation. Lucian believes that this is a typical “self-built vs. purchase” decision: what happens when existing solutions no longer look reliable or lack the right combination of features? Do you build new solutions yourself or buy from others?
On the other hand, CaaS (container-as-a-service) products from cloud service providers may be more accurate in describing Kubernetes-as-a-service solutions. Amazon Web Services, Google Cloud Platform and Microsoft Azure all provide their own CaaS features. However, just as Isaac Sacolick, the contributing editor, wrote in “PaaS, CaaS or FaaS? How to choose? “(Please pay attention to the follow-up report of this newspaper) said that CaaS is not the only container management option for users. Users can choose PaaS (Platform as a Service), but it usually sacrifices configurability at the expense of faster development and deployment. FaaS (Function as a Service) products (also known as serverless computing platforms) provide a higher level of abstraction, enabling developers to quickly compose services using small discrete functions. The FaaS solution is to run containers in the background, and developers ca n’t even see them, let alone manage them.
What advantages do end users of such container solutions have? Generally, its software can be updated and improved at a faster rate. Microsoft has also introduced a brand new container, which can ensure that old applications run properly on the Windows 10X operating system for dual-screen devices. This particular container improvement can help Microsoft get rid of the backward compatibility issues that have restricted Windows development for many years.
An important advantage of containers is agility. They can be easily moved and inserted into many platforms, eliminating unnecessary dependencies. In addition, they can be reused and recombined into different applications. As an enabler of the flexibility of a microservices infrastructure, containers can help maintain small, dispersed teams, each of which is responsible for its own microservices—a reasonable division of labor can help teams develop better software at a faster rate.
On a purely technical level, like a screw-type bulb base, the container is very unremarkable, but it has great significance for applications that have not been developed and applications that users will use for many years.