10 Items to Consider Before Deploying Containers in Your Organization

As containers grow in popularity, here is a list of prerequisites for enterprises to consider before deciding to deploy the technology in their data centers.

Common benchmarks are essential to both container efficiency and security. Look for container communities and products that adhere reliably to established standards.

Containers share the same underlying operating system (the single-host OS). This model offers certain efficiencies, but any vulnerability in the OS can affect the containers it is hosting and any vulnerability in a container can affect the host OS. Look for a container solution built on a hardened OS platform and that supports capabilities such as isolation and vulnerability scanning.

Look for mechanisms that will enable developers to manage containers consistently across physical, virtual and both private- and public-cloud environments.

One of the major benefits of container technology is reusability. But, as the use of containers increases—especially among different entities—there must be some methodology in place to ensure the content of a container can be certified and that any changes made are accounted for. Along change management lines, look for a container platform provider that can ensure your containers and applications are certified and safe to use.

Workload container analysis features can help organizations more safely adopt containers. Look for systems that will enable you to identify risks on different infrastructure levels, including service configuration within an image, tuning and configuration of container storage for optimal performance and file-system monitoring to help ensure registry functionality.

It’s always good practice to provide just the rights that people need to do their jobs and not more. The same holds true for containers. For example, organizations should tightly control access to the container daemon, the process that runs on the host server and supports container management.

Images are the building blocks for containers, and as companies increase their use of container technology, they’re accumulating more and more images. Some of these images will be developed in house, while others will come from vendor and open-source resources. These images can be further layered with additional functionality. That’s the beauty of containers, but as the use—and number—of container components grows, so, too, does the risk that a component will be compromised somehow. Organizations need to ensure they have a system in place to scan for and patch any vulnerabilities that exist in container components.

The easiest way to help ensure container provenance is to run a private registry. Look for solutions that include built-in service options.

In the container world, no vendor or community is an island—at least they shouldn’t be if they are to provide a strong platform on which organizations can build their container strategy. Look for providers with strong, relevant partnerships, which are fundamental for success beyond the initial proof of concept. These providers need to be able to demonstrate strong, strategic partnerships with both open-source and commercial organizations.

Container technology is not new, but the time is right for its widespread use. The container world is changing fast, with more products and vendors coming on board. You’ll be hearing more and more companies touting their container capabilities—regardless of whether they really provide such offerings or are just piggybacking on a hot term. It’s important to leverage resources have that not only a proven history but also a strategic plan for how products and technology will—securely—take shape in the short and long term.