Sashkin - Fotolia
Containers are changing the way that applications are developed, deployed, scaled and migrated, but security concerns remain. Container technology installs a virtualization layer and manages virtual instances atop a common host operating system, and vulnerabilities within the OS or containers can potentially impact additional -- or even all -- containers. Such concerns have slowed enterprise adoption for mission-critical workloads. VMware has introduced Integrated Containers as a means of isolating and managing containers. Let’s take a closer look at vSphere Integrated Containers and learn more about the components and principles involved.
VMware vSphere Integrated Containers (VIC) was designed to be managed through the existing vCenter Server deployment, though a VIC plug-in will be needed for vSphere Web Client. Using the familiar vCenter Server eases management overhead by eliminating new management tools and training.
Once vSphere Web Client is updated for VIC, administrators can monitor and manage containers and conventional VMs simultaneously. Web Client will allow new virtual container hosts to be created, detail container resource utilization and outline container port mapping -- how the containers are communicating and interconnected to one another.
In addition, VIC maintains a cache of container images in Virtual SAN, network file system or local data stores. These images include the base operating system and other file system layers that can be applied to modify, or fork, the OS applied to specific containers. Web Client will report information about the image composition of each container. Tracking and auditing the image composition used for each container can help software developers ensure the correct container environment for the application components -- such as ensuring that a microservice is running the right modified OS version. Administrators can also use such management details to troubleshoot container problems, audit software use and so on.
Container workloads in VIC are also supported by VMware tools including vSphere Distributed Resource Scheduler, vSphere High Availability and vSphere vMotion. These tools can modify and move containers while enhancing availability, allowing administrators to maintain service level agreements for container-based enterprise workloads alongside conventional VMs.
What sets VIC apart from other containers?
Five drawbacks of container technology
Why users should embrace vSphere Web Client
VMware must attract developers with its container play
Dig Deeper on VMware performance enhancements
Related Q&A from Stephen J. Bigelow
Learn how load balancing in the cloud differs from a traditional network traffic distribution, and explore services available from AWS, Google and ... Continue Reading
Access management is critical to securing the cloud. Understand the differences between AWS IAM roles and users to properly restrict access to AWS ... Continue Reading
Containers have rapidly come into focus as a popular option for deploying applications, but they have limitations and are fundamentally different ... Continue Reading