DOCSLIB.ORG

Containers for Virtualization: an Overview

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

ISSN 2255-8691 (online) Applied Computer Systems ISSN 2255-8683 (print) May 2018, vol. 23, no. 1, pp. 21–27 doi: 10.2478/acss-2018-0003 https://www.degruyter.com/view/j/acss Containers for Virtualization: An Overview Vitor Goncalves da Silva1*, Marite Kirikova2, Gundars Alksnis3 1–3 Riga Technical University, Riga, Latvia Abstract – Virtualization has enabled the commoditization of not come without the side effects [6]. Docker is just one of the cloud computing, as the hardware resources have become possible approaches for containers in virtualization; it offers the available to run different environments and share computing complete solution for a container platform. To see the spectrum resources amongst different enterprises. Two technology types are commonly used in virtualization of hardware, namely, hypervisor of the container technology ecosystem, a systematic literature and container. The present paper concerns only container review has been conducted to obtain an overview of container technologies. platform components and their alternatives. A comprehensive overview of the container technologies for virtualization and the dynamics of their popularity have not been II. RESEARCH METHODOLOGY available yet. Without such an overview, the informed fast choice of technologies is hindered. To fill this knowledge gap, a systemic The present paper aims at identifying technologies associated literature review was conducted to reveal the most popular with container technology, summarising its adoption in cloud- container technologies and the trends in their research. based environments, grouping and classifying key components of this technology and finally identifying research trends in this Keywords – Application virtualization, distributed computing, field. To achieve the goals mentioned previously, a systematic distributed processing. literature review has been conducted. Related work. As a first step for conducting a systematic I. INTRODUCTION review, a search for related literature has been performed. Research questions. The goal of this survey is to review Virtualization has enabled the commoditization of cloud existing research in order to assess the adoption of container computing, as the hardware resources have become available to technology and identify trends in this research field. To achieve run different environments and share computing resources the goals, the following research questions have to be answered: amongst different enterprises. As the adoption of cloud • What technologies are associated with the computing has become a norm on a large-scale enterprise implementation, control, and monitoring of containers? level [1], the improvement of resource sharing is a logical next • How is the research distributed in the field? step. Container technology improves the sharing of hardware 1. Publishing entity. resources by eliminating one layer of the infrastructure 2. Chronologically. configuration and setup. 3. Geographically. Running a virtual instance of a computer system in a layer Eligibility criteria. A list of criteria is derived in order to abstracted from the physical hardware is the basic concept of include or exclude certain articles that are found on the related virtualization. The applications which run on top of the subject. The word “container” has homographs and therefore virtualized machine operate without knowledge of any must be searched in combination with lexicons to minimise intermediary layer [2]. unrelated papers appearing in the search results. Two technologies are commonly used in virtualization of Mandatory criteria for including the article are: hardware, the hypervisor and the container. The hypervisor • The study is published in English and available in provides virtual machines (VM), which requires the Scopus [7]. provisioning of an operating system. Containers do not require • The study contains comprehensive conclusions of the provisioning of an operating system; however, they can also performed review or application of container technology. run inside a VM. Both technologies support isolation and multi- One of the following additional criteria must be met to tenancy [3]. Linux containers share close concepts with virtual include the article in the research scope: machines. However, their operational flow presents some • The study considers the subject of Containers in the differences. context of software systems. Container technologies, such as Docker [4], offer • The study considers the subject of Microservices unprecedented agility in developing and running applications in Architecture and its underlying infrastructure. a cloud environment, especially when combined with a • The study considers the subject of DevOps and the microservice-style architecture [5]. It enables the design of adoption of container technology. multiple tenancy applications with less overhead when Matching one of the following criteria results in the exclusion compared with the hypervisor. There are some security of article from the scope of the survey: implications with the use of containers. Thus, the benefit does • Studies were not peer-reviewed or published. * Corresponding author’s e-mail: [email protected] ©2018 Vitor Goncalves da Silva, Marite Kirikova, Gundars Alksnis. This is an open access article licensed under the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0), in the manner agreed with De Gruyter Open. 21 Applied Computer Systems ________________________________________________________________________________________________ 2018/23 • Studies that did not answer the research question at least The resulting list contains 16 articles that qualify according to partially. the search criteria described previously (see Table I). • Studies that did not derive potential future improvements from the research conducted. III. CONTAINER TECHNOLOGY STACK Look-up concepts. Based on the questions that have to be Docker container platform has solutions for most layers of answered during this survey and considering limitations the container technology stack. The layers covered are proposed by the exclusion criteria, at the beginning of container engine, scheduling, orchestration, image management systematic review the domain related concepts and notions have and configuration management. Docker’s market share position been defined. These concepts have been used in the search: and breadth of solutions make its name ubiquitous with • ALL (“containers” AND “cloud”) AND (LIMIT-TO container technology [32]. (SUBJAREA, “COMP”)); • TITLE-ABS-KEY (“microservices” AND (“infrastructure” OR “cluster”)). Look-up strategy. Systematic review guidelines suggest that searching in the title does not always result in all relevant publications. Therefore, the abstract or full-text of articles should also be considered. The search was restricted to the title and abstract of the studies. TABLE I SELECTED ARTICLES FOR REVIEW ON THE SCOPE OF THIS SURVEY Citation Year Title Network Function Virtualization: State-of-the-Art and [8] 2016 Research Challenges Large-Scale Cluster Management at Google with [9] 2015 Borg et al., Containers and Cloud: From LXC to Docker to Fig. 1. Reference architecture of cloud containers. [3] 2014 Kubernetes et al., Hypervisors vs. Lightweight Virtualization: A Containers are an abstraction at the application layer that [10] 2015 Performance Comparison et al., Containerization and the PaaS Cloud packages code and dependencies. Containers provide OS-level [11] 2015 virtualization by leveraging kernel features to isolate processes et al., Skyport – Container-Based Execution Environment and define system usage limits for resources such as CPU, [12] 2014 Management for Multi-Cloud Scientific Workflows memory, disk I/O and network. Multiple containers can run on et al., An Architecture for Self-Managing Microservices the same machine and share the operating system OS kernel [13] 2015 et al., The Research and Implementation of Cloud with other containers, each running as isolated processes in user [14] 2014 Computing Platform Based on Docker space. Containers take up less disk and memory space than et al., Container and Microservice Driven Design for Cloud VMs, containers are also considerably smaller in terms of [5] 2016 Infrastructure DevOps storage space required, with a smaller energy consumption et al., Distributed Systems of Microservices Using Docker footprint [27], and start almost instantly. The container has all [15] and Serfnode 2015 the dependencies it needs to run it: code, runtime, system tools, et al., Leveraging Linux Containers to Achieve High [16] 2015 Availability for Cloud Services system libraries, settings. Available for both Linux and et al., Cloud Services in the Guifi.net Community Network Windows-based apps, the containerized software will always [17] 2015 run the same, regardless of the environment [5], [11]. Those ROAR: A QoS-Oriented Modelling Framework For et al., who want to deploy applications with the least infrastructure [18] Automated Cloud Resource Allocation And 2015 Optimization will choose a simple container-to-OS approach. This is why container-based cloud vendors can claim improved performance et al., Integrating Containers into Workflows: A Case Study [19] 2015 Using Makeflow, Work Queue, and Docker when compared to hypervisor-based clouds [9], [10]. et al., A REST Service Framework for Fine-Grained The layering composition illustrated in Fig. 1. depicts the [20] 2015 Resource Management in Container- Based Cloud
Recommended publications
  • Myriad: Resource Sharing Beyond Boundaries

    Myriad: Resource Sharing Beyond Boundaries

    Resource Sharing Beyond Boundaries Mohit Soni Santosh Marella Adam Bordelon Anoop Dawar Ben Hindman Brandon Gulla Danese Cooper Darin Johnson Jim Klucar Kannan Rajah Ken Sipe Luciano Resende Meghdoot Bhattacharya Paul Reed Renan DelValle Ruth Harris Shingo Omura Swapnil Daingade Ted Dunning Will Ochandarena Yuliya Feldman Zhongyue Luo Agenda What's up with Datacenters these days? Apache Mesos vs. Apache Hadoop/YARN? Why would you want/need both? Resource Sharing with Apache Myriad What's running on your datacenter? Tier 1 services Tier 2 services High Priority Batch Best Effort, backfill Requirements Programming models based on resources, not machines Custom resource types Custom scheduling algorithms: Fast vs. careful/slow Lightweight executors, fast task launch time Multi-tenancy, utilization, strong isolation Hadoop and More Support Hadoop/BigData ecosystem Support arbitrary (legacy) processes/containers Connect Big Data to non-Hadoop apps, share data, resources Mesos from 10,000 feet Open Source Apache project Cluster Resource Manager Scalable to 10,000s of nodes Fault-tolerant, no SPOF Multi-tenancy, Resource Isolation Improved resource utilization Mesos is more than Yet Another Resource Negotiator Long-running services; real-time jobs Native Docker; cgroups for years; Isolate cpu/mem/disk/net/other Distributed systems SDK; ~200 loc for a new app Core written in C++ for performance, Apps in any language Why two resource managers? Static Partitioning sucks Hadoop teams fine with isolated clusters, but Ops team unhappy; slow
  • Is 'Distributed' Worth It? Benchmarking Apache Spark with Mesos

    Is 'Distributed' Worth It? Benchmarking Apache Spark with Mesos

    Is `Distributed' worth it? Benchmarking Apache Spark with Mesos N. Satra (ns532) January 13, 2015 Abstract A lot of research focus lately has been on building bigger dis- tributed systems to handle `Big Data' problems. This paper exam- ines whether typical problems for web-scale companies really benefits from the parallelism offered by these systems, or can be handled by a single machine without synchronisation overheads. Repeated runs of a movie review sentiment analysis task in Apache Spark were carried out using Apache Mesos and Mesosphere, on Google Compute Engine clusters of various sizes. Only a marginal improvement in run-time was observed on a distributed system as opposed to a single node. 1 Introduction Research in high performance computing and `big data' has recently focussed on distributed computing. The reason is three-pronged: • The rapidly decreasing cost of commodity machines, compared to the slower decline in prices of high performance or supercomputers. • The availability of cloud environments like Amazon EC2 or Google Compute Engine that let users access large numbers of computers on- demand, without upfront investment. • The development of frameworks and tools that provide easy-to-use id- ioms for distributed computing and managing such large clusters of machines. Large corporations like Google or Yahoo are working on petabyte-scale problems which simply can't be handled by single computers [9]. However, 1 smaller companies and research teams with much more manageable sizes of data have jumped on the bandwagon, using the tools built by the larger com- panies, without always analysing the performance tradeoffs. It has reached the stage where researchers are suggesting using the same MapReduce idiom hammer on all problems, whether they are nails or not [7].
  • The Dzone Guide to Volume Ii

    The Dzone Guide to Volume Ii

    THE D ZONE GUIDE TO MODERN JAVA VOLUME II BROUGHT TO YOU IN PARTNERSHIP WITH DZONE.COM/GUIDES DZONE’S 2016 GUIDE TO MODERN JAVA Dear Reader, TABLE OF CONTENTS 3 EXECUTIVE SUMMARY Why isn’t Java dead after more than two decades? A few guesses: Java is (still) uniquely portable, readable to 4 KEY RESEARCH FINDINGS fresh eyes, constantly improving its automatic memory management, provides good full-stack support for high- 10 THE JAVA 8 API DESIGN PRINCIPLES load web services, and enjoys a diverse and enthusiastic BY PER MINBORG community, mature toolchain, and vigorous dependency 13 PROJECT JIGSAW IS COMING ecosystem. BY NICOLAI PARLOG Java is growing with us, and we’re growing with Java. Java 18 REACTIVE MICROSERVICES: DRIVING APPLICATION 8 just expanded our programming paradigm horizons (add MODERNIZATION EFFORTS Church and Curry to Kay and Gosling) and we’re still learning BY MARKUS EISELE how to mix functional and object-oriented code. Early next 21 CHECKLIST: 7 HABITS OF SUPER PRODUCTIVE JAVA DEVELOPERS year Java 9 will add a wealth of bigger-picture upgrades. 22 THE ELEMENTS OF MODERN JAVA STYLE But Java remains vibrant for many more reasons than the BY MICHAEL TOFINETTI robustness of the language and the comprehensiveness of the platform. JVM languages keep multiplying (Kotlin went 28 12 FACTORS AND BEYOND IN JAVA GA this year!), Android keeps increasing market share, and BY PIETER HUMPHREY AND MARK HECKLER demand for Java developers (measuring by both new job 31 DIVING DEEPER INTO JAVA DEVELOPMENT posting frequency and average salary) remains high. The key to the modernization of Java is not a laundry-list of JSRs, but 34 INFOGRAPHIC: JAVA'S IMPACT ON THE MODERN WORLD rather the energy of the Java developer community at large.
  • Migration Toward Safer, Secure Data Management

    Migration Toward Safer, Secure Data Management

    Cloud Database Trend Report Migration toward safer, secure data management BROUGHT TO YOU IN PARTNERSHIP WITH Table of Contents Highlights and Introduction 3 BY MELISSA HABIT Key Research Findings 4 BY MATT LEGER Leaders in Cloud Database 11 BY LINDSAY SMITH Ensuring SQL Server High Availability in the Cloud 16 BY DAVE BERMINGHAM Data Safety in Cloud-Based Databases 21 BY GRANT FRITCHEY 28 Diving Deeper Into Cloud Databases To sponsor a Trend Report: Call: (919) 678-0300 Email: [email protected] DZONE TREND REPORT: CLOUD DATABASES PAGE 2 Highlights and Introduction By Melissa Habit, Publications Manager at DZone Trends in cloud data storage continue to accelerate at a rapid pace. Now more than ever, organizations must evaluate their current and future data storage needs to find solutions that align with business goals. While cloud databases are relatively new to the scene, they show tremendous prospect in securing and managing data. In selecting our topic for this Trend Report, we found the amount of promise and advancement in the space to be unparalleled. This report highlights DZone’s original research on cloud databases and contributions from the community, as well as introduces new offerings within DZone Trend Reports. While you may know her as your friendly Java Zone copy editor, Lindsay Smith has stepped into the role of DZone’s Publications Content Manager. Among many new endeavors, she’s spearheading our new strategy for Executive Insights — a series we’ve titled, “Leaders in Tech,” which serves to complement our original research. The series focuses on the viewpoints of industry frontrunners, tech evangelists, and DZone members who share their insights into research findings and outlooks for the future.
  • Remote Attestation on Light VM

    Remote Attestation on Light VM

    POLITECNICO DI TORINO Master's Degree in Computer Engineering Master Thesis Remote Attestation on light VM Supervisor prof. Antonio Lioy Candidate Fabio Vallone Accademic Year 2016-2017 To my parents, who helped me during this journey Summary In the last decade Cloud Computing has massively entered the IT world, changing the way services are offered to the final users. One important aspect of Cloud Computing is the needs to provide greater scalability and flexibility and this can be done by using a technique called Virtualization. This enables us to execute different virtualized ambient on a single piece of hardware. Each virtualized ambient can be seen as a node that offers some services to the final users by exchanging information with other nodes. For this reason the ability to trust each other is growing exponentially. This process is called Remote Attestation and it is from this consideration that the thesis work start. When we say that a node is trustworthy, we are saying that we are sure that all the file that are loaded into memory are the ones that are supposed to be loaded. In other word we need to be sure that the code, and in general the files loaded on that node, have not been tampered by anyone in order to produce a different behaviour of the node. It is important to note that we are not checking in anyway that the behaviour of the machine is logically correct, but we are simply checking that no one has modified it, so bug and logical error can still occurs in the code.
  • A Study on the Evaluation of HPC Microservices in Containerized Environment

    A Study on the Evaluation of HPC Microservices in Containerized Environment

    ReceivED XXXXXXXX; ReVISED XXXXXXXX; Accepted XXXXXXXX DOI: xxx/XXXX ARTICLE TYPE A Study ON THE Evaluation OF HPC Microservices IN Containerized EnVIRONMENT DeVKI Nandan Jha*1 | SaurABH Garg2 | Prem PrAKASH JaYARAMAN3 | Rajkumar Buyya4 | Zheng Li5 | GrAHAM Morgan1 | Rajiv Ranjan1 1School Of Computing, Newcastle UnivERSITY, UK Summary 2UnivERSITY OF Tasmania, Australia, 3Swinburne UnivERSITY OF TECHNOLOGY, AustrALIA Containers ARE GAINING POPULARITY OVER VIRTUAL MACHINES (VMs) AS THEY PROVIDE THE ADVANTAGES 4 The UnivERSITY OF Melbourne, AustrALIA OF VIRTUALIZATION WITH THE PERFORMANCE OF NEAR bare-metal. The UNIFORMITY OF SUPPORT PROVIDED 5UnivERSITY IN Concepción, Chile BY DockER CONTAINERS ACROSS DIFFERENT CLOUD PROVIDERS MAKES THEM A POPULAR CHOICE FOR DEVel- Correspondence opers. EvOLUTION OF MICROSERVICE ARCHITECTURE ALLOWS COMPLEX APPLICATIONS TO BE STRUCTURED INTO *DeVKI Nandan Jha Email: [email protected] INDEPENDENT MODULAR COMPONENTS MAKING THEM EASIER TO manage. High PERFORMANCE COMPUTING (HPC) APPLICATIONS ARE ONE SUCH APPLICATION TO BE DEPLOYED AS microservices, PLACING SIGNIfiCANT RESOURCE REQUIREMENTS ON THE CONTAINER FRamework. HoweVER, THERE IS A POSSIBILTY OF INTERFERENCE BETWEEN DIFFERENT MICROSERVICES HOSTED WITHIN THE SAME CONTAINER (intra-container) AND DIFFERENT CONTAINERS (inter-container) ON THE SAME PHYSICAL host. In THIS PAPER WE DESCRIBE AN Exten- SIVE EXPERIMENTAL INVESTIGATION TO DETERMINE THE PERFORMANCE EVALUATION OF DockER CONTAINERS EXECUTING HETEROGENEOUS HPC microservices. WE ARE PARTICULARLY CONCERNED WITH HOW INTRa- CONTAINER AND inter-container INTERFERENCE INflUENCES THE performance. MoreoVER, WE INVESTIGATE THE PERFORMANCE VARIATIONS IN DockER CONTAINERS WHEN CONTROL GROUPS (cgroups) ARE USED FOR RESOURCE limitation. FOR EASE OF PRESENTATION AND REPRODUCIBILITY, WE USE Cloud Evaluation Exper- IMENT Methodology (CEEM) TO CONDUCT OUR COMPREHENSIVE SET OF Experiments.
  • Department of Defense Enterprise Devsecops Initiative

    Department of Defense Enterprise Devsecops Initiative

    Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e How did the Department of Defense move to Kubernetes and Istio? Mr. Nicolas Chaillan Chief Software Officer, U.S. Air Force Co-Lead, DoD Enterprise DevSecOps Initiative V2.5 – UNCLASSFIED Must Adapt to Challenges Must Rapidly Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 2 Must Adapt to Challenges Work as a Team! Must Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 3 Must Adapt to Challenges Work as a Team! A Large Team! Must Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 4 Must Adapt to Challenges With Various TechnologiesWork as a Team! A Large Team! Must Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 5 Must Adapt to Challenges With Various Technologies Work as a Team! A Large Team! Must AdaptBring To Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 6 Must Adapt to Challenges With Various Technologies Work as a Team! Even To Space! A Large Team! Must AdaptBring To Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 7 Must Adapt to Challenges With Various Technologies Work as a Team! To Space! A Large Team! MustWith Adapt a FewBring To Sensors! Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 8 With Their Help! Must Adapt to Challenges With Various Technologies Work as a Team! To Space! A Large Team! MustWith Adapt a FewBring To Sensors! Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 9 What is the DoD Enterprise DevSecOps Initiative? Joint Program with OUSD(A&S), DoD CIO, U.S.
  • Kubernetes As an Availability Manager for Microservice Based Applications Leila Abdollahi Vayghan

    Kubernetes As an Availability Manager for Microservice Based Applications Leila Abdollahi Vayghan

    Kubernetes as an Availability Manager for Microservice Based Applications Leila Abdollahi Vayghan A Thesis in the Department of Computer Science and Software Engineering Presented in Partial Fulfillment of the Requirements for the Degree of Master of Computer Science at Concordia University Montreal, Quebec, Canada August 2019 © Leila Abdollahi Vayghan, 2019 CONCORDIA UNIVERSITY SCHOOL OF GRADUATE STUDIES This is to certify that the thesis prepared By: Leila Abdollahi Vayghan Entitled: Kubernetes as an Availability Manager for Microservice Based Applications and submitted in partial fulfillment of the requirements for the degree of Master in Computer Science complies with the regulations of the University and meets the accepted standards with respect to originality and quality. Signed by the final examining committee: ________________________________________________ Chair Dr. P. Rigby ________________________________________________ Internal Examiner Dr. D. Goswami ________________________________________________ Internal Examiner Dr. J. Rilling ________________________________________________ Co-Supervisor Dr. F. Khendek ________________________________________________ Co-Supervisor Dr. M. Toeroe Approved by: ___________________________________ Dr. L. Narayanan, Chair Department of Computer Science and Software Engineering _______________ 2019___ __________________________________ Dr. Amir Asif, Dean, Faculty of Engineering and Computer Science ii ABSTRACT Kubernetes as an Availability Manager for Microservice Based Applications Leila
  • A Comparative Analysis Between Traditional Virtualization and Container Based Virtualization for Advancement of Open Stack Cloud

    A Comparative Analysis Between Traditional Virtualization and Container Based Virtualization for Advancement of Open Stack Cloud

    ISSN (Online) 2394-2320 International Journal of Engineering Research in Computer Science and Engineering (IJERCSE) Vol 5, Issue 4, April 2018 A Comparative Analysis between Traditional Virtualization and Container Based Virtualization for Advancement of Open Stack Cloud [1] Krishna Parihar, [2] Arjun Choudhary, [3] Vishrant Ojha [1][2] Department of Computer Science and Engineering, Sardar Patel University of police, Security and Criminal Justice, Jodhpur Abstract: - LXD based machine containerized new concept in the virtualization world. Its give performance to the bare metal virtualizations. A Centralized system is accessed through IP and can be scalable on demand as per requirement, Technology that eases the user problem like hardware, as well as software most popular technologies, is known as Cloud Computing. As per enterprise and industries demand cloud computing holds a big part of IT world. An OpenStack is a way to manage public and private cloud computing platform. A Linux Container Hypervisor brings Cloud Computing to the next generation Hypervisor with its features Fast, Simple, Secure. The main goal of this paper is factual calibrate is determine various virtualization technique and performance analysis. Keywords— OpenStack, LXD, Cloud Computing, Virtualization, Container, Hypervisor power their public cloud infrastructure.[2] The core I. INTRODUCTION component of virtualization is Hypervisors. Analysis of structured and consistent data has seen A B. Hypervisor cloud computing technologies have been rapidly devel- It is a software which provides isolation for virtual ma- oping. resources are dynamically enlarged, virtualized as chines running on top of physical hosts. The thin layer of well as feed as a service over the Internet, it permits software that typically provides capabilities to virtual providers to provide users connected to a virtually parti-tioning that runs directly on hardware, It provides a unlimited number of resources i.e.
  • A Single Platform for Container Orchestration and Data Services

    A Single Platform for Container Orchestration and Data Services

    A SINGLE PLATFORM FOR CONTAINER ORCHESTRATION AND DATA SERVICES MESOSPHERE DC/OS WITH KUBERNETES EASES ENTERPRISE ADOPTION OF NEW TECHNOLOGIES FOR DIGITAL TRANSFORMATION EXECUTIVE SUMMARY Digital disruption is occurring across many industries as technology improvements, ranging from mobile and social to Internet of Things (IoT), are shifting customer behavior and market context. Enterprises mastering digital business technologies are positioned to take advantage of this trend, while poorly equipped incumbents are left behind. This is so widely recognized that achieving a faster pace of innovation is commonly considered a mission-critical investment. Achieving the goals of the investment depends on an organization’s ability to rapidly: ● Iterate in application development – continuously delivering improvements, ● Extract value from data – focused on immediate decision making and response with “fast data” as well as in-depth analytical investigation with “big data”. Best practice rapid application development requires the use of tools like Kubernetes, which serves as a container orchestrator supporting cloud-native methods of continuous deployment, DevOps, and microservices architecture for running stateless applications such as web and application servers. To maximize value from an organization’s data in determining insights and actions requires another set of tools from a diverse, evolving set of stateful (i.e. data store) applications like Spark, Cassandra, and Kafka. Open source tools and cloud computing are a great start, but their rate of change and complexity to operate (i.e. upgrade, scale, etc.) are challenging for most organizations to embrace. Organizations commonly seek a platform integrating a set of tools into a solution. The struggle has been to find a platform that addresses ease of running both cloud-native, stateless applications and data-intensive, stateful applications.
  • Delivering Business Value with Apache Mesos

    Delivering Business Value with Apache Mesos

    White paper: Delivering Business Value with Apache Mesos Executive Summary Case Studies In today’s business environment, time to market is critical as we eBay increased developer productivity and reduced operational are more reliant on technology to meet customer needs. costs associated with virtualisation machine sprawl at eBay Traditional approaches to solving technology problems are failing as we develop and run applications at massive scale. eBay Inc - The worlds leading online auction site Apache Mesos is an open source project that addresses the eBay have heavily invested in continuous integration as a problems of efciently managing data center infrastructure at development best practice. At eBay, each developer gets a scale. Apache Mesos also provides a simplifed abstraction layer dedicated virtual machine running Jenkins, a widely used for your development resources to use, allowing them to focus on continuous integration server. This resulted in 1000’s of VMs delivering customer value. (Virtual Machines), which used physical resources and required operational support. In this white paper, we look at some of the core business drivers in the digital age, the problems of running and developing technology at scale and examples from disruptive companies like Continuous Integration is a development Ebay, Twitter and Airb&B who have Mesos in production. practice that requires developers to The Problems of Technology at Scale integrate code into a shared repository several times a day. Each check-in is then Development teams are spending more time dealing with increasingly complex infrastructures, rather than delivering on verified by an automated build, allowing new product features. Computing resources in our data centers teams to detect problems early.
  • Application Container Security Guide

    Application Container Security Guide

    NIST Special Publication 800-190 Application Container Security Guide Murugiah Souppaya John Morello Karen Scarfone This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-190 C O M P U T E R S E C U R I T Y NIST Special Publication 800-190 Application Container Security Guide Murugiah Souppaya Computer Security Division Information Technology Laboratory John Morello Twistlock Baton Rouge, Louisiana Karen Scarfone Scarfone Cybersecurity Clifton, Virginia This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-190 September 2017 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Kent Rochford, Acting Under Secretary of Commerce for Standards and Technology and Acting Director NIST SP 800-190 APPLICATION CONTAINER SECURITY GUIDE Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.