IBM Container Service Makes Docker Production-Ready

Share this post:

Recent offerings in the container space sparked a lot of buzz about Docker, Kubernetes, and ISTIO. Where does IBM stand in all of this? Let’s take a closer look…

IBM Bluemix Container Service builds on open source technology to provide production-ready security, life-long node management, and accelerated innovation for multi-container apps. You can move enterprise-grade Docker containers into production, and hook them to services like Watson for rich user experiences.

Open Source

IBM co-founded the Cloud Native Computing Foundation in 2015, with a mission to be “by developers, for developers”. Around the same time it launched its container service, iterating on an agile release schedule. The advanced capabilities of IBM Container Service is built on a foundation that combines Docker images as the container engine, and the Kubernetes dashboard & API for container orchestration. This snaps into a broader relationship with the open source community via ISTIO, a mesh fabric for microservices that addresses hybrid and multi-cloud environments. Add to that a Dev Ops toolchain that embraces third-party add-ons, and the result is a comprehensive PaaS toolkit for any development environment. Many competitors are stuck with basic functionality, such as intelligent scheduling, automated rollouts, horizontal scaling, and self-healing. IBM Container Service uses that as a starting point, providing key enhancements via a native Kubernetes experience.

Production-Ready Security for Docker

IBM makes container usage for enterprise deployments viable thru private registries, encryption, automated scanning, and isolation policies. Azure and AWS do not. Each layer on the Docker image is inspected, detecting for known vulnerabilities and ISO 27000 policy settings. That includes security misconfigurations on commonly used container applications such as Nginx and Apache. Multi-layered security includes automated encryption of key value pairs within a cluster, as well as the volumes that store those keys. Live scanning of running containers allows detection of new vulnerabilities and configuration drift from the base image.

“You can get the isolation you want. Because of the security profiles that we put on our infrastructure that we provision, the containers can actually be more secure in many cases than someone running their own bare metal machine or VM in a cloud environment.-Jason McGee, IBM Fellow-Containers & Cloud Platform”

Life-Long Node Management

IBM leads Azure and AWS by tightly integrating container orchestration and management tools inside our cloud offerings. After Day One, they will “provision and forget”. In contrast, IBM provisions and then continues to manage the master-level nodes, leaving the worker nodes to your team to customize. They can build a cluster that fits your organization’s exact workload, networking, and compute needs (tunable capacity). Upgrading is upon approval. That enhanced container management facilitates DevOps teams navigating their way through the early stages of cloud infrastructure projects.

Accelerate Delivery

A development team can automate the build, test, delivery, and monitoring with a toolchain for continuous integration/continuous deployment (CI/CD). Assemble a toolchain that fits your team like a glove, using a combination of IBM tools and popular add-ons. Automated quality control checks ease the pain of refactoring legacy apps when moving an organization into a cloud environment. If you’re creating a new app in the cloud, IBM provides a 100% native Kubernetes experience. If they started with another cloud provider, developers will enjoy consistency with base images, JSON/YAML files, and the Kubernetes dashboard.

Automated yet customizable security, combined with persistent volume capability, leads to secure and consistent deployments the development team can rely on. That production-ready security is the green-light to to build multi-container apps and move them into production. These apps can hook into over 130 different services, such as Watson, IoT, and Data Analytics.



via Bluemix Blog

August 17, 2017 at 03:18PM