BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Running test and development environments on Amazon Web Services is often one of the first use cases for adopting AWS. However, small differences in development, test, staging and production situations can cause big problems. Using AWS for Docker deployments may offer a solution.
"The speed at which container technology has gone from 'Oh, this is cool' to production workloads is very surprising, [and] Docker is the fastest technology move I've ever seen," says Jason McKay, senior vice president and CTO, Logicworks, a managed service provider and Amazon Web Services (AWS)-certified consultant based in New York.
According to McKay, Docker and AWS were built on the same basic principle -- infrastructure should be scalable, automated and, most importantly, disposable. In other words, Docker deployment facilitates an infrastructure-agnostic model where resources can be spun up quickly on AWS and, when necessary, rapidly eliminated.
Ed Featherstondirector and senior enterprise architect, IT services at Collaborative Consulting
Over the past couple of years, containers have become a key topic in any technology discussion, noted Ed Featherston, director and senior enterprise architect, IT services at Collaborative Consulting in Burlington, Mass. Containers aim to achieve a balance by isolating applications virtually, without requiring the overhead and licensing issues of bringing along virtual hardware or using a guest OS that VMs require. This balance allows the container to provide the isolation for an application without the inherent overhead of emulating hardware.
Docker deployment has almost become synonymous with the container concept, thanks in part to being embraced by AWS.
"Providing support for Docker containers in the AWS public cloud provides a powerful 1-2 punch for quality assurance (QA) and performance testing," Featherston said. The first punch is the Docker container itself. The container running on a developer's machine can easily move to a test environment as is -- a fully deployable, testable system. "This can be a powerful timesaver as it avoids [the need for] complicated build-and-configuration scripts for each environment."
The second punch is the public cloud, Featherston added. That's because the key constraint in most organizations is having the physical hardware resources for test environments. Public cloud providers can be a viable option to help address that challenge.
"Instead of the classic purchase, configure and support-your-own hardware environments, you go to the cloud provider," Featherston said.
"As with any technology, everything is a tradeoff; with Docker containers -- or any container -- there are limitations," he says. For example, if you need different OSes on the same server, you need to consider full virtualization. There is also the risk of 'container sprawl,' where multiple versions of an application container, all at differing patch levels from a security perspective, are being deployed.
"The issue with running Docker on AWS is not just security, but also its far less glamorous cousins: logging and monitoring," McKay said. Although AWS has great out-of-the-box tools, they must be retrofitted to centralize log aggregation or guarantee monitoring on a subinstance level. "Even when you're running test and dev on Docker in AWS, the same security threats loom. You don't know who's accessing what and when."
Furthermore, very few engineers have experience troubleshooting Docker issues, further adding to the potential risk of deploying in production, McKay added.
Ultimately, no technology negates the need for good design and planning. "You must still have processes in place to govern your deployments and testing," Featherston said. "But with the right conditions, the Docker/AWS combination can be a big win in speeding up your development and testing processes," he said.
"We expect to see more specific container services like ECS from Amazon, so over time Docker and AWS will become even more closely aligned," McKay said.
AWS and Google spar over Docker cloud services
AWS Elastic Beanstalk adds support for Linux-based Docker
How are enterprises reacting to Docker Containers?
Docker is most popular container technology in cloud