Containers and associated management utilities are the latest in a long line of open source software that has matured into production-worthy IT infrastructure. Along the way, IT pros learned that open source doesn't mean free.
Consider open source as a software development model rather than a distribution platform. Container infrastructure is no different.
Foundational container software, such as the Docker image format and runtime engine and the Kubernetes cluster manager, are open source tools. However, IT organizations that build production systems on a container model quickly realize that DIY is not a viable strategy.
Expensive container infrastructure
Container users spend money in several areas, such as the following:
- commercially supported and managed container products;
- servers, storage and network switches or, alternatively, cloud infrastructure and managed container services;
- container management tools and, for those building multi-cloud or hybrid cloud container clusters, tools that provide meta management of the deployment;
- components required for container-based distributed application management, such as an image registry, a service discovery system, load balancers and a service mesh platform;
- personnel with container expertise, who can be difficult to find in the ongoing skills deficit; and
- consulting and design services.
Not all container implementations need all of the above; however, every approach uses some mix of these container infrastructure components. Each element adds to the overall costs for the project, both upfront Capex and ongoing Opex.
More efficient than VMs, but still costly
Containers are a more efficient and flexible application platform than VMs, which run an entire OS in each isolated system. While VMs have dominated enterprise IT deployments, there are signs that container investments are here to stay.
Of over 500 IT leaders surveyed by container infrastructure vendor Diamanti, 12% of respondents had already deployed production container environments, and nearly 50% planned to.
Editor's note: While early container adopters favored open source tools with DIY integration, commercial container software use is on the rise, according to a survey by IHS Markit. In 2017, 17% of deployed container software was commercially supported, totaling about 0.2 million units. IHS projected that number to grow to 0.9 million units (about 21% of total container software units) by 2022 (see Figure 2).
Consider a container deployment plan that projects $100,000 in new infrastructure, roles and services. Although $100,000 is not a huge amount in terms of average enterprise IT budgets, the vast majority of a typical budget -- 70% to 80% in most organizations -- goes to ongoing operations rather than new investments. Containers might eat up a significant portion of the new investments allocation, or even exceed it, but their adoption is a high priority. This initial significant cost will only increase as production container infrastructure expands over time.
Where does the money go?
The ecosystem of infrastructure, services, tools and expertise listed above turns a simple workload isolation technology into a scalable production platform for multiple applications, batch jobs and microservices. To assess the return on investment for these Capex and Opex charges, review the capabilities each provides.
Container runtime engine. Often included with, or available from, the server OS or virtualization platform, the runtime engine operates deployed containers, often with features such as cloning, job suspension and snapshots. For example, Windows Server's Hyper-V, VMware's vSphere Integrated Containers and Red Hat's OpenShift Container Platform each offer containerization software.
Container image repository. Repositories provide a single place for image distribution, along with long-term storage and version control. The major cloud vendors, such as AWS and Microsoft Azure, each include a container registry service. Self-managed, on-premises registry software is available as part of Docker Enterprise Edition, OpenShift Container Platform and VMware Harbor integrated with Pivotal.
Container workload manager and orchestrator. Container management systems automate image deployment across multiple hosts, balance workloads between systems, restart crashed containers and provision additional copies of a container to handle increased usage. Kubernetes is a popular open source orchestration software available in commercial distributions from many vendors, including Docker Enterprise Edition, VMware Heptio, Red Hat OpenShift, Rancher and others, including all the major cloud services, such as Google Kubernetes Engine.
Image registry with a service discovery system. Simplify image reuse across applications and provide users or applications with the state, location and configuration of running instances via a combination of the registry and service discovery. Service discovery is part of cloud container services, as well as commercial and open source products, such as Docker, HashiCorp Consul, Apache ZooKeeper and Doozerd.
Service meshes are an emerging container product category designed to facilitate applications composed of many microservices distributed across multiple container clusters. The service mesh acts as a message-handling system for interservice communication and event management. Most service mesh implementations, such as Conduit, Envoy, Istio and Linkerd, are still open source projects, but cloud services based on Istio (Google Cloud) and Envoy (AWS) are available.
Container virtual network overlay and load balancer. A virtual network overlay enables intercontainer communication over shared physical network interfaces. The load balancer connects external users and applications to the correct container.
Hardware infrastructure. All application deployments live on IT infrastructure, no matter how abstracted. Servers and switches serve up container clusters, and storage systems hold persistent application data. Container adopters can choose to run workloads on premises, on public cloud or across a mix of both, which leads to meta-management tool investments.
Meta-management products and services. Many organizations adopt containers as a means to ensure hosting platform neutrality and enable workload portability between on-premises infrastructure and one or more cloud services. However, management across multiple disparate platforms is a significant challenge of multi-cloud. Meta-management tools provide cloud-agnostic container management in traditional or SaaS format.
Meta-management products appeal to organizations with production containerized application experience, whether on premises or via a cloud service, that now want to standardize on container infrastructure and possibly a PaaS development platform.
Within this category of tools is a range of subcategories. Organizations can turn to infrastructure management suites, such as HashiCorp Terraform and Consul, Joyent Triton, Rancher and Mesosphere. Alternatively, PaaS offerings that do the job include Pivotal Cloud Foundry, Red Hat OpenShift and Atos powered by Apprenda. If an IT organization prefers SaaS container management, meta managers are available, such as HyperGrid HyperCloud and Platform9.
Support and expertise. Given the various elements required to run production-scale container deployments, locally or in the cloud, for modern applications, the overall design and product choices to support them are critical. With expertise still relatively scarce in the enterprise IT workforce, most organizations seek out consultants or vendor professional services to assist with container strategy, architecture and implementation.
The reality of resilient, high-performance and intuitive container infrastructure goes beyond open source project downloads into finance, IT, development and DevOps personnel investments. Budget accordingly.