DevOps, Containerization, and Security — Perspectives from our Senior DevOps Engineer

Welcome back to our digitalML spotlight series!

This time we’re speaking to Senior DevOps Engineer Anirban Das, who shares his perspectives on:

• The benefits of containerization
• Migrating our own customers from stand-alone Docker containers to Kubernetes
• The security benefits and challenges associated with DevOps tools

On the benefits of Docker and Kubernetes

Gemma: What are 1 or 2 industry trends that are interesting to you right now and why?

Anirban: I would say containerization using Docker and Kubernetes.

If I rewind 10 years, we used to either build servers manually or deployed VMs from templates. The template would have the majority of the base set up pre-done, but then in most cases would also need additional configuration on top to provision each server (e.g. a database server, an application server, or a UI server) from the template.

A lot of the time that configuration would be done manually (then as time moved forward it would be done using a script). But you’d still have the problem of people coming in, making changes which weren’t properly recorded and didn’t always follow the change control procedure — before you knew it, the server would end up in an unknown state. So, if you ever needed to rebuild the server from scratch, there would be inconsistencies a lot of the time, but it would never be clear what was missing based on the documentation.

Then config management and provisioning tools — like Puppet and Chef — came along, which I’ve worked with for the last 6 years. They are great in keeping the servers in a known state — you deploy from a template, and then apply your Puppet manifests. Puppet configures the whole server.

The time to do so varies though. For example if you’re setting up a UI server it might take 5 minutes, but if you’re setting up an Oracle database server it might take 1 hour — so it’s still time consuming.

Puppet is great at keeping your servers in a state that is consistent for your application to run, but then again it only checks what you’ve configured; if someone goes in and adds something else or changes a file that isn’t managed by Puppet, it won’t be subjected to the same checks.

Scaling becomes a bit of an issue too. You can scale horizontally and spin up another server with Puppet, however if the original server takes one hour to provision, it’s going to take another hour to do so for the new one. BUT, if it’s in demand and you need that resource, you have to do it!

That’s where containerization really helps, because everything’s pre-built. Your images are already what you need, to run your application on; you don’t need to add anything to it.

Once you deploy your container, that’s it — no additional installation or configuration is needed because it’s all in the image you created.

It helps with scaling too. If you’re using Kubernetes or Docker Swarm you can configure it to auto-scale — if there’s high traffic these containers scale automatically, and the start-up time is significantly less than a VM starting up. Once the usage reduces, it then automatically scales back down. It enables you to do usage-based on-demand scaling, instead of having to do pre-planning.

The thresholds are of course configurable too, so you can optimize your resources consistently.

Gemma: What’s a favorite project you’ve worked on during your time at digitalML?

Anirban: I’ve been heavily involved in the migration of our own ignite platform from stand-alone Docker containers to Kubernetes. We were running most of our SaaS customers on these stand-alone containers, and so we weren’t getting any of the nice features I’ve just spoken about!

Migrating most of our customers to Kubernetes has had another benefit too — it’s helped us mature our product. Doing so helped us identify some potential improvements to the platform which had previously been overlooked. So that was a great opportunity to find and apply a genuine solution, and therefore make ignite even better and improve our own internal processes.

The security benefits and challenges of DevOps tools

G: Security is naturally a big issue for large enterprises; what implications do DevOps tools have on this?

Continuing reading about Anirban’s perspectives on security benefits and challenges with DevOps tools, what his favorite part about working at digtalML is, and more here.

About the Author

Gemma Sindall
Gemma is a Marketing Manager at digitalML. She has a keen interest in digital strategy and the best ways to merge people, process and technology. Her experience spans Marketing and Client Services in the Technology and Financial Services industries.

Originally published at https://www.digitalml.com.