Stacked shipping containers

11 reasons to run your containers on OpenStack

Enterprises today must keep up with increasing internal and external customer demand, or die trying. For IT, this means deploying and updating applications faster, and more often than ever before to meet and ideally exceed this demand. At the same time, IT must focus its people power on strategic endeavors, rather than rote tasks.

Linux container technology is helping some organizations make this transition. As part of a team's DevOps practices, open source containers offer great  flexibility and agility alongside cloud deployment and consumption. Containerization creates the opportunity for a true hybrid cloud computing approach, by which we can manage any application running anywhere in a consistent and efficient way. And in the enterprise data center, OpenStack has become popular as a robust cloud infrastructure framework. How do Linux and OpenStack work together?

What is the true state of security in DevOps?

11 OpenStack benefits

OpenStack provides the resources and services that container platforms and applications can rely upon. Here are 11 benefits you can reap by using the platform for your container strategy.

1. Provides standards for building open, massively scalable clouds

Supported by a fast-growing community of individual and enterprise contributors, OpenStack provides a standard platform to build open, massively scalable clouds. Organizations that deploy OpenStack are typically seeking greater flexibility and operational efficiency, ability to innovate, and cost savings for their infrastructure.

2. Takes advantage of software-defined infrastructure services

Linux containers offer similar benefits for application development and lifecycle management, so it makes sense for enterprises to seek to aggregate the benefits of Linux containers and OpenStack.

Despite the current market wisdom, however, Linux container deployments at scale require more than a container runtime and packaging format. They need an integrated enterprise container platform for running and orchestrating containers in enterprise data centers and public clouds. The goal is to take advantage of software-defined infrastructure services for virtual machines. Luckily, this is exactly what OpenStack provides.

3. Allows teams to develop better apps, faster

In a recent OpenStack user survey, more than half of respondents said that they are interested in using containers in conjunction with their OpenStack clouds for production uses, so there is no shortage of demand for solutions.  Compounding this is the growing hunger for on-demand, access-anytime services. Containers help serve this need with faster development of better applications. 

The benefits range from increased application portability, to reduced development time, to potentially enhanced application stability. As applications become more "componentized," and highly distributed, with the advent of microservices architectures, containers provide an efficient way to deploy these microservices without the overhead of traditional VMs.

4. Allows modular growth in the technology stack

Linux forms the foundation of both OpenStack, and modern container infrastructures, making the two a natural fit. By using OpenStack at the foundation of a cloud strategy, organizations can add in newer technologies, such as containers for testing, then deploy them to production when they achieve the necessary levels of stability and security. More importantly, this can be done without compromising multi-tenant security and isolation, management and monitoring, storage and networking, and more critical capabilities.

5. Provides integration with the OpenStack community

In 2014, the OpenStack community decided that containers were an important technology to back. This resulted in several projects to support containers, and the third-party ecosystem around them, in OpenStack clouds. Today, OpenStack offers several different container-centric management capabilities, including monitoring and multi-tenant security and isolation.

6. Offers standardization

Work is being done across the industry to advance open standards for container technology. OpenStack embraces these standards. For example, the OpenStack Containers team was formed to build on container standards, like the runC runtime standard from the Open Container Initiative (OCI), and to develop an easier way for organizations to set up and deploy container technology on OpenStack infrastructure.

7. Improves project innovation

There are currently three OpenStack projects dedicated to containers.

  • Magnum provides container-specific APIs for containers as a service in a multi-tenant environment.
  • Kolla provides deployment tools and a controller plane in which each OpenStack service runs in a Docker container.
  • Murano enables packaged applications to be deployed on OpenStack.

This continued innovation shows OpenStack’s commitment to containers as the evolution of the application, with each of these communities working hand-in-hand with key contributors to various Linux container projects.

8. Supports "Container Orchestration Integration"

Through the Magnum project, OpenStack supports three container orchestration engines (COEs). You can use third-party ecosystem tools, including Docker Swarm, Kubernetes, and Mesos, to automatically provision a collection of compute instances in which containers run. One benefit of using an orchestration framework with containers is that it allows switching between OpenStack and bare-metal environments at any given point in time, abstracting the application away from the infrastructure.

9. Improves security

Security is commonly cited as one of the leading concerns limiting container adoption, but OpenStack helps to mitigate some of these. Organizations can use a bay in OpenStack Magnum to arrange a group of virtual machines or bare metal instances so that they are used by only one tenant. OpenStack also supports the verification of trusted container content through integration with tools for image signing, scanning and certification.

10. Provides greater team independence

While both OpenStack and containers continue to innovate rapidly, they are already used by many large and small enterprises around the world. In these deployments, a pattern has evolved by which the right technologies are used to solve the problem for which they are best qualified, while integrating tightly with other technologies to enable an enterprise-grade infrastructure and application platform that prepares IT for the challenges ahead. Typically, such patterns evolve around lines of abstraction in the technology stack or skill set within the organization.

The case of Linux containers on OpenStack is no exception, the strategic benefit lies in the separation of the main layers of the stack, which can be owned by separate teams, to absorb innovation at their own pace, and to implement company-specific requirements without affecting the whole stack.

11. Provides software-defined infrastructure services

OpenStack provides software-defined infrastructure services for compute, network, storage, tenancy security, and service management. A vast ecosystem of certified solutions for network, storage, security, and management has emerged that offers operators rich capabilities and choices. OpenStack’s unit of work is a set of virtual machines, sharing pools of resources and services in a tenancy model with a high degree of automation and self-service.

Container platforms can run within these virtual machine sets, aggregating compute capacity and infrastructure resources consumed from OpenStack to the microservices and containerized traditional applications and services managed by the container orchestration engine.

Container platforms provide a "semantic of tenancy" that matches the application needs and ownership within the organization, and that can be vastly different from infrastructure ownership. This is especially true if containers are used as the hybrid cloud fabric that spans the data center with public cloud infrastructure as a service. The container platform also provides the workflow automation for continuous integration, continuous deployment automation, and pipelines in a generic way for any application.

The applications themselves live inside containers as the unit of work, which aggregate the application code with runtime dependencies provided by operating system and middleware components. Application teams can manage changes to either of these components in the aggregate, therefore assuming responsibility for interoperability, dependencies, and new features, all at their own pace.

However, this expanded freedom comes with the responsibility of keeping the payload secure, especially with security vulnerabilities becoming known for the runtime components. This becomes easier with the automation capabilities provided by container platforms, from automated building to CI testing to deployment strategies.

Linux and OpenStack: Complementary values

On the surface, Linux containers and OpenStack seem to solve similar problems. But when you take a closer look at the technologies and use cases, you can see how complementary they are. Both implement the same concepts with a different focus on either infrastructure resources, or applications and microservices. Enterprises can take advantage of both technologies to get the best of both worlds, while further increasing agility and innovation separately for each layer of the stack.

This combined approach can take the form of separate teams, or leveraging managed services for any layer. Every organization has different needs, so having this kind of choice allows greater business value for everybody, which is a huge benefit that open source technologies offer the digital world.

What is the true state of security in DevOps?

Image credit: Flickr

Topics: IT Ops