56% of geo-distributed firms to shift to container tech
According to a recent study conducted by Kaspersky, 56% of geographically distributed companies plan to shift to container development within the next one to two years.
Container technology, which encapsulates applications and their dependencies within isolated environments, aims to offer unprecedented portability and consistency across various stages of development and deployment.
Kaspersky's study, titled 'Managing geographically distributed businesses: challenges and solutions', underlines the potential benefits of containerisation for businesses with operations spanning multiple locations and countries. The company has outlined several key considerations for geo-distributed firms contemplating a transition to container development.
The first step for businesses is to understand the basics of container technology. Essential concepts include container images, containers, configuration files, and registries. A container is essentially a lightweight software component that includes everything needed for an application to run, such as files, libraries, and metadata. Unlike virtual machines, containers share the host operating system, making them more efficient. Containers are created from container images in Continuous Integration (CI) platforms and are deployed in orchestrators.
Choosing the right container orchestration tool is another critical factor. Orchestration tools manage the deployment, scaling, and operation of containerised applications. Kubernetes is the most popular choice due to its robust feature set and community support. For geo-distributed businesses, it's crucial to select a tool that supports efficient multi-region deployments, ensuring minimal latency and seamless integration across different locations. Key considerations include scalability, community support, and compatibility with existing systems.
Security is a significant concern in containerised environments, particularly for businesses operating across various regions. Containers introduce unique security challenges, including vulnerabilities in container images, outdated images with malware, and potential unauthorised access to the orchestrator. Implementing comprehensive security practices is essential, featuring regular scanning of container images for vulnerabilities, real-time monitoring for running containers, and ensuring process isolation. Compliance with local data laws and continuous auditing are necessary to address data sovereignty and cross-border data transfer regulations.
For improving development agility, integrating containers into Continuous Integration and Continuous Deployment (CI/CD) pipelines is advisable. Containers provide consistent environments ideal for automated testing and deployment. CI/CD pipelines for geo-distributed businesses must consider deployment across multiple regions, optimising for latency and ensuring seamless integration. Key steps include automated testing, build, and deployment automation.
Another vital aspect is resource management and monitoring. Efficient resource management helps avoid over- or under-provisioning, especially as resource demands can vary significantly across different regions. Monitoring tools track container performance and resource usage across various locations. Centralised logging solutions and setting resource requests and limits in orchestration tools can ensure balanced resource utilisation.
Cost management remains crucial. Businesses need to manage additional costs associated with data transfer, regional pricing differences, and multi-region deployments. Continuous assessment and adjustment of resource allocations based on usage patterns, implementing autoscaling policies, and monitoring costs across different regions are essential strategies.
The shift to container development also involves a cultural change. Teams must be trained on new tools and practices, and a DevSecOps culture should be promoted to foster collaboration between development, security, and operations across different regions. Conducting workshops and training sessions tailored to different regional teams is essential. Encouraging practices like infrastructure as code and creating cross-functional teams that include developers, cybersecurity professionals, and operations personnel from various regions can facilitate this shift.
Anton Rusakov-Rudenko, Product Marketing Manager for Cloud & Network Security Product Line at Kaspersky, stated, "Shifting to containers streamlines development processes and paves the way for innovative, resilient, and scalable applications. However, this transition brings unique security challenges that require a proactive and comprehensive approach."
"We at Kaspersky understand the security risks associated with the use of containers, and in 2023 we released a specialised product to protect container environments, Kaspersky Container Security, which protects all stages of container development, including the most critical part - runtime. By integrating advanced container security solutions, businesses can ensure their applications remain secure and compliant, enabling them to harness the full potential of containerisation while safeguarding their digital assets."