Containerization in networking was, until recently, a relatively obscure technology that was only known and mastered by a few highly skilled specialists. Fast forward to today and things have changed—a lot. Containerization in networking—not to be confused with containerization in transportation although there are obvious similarities—has now become mainstream and each and every networking professional needs to have at least a basic understanding of this amazing albeit complex technology.
Our goal is by no means to make you containerization experts but rather to provide you with enough information to understand what the technology is, how it works, what products are available and how it can be monitored.
We’ll start off by briefly describing containerization and how it differs from virtualization, another technology with similar goals. We’ll then discuss the pros and cons of the technology and have a quick look at how it can be used in the contexts of BYOD, Saas, and MDM. Next, we’ll explore what containerization software is available before we review some of the very best tools you can use to monitor your containerization environment.
Containerization In A Nutshell
Application containerization is an OS-level virtualization method that is used to deploy and run distributed applications without the need for launching an entire virtual machine for each application. Multiple, isolated applications or services can thus run on a single host and access the same OS kernel.
Application containers include the run-time components—such as files, environment variables and libraries—necessary to run the desired software. Application containers typically consume fewer resources than a comparable deployment on virtual machines because containers share resources without the need for a full operating system to support each environment. The complete set of information to execute in a container is called an image and container engines deploy these images on hosts. Containers can work on bare-metal systems, cloud instances, and virtual machines as well as across Linux, Windows and Mac OS systems.
Application containerization, as it is often called, works with microservices and distributed applications with each container operating independently of others and using minimal resources from the host. Each microservice communicates with others through application programming interfaces, with the container virtualization layer able to scale up microservices to meet the demand for an application component and distribute the load.
How Do Containerization Differ From Virtualization?
Although containerization and virtualization both serve a similar purpose, they are quite different in the way they operate. In virtualization, for instance, the essence of the operating system is made to run as an application while appearing as a distinct, virtual host. This operating system is, in turn, available to any application installed on the virtual host. Conversely, containers bundle the parts of the operating system with each application and only those elements, libraries, and modules that are needed by each application are bundled with it.
Another way to see it is that virtual machines set up separate identities for one host and enable it to appear as if it was several physical machines. Virtualization creates an abstraction of the hardware. With containerization, it is, instead, the applications that are abstracted. Overall, both technologies do provide some degree of isolation between environments, but they achieve it in a much different fashion.
In containerization, the container and its operating system essentially form a sort of network, allowing an application to be delivered to an otherwise incompatible machine. But contrary to what happens in virtualization, applications can share containers and only one instance of the operating system is required.
The Pros And Cons Of Containerization
One of the biggest advantages of containerization over virtualization is how there is no need to permanently install that extra layer of the virtual operating system on the receiving machine. Consequently, a containerized application is typically much more portable as it removes the requirements for pre-installed software, services, or operating systems on the target computer. Furthermore, containerized applications can be run on bare metal hosts and remote or cloud servers with unknown environments.
Another great thing about containerization is how the proximity of the operating system services to the applications that need them within the container often means that it can deliver faster response times to end users than a typical virtual machine. And there are also far fewer fetches across the network needed to deliver a containerized application than to operate a remotely accessed virtual machine. And last but certainly not least, containerization has several advantages over distributed software. In fact, it is that category of network service that has been the main reason for the recent boom in containerization.
But containers don’t only have advantages and there are a few cases where you might prefer to avoid them. For starters, while containerization works well for Linux operating systems, it is not supported nearly as well on Windows. Also, since containers share the kernel of the operating system, if it ever becomes vulnerable, all the containers will be vulnerable as well.
Networking is another area that can make it tricky to work with containers. For instance, you must constantly maintain a good network connection while actively trying to keep the containers isolated. Likewise, monitoring also comes with its set of challenges. Since containerization is typically used to build multi-layered infrastructures—with one application in one container, you have to monitor more things than you would if you were running all of your applications on one virtual machine.
Containerization And BYOD
Bring Your Own Device, or BYOD has gotten very popular lately and many organizations let their employees use their own smartphone or even laptops in the context of their work. Containerization can help with that as applications can be made available over the network for employees to access from their personal devices. In these situations, the container acts as an “immunizer”, creating a barrier between the corporate application and the user-owned device. This, however, has to be managed carefully since the container has access to the user device’s kernel.
Still, containerization offers an obvious security benefit for the organization delivering the application since it removes the need to give direct access to the network to the user, thereby reducing the risk of virus infection to the corporate infrastructure.
Another advantage of containerization with respect to BYOD has to do with software license control. For instance, an application can be easily withdrawn from use at any time. Since it was never actually installed on the user’s device, it can be suspended should the owner of the device leave the organization or if the device gets stolen, allowing its license to be reused.
And last but not least, since communication between applications running in separate containers can be enabled through APIs, the actual amount of integration and coordination or, at the other end of the scale, isolation, can be easily controlled.
Containerization And SaaS
Software as a Service (SaaS) is another area where containerization can bring obvious value. For instance, containers can be limited, making it easier to track and control access to software from remote devices. This can prove very useful for providers needing to make their software available from the cloud on a subscription basis. In such cases, the container creates a temporary partition on the host device and that partition can be suspended at will by the provider.
Furthermore, the possibility of delivering software to incompatible devices without the need to install supporting services is particularly useful to cloud services as it expands the method of delivery for an application beyond the use of browsers.
Containerization And Mobile Device Management
Mobile Device Management (MDM) is yet another area where containerization shines. In a nutshell, MDM is basically the same thing as BYOD except that the mobile devices are owned and controlled by an organization rather than its employees. But the challenges are the same. For instance, containerization can be a great option for the delivery of applications to mobile devices as they can easily be lost or stolen.
Let’s have a brief look at some of the most common containerization software that is currently available.
Docker is, by far, the best-known containerization system. Unlike most containerization environments that will only run on the Linux platform, this one will also run on Windows. And to make things even more interesting, this is an open-source project that can be absolutely free to use although there are paid versions. The free version is known as the Community Edition or Docker CE. You can download the code for Docker CE from a GitHub repository. The software can be installed on Fedora, Ubuntu, CentOS, and Debian Linux and it is also available for Mac OS and Windows 10. In addition, if you have Windows Server 2016 and higher, you won’t even have to install Docker as it is already bundled with the operating system. On Windows and Windows Server, the Docker system relies on services from Hyper-V in order to run. These utilities get activated during the Docker setup process.
Next on our list is LXC, a short for Linux Containers, one of the oldest containerization systems that, to this day, still remain very influential despite having declined in popularity at the favour of Docker, which was launched some three years later. As you’d likely get from the name, this platform is only available for Linux. In fact, it is already bundled into Ubuntu. As a side note, you’ll need a Linux 3.8 kernel or newer in order to create LXC containers. This product is completely free to use. But with nothing but a command-line environment as its management interface, it is not as easy to learn and use as Docker. This most likely explains why Docker has become the star of the containerization world.
As an up-and-comer, Kubernetes is likely the only alternative to Docker that may stand a chance of becoming the number one containerization system. It is another open-source project and it was created and is managed by Google. It is part of the Google Cloud family of products and you can count on its Google background to help the platform soar to great heights.
Containers are created using the Google Kubernetes Engine (GKE), a cloud-based environment. Alternatively, you can get an installed version to run on your own hosts. That one is called GKE On-Prem. This is also an open-source project so the code is available for anyone to create their own version of the tool. Surprisingly this has mostly occurred through various integrations with front end tools rather than through forks of the original code into competing platforms. There is, for instance, the Azure Kubernetes Service, which is available on the Azure cloud platform.
CoreOS rkt (pronounced CoreOS rocket) is yet another open-source containerization project. This one was started up in 2014 with the aim of providing a replacement for Docker in the wider containerization system called Container Linux, which is not to be confused with Linux Containers we just talked about. The CoreOS rkt system installs on Linux and is designed as a method for delivering applications from cloud-based services. Container Linux was originally called CoreOS Linux. It is a lightweight operating system. As for CoreOS rkt, it is a containerization system that delivers Container Linux over networks. It can, however, also be used on ArchLinux, Fedora, NixOS, CentOS, Ubuntu, and OpenSUSE.
Las on our list is OpenVZ, a short for Open Virtuozzo. This system was introduced in 2005, making it even older than LXC. It is a containerization package that runs on Linux. The Virtuozzo part of the name comes from the precursor of this system which is still available today. Virtuozzo was developed by a private company and released way back in 2000. It was the first real implementation of containers. A few years later, a free, open-source version of the technology was made available as OpenVZ and it is still available today.
Monitoring Containerized Systems
Monitoring containerized systems differs slightly from monitoring virtual machines yet the same tools can often be used. After all, a containerized system is, at its base, an application running on a server
The SolarWinds Server and Application Monitor was designed to help administrators monitor servers, their operational parameters, their processes, and the applications which are running on them. It can easily scale from very small networks to large ones with hundreds of servers—both physical and virtual—spread over multiple sites. The tool can also monitor cloud-hosted services like those from Amazon Web Services and Microsoft Azure as well as most variants of containerization platforms.
This product is particularly well-suited for monitoring Docker implementations. The solution is built to monitor any application that is using the Docker container architecture to help better understand its availability and performance. You can use the product’s Docker monitoring to validate the application is performing as expected and that necessary services have appropriate resources. It can also help you correlate and manage application performance metrics alongside Docker container monitoring and host metrics to visualize performance that can assist when troubleshooting performance issues.
- FREE TRIAL: SolarWinds Server and Application Monitor
- Official Download Link: https://www.solarwinds.com/server-application-monitor/registration
The SolarWinds Server and Application Monitor is very easy to set up and its initial configuration is just as easily done with the help of its auto-discovery process. It is a two-pass process. The first pass will discover servers, and the second one will find applications. This can take time but can be sped up by supplying the tool with a list of specific applications to look for. Once the tool is up and running, the user-friendly GUI makes using it a breeze. You can choose to display information in either a table or a graphic format.
Prices for the SolarWinds Server and Application Monitor start at $2 995 and vary based on the number of components, nodes, and volumes monitored. A free 30-day trial version is available for download, should you want to try the product before purchasing it.
2. ManageEngine Application Manager
ManageEngine may not be as well-known as SolarWinds yet it’s still another name that enjoys an excellent reputation among network and database administrators. The ManageEngine Application Manager deals with application management. You probably had figured it out by yourself. This is, however, a somewhat misleading name as it is as much a monitoring platform as it is a management tool.
This tool offers integrated application performance monitoring for all your server and application monitoring needs. It can also do that for the underlying infrastructure components such as application servers, databases, middle-ware and messaging components, web servers, web services, ERP packages, virtual systems and cloud resources. In a few words, this is an all-encompassing platform.
The ManageEngine Application Manager has a specific extension for monitoring Kubernetes and Docker containers. For instance, the tool’s Docker management not only offers insight into the health and performance of Docker containers, but it also enables Docker host monitoring through robust monitoring, alerting, and analytics engine. As for its Kubernetes cluster monitoring capabilities, they will let you auto-discover the parts and map relationships between objects in the cluster-Kubernetes nodes, namespaces, deployments, replica sets, pods, and containers. It will also monitor Kubernetes cluster stats and identify faults and their sources with ease. Using it, you’ll gain visibility into operational data such as the number of resources used, namespaces per cluster and per pod and track the capacity and resource utilization of your cluster and drill into specific parts of the cluster.
The ManageEngine Application Manager is available in several editions. There’s a feature-limited Free edition as well as a Professional and an Enterprise paid versions. Pricing starts at $945 and details can be obtained by contacting ManageEngine. A free 30-day trial version is also available.
3. PRTG Network Monitor
The PRTG Network Monitor from Paessler AG is another great product. While it is, at its base, an SNMP network analysis tool, it packs a lot more functionality, as we’re about to discuss. Its installation speed is another strength of the product. According to Paessler, it can be set up in a couple of minutes. And while your experience may vary, installation is generally faster than most competitor’s thanks in part to the tool’s auto-discovery engine. The product also offers a choice of user interfaces. You can choose between a native Windows enterprise console, an Ajax-based web interface and mobile apps for Android and iOS. Alerting and reporting are excellent and the product boasts a wide range of reports that can be viewed as HTML or PDF or exported to CSV or XML to be processed externally.
Thanks to a rather unique concept called sensors—a type of functionality plug-ins that are already built into the product—additional metrics can be monitored with the PRTG Network Monitor. There are about two hundred sensors available with the product to monitor virtually any network parameter. When it comes to monitoring containers, especially Docker, PRTG has just what you need in its Docker Container Status Sensor which, unsurprisingly, monitors the status of a Docker container. This sensor will display several parameters such as the overall status of the container (create, running, paused, restarting, exited), its uptime, exit code, CPU usage and available memory both in bytes and percent.
The PRTG Network Monitor is available in a free version which is limited to monitoring no more than 100 sensors. Each parameter you want to monitor counts as one sensor. For example, monitoring bandwidth on each interface of a 4-port router will use up 4 sensors and monitoring the CPU and memory on that same router will use up 2 more. Each additional sensor you install also counts. For more than 100 sensors—which you will most likely need—you’ll need a license. Their prices start at $1 600 for up to 500 sensors, including the first year of maintenance. A free 30-day trial version is also available.
Dynatrace is another cloud-based Software as a Service (SaaS) offering. It can detect, solve and optimize applications automatically. Discovering and mapping a complex application ecosystem is simply a matter of installing the Dynatrace OneAgent. The service will give you a high-fidelity view of your entire application stack, from the performance of applications, cloud infrastructure, and user experience. It will help you effortlessly detect problems along with their business impacts and root cause.
Dynatrace also claims to have the broadest coverage of any monitoring solution in terms of languages supported, application architectures, cloud, on-premise or hybrid, enterprise apps, SaaS monitoring, containerization, and more. The tool automatically discovers and monitors dynamic microservices running inside containers. It shows you how they’re performing, how they communicate with each other and it helps you quickly detect poorly performing microservices. Once it has finished discovering your infrastructure, you’ll be able to view the containerized processes through the tool’s dashboard in real-time. The software can also monitor the performance of applications and microservices located within the containers.
Log analytics is another useful feature provided with Dynatrace. You can view all the log messages associated with an application inside one log file. Every log entry provides you with additional information that can be used to filter your search. For example, log entries will show the container image, ID that logged the message, and the output used.
Pricing for Dynatrace is not readily available but it can be obtained by signing up for the free 15-day trial. Once you register for the trial, it’s only a matter of installing the agent on your servers and you could start monitoring within 5 minutes.
5. Sumo Logic
Sumo Logic is an application and log monitoring solution that’s compatible with containerization platforms such as Docker. The product was created to aggregate large volumes of log data from pretty much any source. But gathering log data is only the beginning. The service can also help you use the collected data to monitor performance, improve applications, and potentially even address security issues and compliance.
Sumo Logic can monitor containers in real-time. Its dashboard view is broken down into metric boxes and graphs. In one dashboard you can view a graph on the Top 10 Containers by CPU Consumption or the Top 10 Containers by Traffic Sent and Received as well as the number of containers created and the number of hosts. Advanced analytics is another feature that makes this a particularly strong product. Its analytics capability can automatically detect anomalies in your containerizing infrastructure and thereby automate the process of identifying performance issues.
Sumo Logic is available under three different plans. There’s the free plan which is targeting individuals and teams looking to try out Sumo Logic for smaller projects, for an unlimited period of time. Next is the Professional plan at $90/month per 1GB average daily log data. And at the top, you have the full-featured Enterprise plan at $150/month per 1GB average daily log data. Note that a 30-day trial is available on both paid plans.
Containerization might be somewhat difficult to conceptualize. It could, however, very well be the answer to your infrastructure requirements for the delivery of services to remote devices. We hope that we’ve been able to shed some light on this complicated topic. While we may not have made you experts, our goal was to give you enough background information to be able to get a better grasp of the technology as you start exploring it.