Networking is still king – more so in container projects
Beware: the perfect container solution without appropriate networking may undo any project!
Your DevOps teams may be increasingly taking advantage of container computing to unlock operational and cost benefits as a step towards a next-generation, on-demand data centre. Often overlooked is that your network, as the foundation of your infrastructure, needs to be architected in such a way as to leverage, not limit, the agility that containers offer.
Containers solve the problem of portability and getting software to operate reliably when moved from one computing environment to another, for example in your hybrid IT environment. However, the move to container computing introduces a number of additional challenges for the network. Challenges may focus on connectivity, increased data centre network traffic, as well as how to apply network and security policies consistently across physical, virtual and container-based computing environments.
Five critical networking considerations to fully leverage container
1. Build the right network foundation for your computing and application needs
Consider a two-tier network architecture in the data centre (if you haven’t done so already). A two-tier network significantly enhances the performance of the network, reduces the number of hops between any two nodes, and allows the network to scale beyond what was possible before. You’ll also require specialist data centre switching hardware that delivers the performance, speed and API interfaces needed to support a containerised environment.
2. Develop an approach to Software-defined networking
Software-defined networking (SDN) is an important building block to ensure a successful container project. Why? With SDN, a software layer abstracts network functionality into a programmable control plane, which acts as middleware for the network. Containers and other parts of the infrastructure work in concert with the networking hardware through the control plane, and can integrate with the management, automation and orchestration tools conducting network operations.
Develop an approach to SDN that includes a review of the existing network architecture and its impact on your infrastructure and network strategy, and identify a place to start.
3. Augment your network using the latest tools
Network services such as application delivery, security and IP address management (DNS and IP addressing services) remain critical for applications – including those deployed on containers. A number of new networking software tools have emerged to assist with creation, management and enforcement of operational policies. For example, multi-tenant traffic isolation, micro-segmentation, bandwidth prioritisation, latency requirements, and policies for L4-L7 network services. You’ll need to consider deploying some of these tools, such as Cisco Contiv or VMWare vSphere Integrated Containers, as an integrated part of your network to provide connectivity, security and network services to your applications.
4. Re-evaluate your network operations
Re-evaluate network operations and how they’ll be impacted by a move to automation and the inclusion of software in the environment. The lightweight nature of containers, dynamic application provisioning and rapid scalability, means that networks change more quickly than manual management can handle.
Network automation approaches are required to provision network resources and services alongside containers so that connectivity is available when needed. Network services therefore need to be applied dynamically to deliver appropriate levels of policy and security.
5. Choose the appropriate connectivity options and services
Containers enable far greater portability for applications and it increases the likelihood of application movement between on-premise, private cloud and public cloud infrastructures. The network plays a fundamental role in providing connectivity to applications, as well as cloud platforms.
There are different ways to provide network connectivity for containers. You’ll need to make choices based on the requirements of your applications, where they are housed, and performance and network service requirements.
In addition to these choices for containers, the network architecture needs to cope with connecting applications running on bare metal and virtual machines. You’ll need to insert network services (application delivery, firewalls, IPS, DNS, and IP addressing services, among others) consistently across all applications according to existing policies to get the best from evolving hybrid computing platforms.
Build your infrastructure on a good foundation
The network is the platform for applications and the cloud. A house built on poor foundations will crumble and the same holds true for application and computing architectures built on poor network foundations.
Having the appropriate resources are crucial in ensuring that the network is ready for container projects. Review your skills development plans for your network engineers. This plan needs to evolve to include software development principles, APIs, automation, and DevOps tools and approaches. It’s then also important to include the networking team when embarking on a container project. Container solutions cannot succeed without appropriate networking. Find out more about networking in containers in our latest thinking.
If you’re struggling to make sense of how you can architect your network to fully leverage container computing, consider partnering with a specialist networking system integrator that can work as part of the project team.
Also see how containers can benefit your hybrid IT strategy.