21 Developers & Docker Experts Reveal the Biggest Mistakes People Make When Switching to Docker Containers

Containerized environments are increasingly popular, and Docker remains the most popular container solution for developers. But the process of moving from virtual machines to containers is complex. If you’re just getting started with Docker, check out our list of 50 useful Docker tutorials for IT professionals, which includes tutorials for beginners, intermediate users, and advanced Docker pros.

It’s common to make mistakes during the transition from VMs to Docker containers, and it’s important to remember that Docker won’t fix all your problems in the cloud. There are also security issues you need to weigh in order to keep your environment fully secure both during and after the transition. Threat Stack’s Docker integration offers full visibility into your container environment, alerting you to internal and external threats — along with the context needed to understand what happened during a security event so you can take appropriate action.

Aside from failing to implement robust security measures for your containerized environment, people make other common mistakes make when switching to Docker containers. To gain some insight into the most common, we reached out to a panel of Docker experts and asked them to answer this question:

“What’s the biggest mistake people make in switching to Docker containers?”

Read more “21 Developers & Docker Experts Reveal the Biggest Mistakes People Make When Switching to Docker Containers”

Top 4 Questions to Ask About Compliance, Security, and Containers

Introducing containers into cloud infrastructure can lead to faster development cycles as well as more efficient use of infrastructure resources. With these kinds of competitive advantages, it’s no wonder why container orchestration platforms like Kubernetes are so popular. In fact, Gartner estimates that 50 percent of companies will use container technology by 2020 — up from less than 20 percent in 2017.

While the value and popularity of containers are undeniable, deployments have opened up a whole new set of infrastructure security concerns for Development and Operations teams. This is why more and more companies are focusing on container security to ensure that they don’t ship software with known vulnerabilities, to protect sensitive data, and to maintain compliance with industry-specific regulations such as HIPAA, PCI, or SOC 2. Resources like the Center For Internet Security (CIS) benchmark reports on Kubernetes or Docker provide comprehensive, objective guidelines for organizations transitioning to containers.

In this post, we’ll walk through some of the top questions you need to ask when thinking about establishing security and maintaining regulatory compliance in a container infrastructure environment. Read more “Top 4 Questions to Ask About Compliance, Security, and Containers”

The State of Container Security: What We Learned From Our Survey

Containers are a big topic of conversation right now — and for good reason. They represent a powerful and transformative shift toward infrastructure that can enable flexibility and rapid development unlike anything we’ve seen before. However, as containers continue to proliferate, so do the security and compliance issues that surround them. Many in the market do not fully understand these concerns or how to address them. Our recent report with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) bore this out.

Containers cannot solve every development or infrastructure problem; they are not the panacea that many believe them to be. But they do offer new opportunities that, when used properly, can move your organization forward. Read more “The State of Container Security: What We Learned From Our Survey”

5 Common Myths Around Moving to Docker

As you probably know by now, containers are a high-priority topic at companies of all sizes. But there are a lot of myths surrounding this technology as well, in part because it is new and unfamiliar territory for most, and simply because the technology is so young.

In this post, we’ll debunk five of the pervasive myths and misunderstandings that surround containers, with a focus on Docker (since it is currently the most widely adopted container technology by a sizeable margin). Let’s dive in. Read more “5 Common Myths Around Moving to Docker”

Why Docker Can’t Solve All Your Problems in the Cloud

Docker and other container services are appealing for good reason. They are lightweight and flexible. For many organizations, they enable the next step of platform maturity by reducing the needs of a runtime to the bare essentials (at least, that’s the intent).

When you dig into the benefits afforded by containers, it’s easy to see why so many companies have started projects to:

  • Containerize their apps and supporting services
  • Achieve isolation
  • Reduce friction between environments
  • Potentially improve deployment cycle times

The software development pattern of small things, loosely coupled, can go even further with an architecture built around containerization. We’re big fans at Threat Stack, and continue to invest in supporting our customers who rely on them. In fact, we recently announced official CoreOS support for our agent.

However, we have discovered that there is no shortage of misunderstandings about Docker (no surprise given the rapid growth and pace of change) and other container services in terms of:

  • How their benefits are realized
  • The impact on infrastructure/operations
  • The implications on overall SDLC and Ops processes

Containers certainly offer plenty of benefits, and it makes good sense to explore whether and how they could work for your organization. But it is also a good idea to take off the rose-colored glasses first and approach this technology realistically. Read more “Why Docker Can’t Solve All Your Problems in the Cloud”