There’s no doubt that Docker, which is enjoying significant adoption for production workloads, is a well-established application-container solution. Other types of container platforms, including LXD and OpenVZ, are also now ready for production use, and offer clear advantages over virtual machines for certain deployment scenarios.
Yet, if containers are basically ready for an enterprise today, more development is still needed to make them ideal fits for enterprise workloads. This chapter explains three key areas in which container developers and their partners need to build out the container ecosystem in order to assure containers’ lasting impact on an enterprise.
The container security ecosystem has further maturing to do, especially if containers are going to become compatible with strict enterprise compliance policies.
Some security tools designed specifically for containers are now available. They include the following:
Clair, a container image scanner from CoreOS
Docker Security Scanning, a similar tool created by Docker
These tools can scan container images for potential security vulnerabilities. But that secures only one layer of containerized infrastructure. To run containers securely and in a compliant way, enterprises also need to address security challenges at other levels, especially the following:
Registries are the public or private platforms that host container images. They ...