At Excelian, we have been building an internal PAAS called ‘Blueprint’. This sits on top of Docker and container-related technologies. We have been migrating from a VM setup to running applications solely within containers, and as a result have improved utilisation of existing hardware.
While it traditionally takes years for software innovation to reach the enterprise level, Docker follows a different path. Analysts expect that Docker will be the norm in enterprises by 2016, less than two years after its 1.0 release. However, there is still an issue of managing access to microservices. They still require system expertise and extensive networking knowledge to build.
Docker’s Network Challenge
A simple basic Docker installation exists on an isolated network and external access to the containers is disabled by default. Users can only access services through proxies which translate and redirect external service requests to an internal service running in a container. A boundary is defined between services and its consumers and this particular set up covers a common use case where a clear boundary between users and services needs to exist.
The problem however arises with data intensive applications like Cassandra, which broadcast internal details of their topology to client applications. Providing access to these services is a networking problem that requires network engineers and systems administrators to get right.
A typical change is illustrated below:
Image 1. Provide Access to Service XYZ
Any changes to network topology to effect access to microservices requires access to vendor-specific devices and protocols. It is not agile and is expensive to change, requiring engineering expertise at the system and network level.
Software Defined Networks
A Software Defined Network (SND) is an emerging cloud technology that provides dynamic networking infrastructure through programmatic an application programming interfaces (APIs). This family of software-based network tools provides overlay networks and virtual routing functionality. In the context of Docker and microservices, network access to a Docker service can be configured at deployment time. Within Blueprint we have experimented with a few SDN solutions. For example, how Project Calicos approaches dynamic network configuration.
Image 2. Provide access for Team A
This means that with just a few commands application can be packaged, deployed and have its network access profile created. The changes can typically happen in just a few seconds.
Docker have popularized software containers as basic computational units for application deployment, primarily through its ability to implement microservices across distributed architectures. By solving Docker’s networking challenge, Software Defined Networking provides a path to build networks enabling hybrid cloud environments.
SDNs promise to make networking resources less dependent on physical infrastructure and bring us closer to having cloud-like infrastructure management on premises, and with such programmable infrastructure comes greater control and reduced costs.
We believe that as these networks begin to mature and the increasing using of network configuration (based on APIs), we will see an acceleration in adoption of and greater reliance on hybrid cloud in the financial sector.