{"id":404061,"date":"2022-02-07T17:04:10","date_gmt":"2022-02-07T14:04:10","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/cases-where-containers-dont-help-cloudsavvy-it\/"},"modified":"2022-02-07T17:04:10","modified_gmt":"2022-02-07T14:04:10","slug":"cases-where-containers-dont-help-cloudsavvy-it","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/","title":{"rendered":"#Cases Where Containers Don\u2019t Help \u2013 CloudSavvy IT"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a29023126bda\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a29023126bda\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/#When_Performance_Is_Critical\" >When Performance Is Critical<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/#Lots_of_Persistent_Data\" >Lots of Persistent Data<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/#Security_Is_Top_Priority\" >Security Is Top Priority<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/#Your_Codebase_Is_a_Monolith\" >Your Codebase Is a Monolith<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/#Youre_Trying_to_Cut_Complexity\" >You\u2019re Trying to Cut Complexity<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/#Youre_Not_Sure_Why_Youre_Containerizing\" >You\u2019re Not Sure Why You\u2019re Containerizing<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/buradabiliyorum.com\/en\/cases-where-containers-dont-help-cloudsavvy-it\/#Conclusion\" >Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#Cases Where Containers Don\u2019t Help \u2013 CloudSavvy IT&#8221;<\/strong><\/p>\n<div id=\"article-content-area\">\n<img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage aligncenter size-full wp-image-9034\" data-pagespeed-lazy-srcset=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/01\/6dc7b5a0.jpeg?width=398&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 400w, https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/01\/6dc7b5a0.jpeg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 1200w\" sizes=\"auto, 400w, 1200w\" data-pagespeed-lazy-src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/01\/6dc7b5a0.jpeg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"\" width=\"1602\" height=\"902\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>Docker\u2019s undoubtedly one of the most impactful developer technologies of the last decade. Containers have provided a solution for isolating <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>lications, scaling them across physical machines, and abstracting the differences between environments.<\/p>\n<p>Many organizations that adopt Docker or an adjacent containerization <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> find it increases efficiency and accelerates the development process. Docker\u2019s not something that magically improves every system though. In this article, we\u2019ll look at some scenarios where moving to containers might be more of a hindrance than a help.<\/p>\n<h2 id=\"performance-is-critical\"><span class=\"ez-toc-section\" id=\"When_Performance_Is_Critical\"><\/span>When Performance Is Critical<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Docker may not be the best choice for systems where performance is critical. The nature of containerization creates overheads that don\u2019t exist when software\u2019s installed directly onto a host machine.<\/p>\n<p>Of course Docker can also help improve performance, particularly by making it easier to horizontally scale your application. It\u2019s therefore important that this judgement is made in the context of your system\u2019s requirements and its interactions with the underlying operating system.<\/p>\n<p>Docker will use far fewer resources than a VM but it\u2019s still another process that must run on the host. In resource-constrained environments, you could find that container processes or the Docker daemon itself are targeted by the OS out-of-memory killer, causing cascading failures as pieces of your application are evicted.<\/p>\n<h2 id=\"lots-of-persistent-data\"><span class=\"ez-toc-section\" id=\"Lots_of_Persistent_Data\"><\/span>Lots of Persistent Data<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Docker containers are designed to be ephemeral by default. Persistent data is supported through the use of volumes. These are mounted into containers to store data elsewhere on the host.<\/p>\n<p>The performance of volume storage varies depending on the selected driver and the host environment. Even in the best case scenario, there\u2019s an extra overhead compared with directly interacting with the host\u2019s filesystem. This can be significant in cases where there\u2019s a high volume of file reads or writes.<\/p>\n<p>The data stored within volumes can be tricky to manage and maintain. You need to use Docker commands to interact with your volumes. Data inspections are best performed by getting a shell to the container and enumerating the volume\u2019s content from within.<\/p>\n<p>Docker requires you to think about storage and choose your own persistence strategy. This is a departure from VMs and OS package installation where you can safely store data in any directory without worrying about how you\u2019ll manage it later on.<\/p>\n<p>Docker makes the most sense when you\u2019re building long-lived services that have dependencies you don\u2019t want to install in each environment. A common example could be a PHP web application running behind an NGINX web server: there are multiple components including a background server that you want to start from a single command.<\/p>\n<p>Docker adds less value when you\u2019re creating tools for local use such as desktop programs and mobile apps. This kind of software development tends to produce artifacts that either can\u2019t be run in containers or won\u2019t be commonly containerized by users.<\/p>\n<p>You could still benefit from Docker in these situations by using it to package the <em>toolchain<\/em>, rather than the final output. As an example, you can create a Docker image that includes Java and the Android Platform Tools to save new developers from having to add these packages to their machines.<\/p>\n<p>However this tends to end up adding more complexity in disciplines which are driven by IDEs like Android Studio, Visual Studio, and Xcode. Developers are used to installing the IDE and letting it configure their environment. Hence Docker tends to add less value to compiled language workflows than for interpreted languages where the correct interpreter version can be baked into an image.<\/p>\n<h2 id=\"security-is-top-priority\"><span class=\"ez-toc-section\" id=\"Security_Is_Top_Priority\"><\/span>Security Is Top Priority<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Docker <em>can<\/em> increase your stack\u2019s security but it takes work to properly harden your installation. A mistake that\u2019s made too often is to assume Docker\u2019s secured out-of-the-box. To put it bluntly: it isn\u2019t.<\/p>\n<p>We\u2019re not saying the mere presence of Docker is a security risk, as that\u2019s not the case either. Nonetheless it\u2019s important to recognize that Docker carries unique risks and they\u2019ll vary depending on your use of the technology. Just like any other software component, you need to take the time to understand those risks, how they affect your compliance with the security standards that matter to you, and what you should do to address them.<\/p>\n<p>It\u2019s too easy to hear the \u201cisolated applications\u201d pitch and assume that extends to sandbox-level security. In reality a standard Docker installation runs container processes as <code>root<\/code> and a container breakout could compromise your host.<\/p>\n<p>Docker security is a multi-faceted topic that requires you consider the host environment, the Docker daemon, and how you build and maintain your images. Developers have a role to play too by minimizing risky operations in code that runs within containers.<\/p>\n<p>All this means that Docker may not be a great option for security-critical settings. Although Docker can provide security protections, you need to have skilled team members and a security-conscious mindset to ensure you\u2019re addressing the new problems it introduces.<\/p>\n<h2 id=\"your-codebase-is-a-monolith\"><span class=\"ez-toc-section\" id=\"Your_Codebase_Is_a_Monolith\"><\/span>Your Codebase Is a Monolith<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>You\u2019ve probably read that containers go hand-in-hand with microservices. This mentality describes the process of carving your system into independent components that can be readily containerized. Once you\u2019ve split your services up, they can be scaled individually and you can replace pieces without affecting the others.<\/p>\n<p>When your app\u2019s a monolith, you won\u2019t be able to see these benefits. But containerizing a monolithic system as-is can be the wrong approach. A large legacy application tends to acquire reams of dependencies and a long build process that can quickly inflate your Docker image. This results in frustrating wait times during image builds as well as excess storage and bandwidth costs.<\/p>\n<p>As usual there\u2019s two sides to this coin though: containerizing a monolith is often the first step towards modernizing your stack and breaking it into smaller services. It\u2019s the point at which you split the codebase from the environment it\u2019s become tied to.<\/p>\n<p>Yet if you\u2019re containerizing with no intention of continuing the refactoring in the future, it might be best to reconsider your motivations. Large container images that include multiple functional components are a good indicator that you\u2019re not meeting container best practices. Over time you may find the approach actually holds you back and becomes part of the problem.<\/p>\n<h2 id=\"youre-trying-to-cut-complexity\"><span class=\"ez-toc-section\" id=\"Youre_Trying_to_Cut_Complexity\"><\/span>You\u2019re Trying to Cut Complexity<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Trying to cut complexity? Thinking that containerizing will bring a new simplicity to development and deployment? Once again it\u2019s an \u201cit depends\u201d moment but we\u2019d caution against jumping on the Docker bandwagon with simplicity as your main motivation.<\/p>\n<p>Docker requires a mindset shift and familiarization with new tools and concepts. Will your developers be comfortable with it and how will it impact your hiring processes? These are questions which can be easily overlooked but should be considered early on.<\/p>\n<p>Although Docker removes many forms of complexity, it tends to resurface in different forms. You\u2019ll need to write, document, maintain, and build your Docker images, either locally on developer machines or as part of a CI pipeline. Developers will need to learn the Docker CLI, the fundamentals of what containers are, and the potential issues to be aware of when preparing applications for containerization.<\/p>\n<p>If you\u2019re planning to run containers in production, you\u2019ll have further considerations too. How is network traffic going to be routed to the containers? How will the system respond if a container stops unexpectedly?<\/p>\n<p>Proponents of the \u201cDocker is simple\u201d mentality tend to focus narrowly on the ease with which you can naively start instances of images you already have. It\u2019s true that if you want a new MySQL database on your laptop it\u2019s just a <code>docker run -d mysql:8<\/code> away. Yet there\u2019s much more to learn if you\u2019re to successfully use Docker to build and run your own software while meeting best practices and avoiding common pitfalls.<\/p>\n<h2 id=\"youre-not-sure-why-youre-containerizing\"><span class=\"ez-toc-section\" id=\"Youre_Not_Sure_Why_Youre_Containerizing\"><\/span>You\u2019re Not Sure Why You\u2019re Containerizing<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Containers are everywhere; you can\u2019t read more than a few articles about software development without coming across them, and supporters are vocal and enthusiastic. This popular appeal can create pressure to adopt as Docker\u2019s a \u201cmodern\u201d tool that others have found useful.<\/p>\n<p>This isn\u2019t a good reason to containerize. You need a more concrete goal, such as \u201cdevelopers should be able to precisely replicate production locally\u201d or \u201cwe need to be able to horizontally scale replicas of our services.\u201d If you\u2019re not feeling a precise use case for Docker, and you\u2019re satisfied with your current workflow, the best option could be to stick with what works. A boring choice it may seem but Docker is no impeccable transforming force and successful adoption isn\u2019t guaranteed.<\/p>\n<p>Adding Docker to your processes can require significant upfront investment. You might have to refactor your codebase, write and test your Dockerfiles, give developers time to learn, and complete a security assessment. When the resulting benefits are unclear \u2013 and you\u2019ve not identified what success will look like \u2013 the effort could be a burden that detracts from productive work on your system.<\/p>\n<h2 id=\"conclusion\"><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span>Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Docker\u2019s a deservedly popular technology: for many teams and developers, it offers an ideal balance of ease of use, flexibility, and performance that allows it to simplify real-world development processes. Docker\u2019s not magic though: there are cases where it can\u2019t work and many others where it won\u2019t work, depending on your existing technologies, processes, and mindset.<\/p>\n<p>Even if Docker\u2019s not a great fit for your projects today, you may still be able to glean some benefits by adopting it incrementally. Identify what the challenges in your processes are, then assess if Docker can help in those specific areas. As an example, if developers are spending too much time spinning up staging instances of your API, Dockerizing that part of your stack could resolve the bottleneck even if you\u2019re not able to run containers in production.<\/p>\n<p>The whole point of containers is being able to package parts of your app as isolated components that operate independently. This doesn\u2019t automatically mean you need to package <em>every<\/em> component as a container. Stay objective, look for opportunities to containerize where it makes sense, but be prepared to recognize situations where Docker doesn\u2019t add value to your existing workflow.\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.cloudsavvyit.com\/15446\/when-not-to-use-docker-cases-where-containers-dont-help\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#Cases Where Containers Don\u2019t Help \u2013 CloudSavvy IT&#8221; Docker\u2019s undoubtedly one of the most impactful developer technologies of the last decade. Containers have provided a solution for isolating applications, scaling them across physical machines, and abstracting the differences between environments. Many organizations that adopt Docker or an adjacent containerization technology find it increases efficiency and&#8230;<\/p>\n","protected":false},"author":1,"featured_media":404062,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/01\/6dc7b5a0.jpeg","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-404061","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/404061","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=404061"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/404061\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/404062"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=404061"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=404061"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=404061"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}