Blog post

Container Networking 101

By Andrew Lerner | March 29, 2016 | 1 Comment

Containers are super-hot these days. In mainstream enterprise, many infrastructure teams are starting to look at supporting them officially (side note: the developers in those same enterprise have probably been using them unofficially for a year). This creates new operational and technological challenges for the networking team in the data center. Further, the vendor/technology landscape associated with container networking is dynamic and fragmented (Flannel, Weave, Docker, Contiv, Calico, Photon, OVN, just to name a few).

On one hand, you can think of containers as just another (potential) MAC address/IP address on the network – no big deal. On the other hand, the operational changes required to support containers in production are pretty substantial. As we describe in newly published research:

Container deployments are typically driven by application and architecture teams that desire infrastructure invisibility — they want to develop without having to understand the constraints of the physical infrastructure underneath. These teams want their application to work the same way throughout the development stages. Containers, by default, can be run on a laptop and require no changes to the underlying network.

So, the network just doesn’t matter in a world of containers, right? Wrong…and you don’t want to end up like this (image via https://www.pinterest.com/marineinsight/maritime-disasters/).

containerMess

Further, to dispel some of the early container networking misconceptions, containers do not require SDN (perhaps it is time to update the 7 SDN Misconceptions). That said, the time to start preparing is now and we just published research on the topic:

Take (Limited) Action to Prepare Your Data Center Network for Containershttp://www.gartner.com/document/3268217

Summary: The hype surrounding Docker has led many enterprises to look at container technologies within their data centers. To date, the hype far outweighs production deployments, but it’s time for network architects to prepare for the unique challenges brought on by containers.

In the research, we introduce containers to the network team, including the why (and when) they matter, and describe the key operational and technological differences (i.e., portability, lifecycle/permanence, scale and automation to name a few) they present to network teams. We go on to describe specific actions to take (and not to take), and when. For example, here are just two of many recommendations from the research.

  • Create isolated nonproduction network segments in the data center network, so that application and development teams can extend containers beyond their workstations.
  • Eliminate manual network provisioning in containerized environments.

Fun Times in Vendorland

We also dive into the current and (anticipated) future vendor landscape around container networking. Right now, it is extremely dynamic and vendors are cranking up the vendorspeak, while touting their highly differentiated architecture to solve container challenges. Not to mention that basic things like network mgmt/visibility are essentially non-existent in the space right now. Fun times ahead.

Regards, Andrew

Leave a Comment

1 Comment

  • Eric Goodness says:

    Good stuff Andrew!