Security always seems to be an afterthought. In the wake of the dramatic rise of container technologies companies are now looking more closely at the security concerns posed by the containers and looking for solutions to address the security issues. VMware recently unveiled vSphere Integrated Containers to provide customers with a more secure, more manageable way to implement containers.
At VMworld 2015, VMware announced vSphere Integrated Containers and the VMware Photon Platform to extend its presence for containers and microservices. The new technologies position VMware as a major player for containers and give existing VMware customers an easier path to adopt and manage a microservices environment.
The VMworld news expands on the Project Bonneville announcement VMware made a few months ago at Dockercon. Project Bonneville addresses the security concerns of containers by combining virtualization and containerization so that each container is actually a separate, discrete system. As Ben Corrie, principal investigator on Project Bonneville for VMware, stated in a blog post about the news, “The pure approach Bonneville takes is that the container is a VM, and the VM is a container.”
At face value that makes sense. Microsoft and others have followed a similar approach to resolve security concerns with container technologies. The new VMware initiatives take the containers to another level by addressing issues with the efficiency and management resulting from running containers as separate virtual machines.
In a blog post detailing the technology behind vSphere Integrated Containers, VMware’s Eric Gray explains, “vSphere Integrated Containers (VIC) combines the agility and application portability of Docker Linux containers with the industry-leading virtual infrastructure platform, offering hardware isolation advantages along with improved manageability. VIC consists of several different components for managing, executing, and monitoring containers.”
VMware recognizes that launching a separate virtual machine for each container or microservice can be tedious and resource-intensive. It points out, however, that the Instant Clone technology introduced in vSphere 6 addresses this challenge by running a generic base VM that can be quickly clone or forked for use with vSphere Integrated Containers. “This technique provides a thin copy and avoids duplication of memory for common elements while still preventing containers from inadvertently communicating with their neighbors.”
See the full post on ContainerJournal: A closer look at VMware’s vSphere Integrated Containers.
- Malcom Harkins Talks about Ethical and Legal Obligations of the CISO - October 20, 2022
- Maggie MacAlpine Chats about Collaborative Threat Intel Initiative - October 14, 2022
- Intel Outlines Focus on Innovative Security Technologies - October 8, 2022