As application containers move steadily to production, vendors are stressing the ability to securely transfer workloads across multiple clouds while at the same time managing both cloud-native and legacy applications.
That pitch in addition to expanded integration features with leading public cloud container services is being made this week by container management platform specialist Apcera Inc. Following up on a hybrid cloud operating system unveiled last year, the San Francisco-based company rolled out the latest in a growing list of container management platforms that stresses workload portability across on-premise, cloud and hybrid operations.
The company also unveiled a new networking approach designed to enforce security policies as application containers transporting cloud-native and older applications move across different infrastructure.
Apcera said Tuesday (Nov. 1) its policy-based platform—meaning workloads run only where intended using specified storage and computing resources—helps ease deployment of cloud-native and micro-services applications while bringing legacy applications along for the ride.
As container infrastructure moves to the cloud to enable more cloud-native applications, the company also announced it is integrating more closely with the Amazon Web Services (NASDAQ: AMZN) EC2 container service along with Microsoft (NASDAQ: MSFT) Azure and Google (NASDAQ: GOOGL) Computer Engine. The integrations are designed to ease the movement of container-based workloads across cloud and other infrastructure.
While cloud-native workloads are transported relatively easily in containers, Apcera claims its approach addresses the need to scale legacy applications running on hybrid infrastructure. Hence, the company claimed its container management platform provides a container workflow and engine along with orchestration and scheduling while also allocating storage and networking resources.
Up to now, there has been little discussion of the networking requirements for applications containers as they move across multiple clouds and other infrastructure. Apcera, which initially focused on securing deployment of container workloads in production to bridge the gap between development and production, said its new platform includes "network nano-segmentation." The networking approach applies security polices governing where containers can run and what resources they can use as they move across on-premise and cloud infrastructure.
"Policy-based firewalls remain at the container-level," the company added in a release.
Further, the nano-segmentation approach enforces application security using a software-defined network (SDN) designed to manage communication links across multiple clouds. That feature is gaining importance as more enterprises look to implement multi-cloud strategies.
Indeed, networking specialists have recently introduced SDN approaches for container orchestration engines that are making their way into production. For example, San Francisco-based network virtualization specialist Midokura released the latest version of its "MidoNet" in August that allows container orchestration engines such as the Google-backed Kubernetes and Docker Swarm to operate on its SDN platform.
While Midokura's container network targets OpenStack deployments, companies such as Apcera are targeting the growing number of enterprises seeking to "modernize legacy applications as well as to run Docker securely and at scale," Mark Thiele, Apcera's chief strategy officer, noted in a statement. Read Full Article (enterprisetech.com)