I love new technologies. I also loath the impact they have on IT programs.
Software Containers are great - I believe they will become standard way to deploy software and applications, just as virtual machines became the standard way to deploy computing in organizations.
But, not all is well in the world of Containers.
Operationally, IT loves them. I won't go into their benefits, but they are a really great way to deploy applications.
But, if I put my IT Asset Management hat on, they quickly turn into a nightmare. As an IT Asset Manager, I need to know what software is installed on what computer. Millions of dollars could be at risk here. But, when IT deploys software in Containers, standard inventory tools cannot tell me what software is in those Containers. This can create financial exposure from license compliance and create security risk if the software has vulnerabilities.
When I first heard about Containers, I was at Oracle Open World and Java conferences (I believe it was in 2017). I asked one of the architects of Docker Containers about collecting inventory of software in a Container (unfortunately I do not recall his name). His eyes glazed over and he started thinking about why I would ask such a question... I explained how deploying, let's say, Oracle DB in a container can quickly cause millions of dollars in potential license compliance fees. Once he understood the problem, he gave me a technical explanation - if I provide a local connection from host OS to the Container (not necessarily they way this is typically done), then I can use Linux commands to get list of files in the Container.
Needless to say, I wasn't thrilled with that answer.
IT Asset Managers continue to struggle with collection of inventory from Containers even today (late 2020). IT Asset Management tools are slowly starting to provide some capabilities in this space, but examples are still few and far between.
So, if you are an IT Asset Manager, go talk to your internal development teams, software distribution teams (some commercial vendors are beginning to ship their software in Containers), so you can start to at least manually track software deployed using Containers.
And, reach out to your inventory tool vendors - push them to provide solutions, before you are faced with large compliance fees because the person managing OpenShift or Kubernetes (or whatever Container Orchestration tool your organization has) decided to deploy Oracle DB, or IBM DB2 or some other application to hundreds of devices in your datacenter.
Software Containers are great - I believe they will become standard way to deploy software and applications, just as virtual machines became the standard way to deploy computing in organizations.
But, not all is well in the world of Containers.
Operationally, IT loves them. I won't go into their benefits, but they are a really great way to deploy applications.
But, if I put my IT Asset Management hat on, they quickly turn into a nightmare. As an IT Asset Manager, I need to know what software is installed on what computer. Millions of dollars could be at risk here. But, when IT deploys software in Containers, standard inventory tools cannot tell me what software is in those Containers. This can create financial exposure from license compliance and create security risk if the software has vulnerabilities.
When I first heard about Containers, I was at Oracle Open World and Java conferences (I believe it was in 2017). I asked one of the architects of Docker Containers about collecting inventory of software in a Container (unfortunately I do not recall his name). His eyes glazed over and he started thinking about why I would ask such a question... I explained how deploying, let's say, Oracle DB in a container can quickly cause millions of dollars in potential license compliance fees. Once he understood the problem, he gave me a technical explanation - if I provide a local connection from host OS to the Container (not necessarily they way this is typically done), then I can use Linux commands to get list of files in the Container.
Needless to say, I wasn't thrilled with that answer.
IT Asset Managers continue to struggle with collection of inventory from Containers even today (late 2020). IT Asset Management tools are slowly starting to provide some capabilities in this space, but examples are still few and far between.
So, if you are an IT Asset Manager, go talk to your internal development teams, software distribution teams (some commercial vendors are beginning to ship their software in Containers), so you can start to at least manually track software deployed using Containers.
And, reach out to your inventory tool vendors - push them to provide solutions, before you are faced with large compliance fees because the person managing OpenShift or Kubernetes (or whatever Container Orchestration tool your organization has) decided to deploy Oracle DB, or IBM DB2 or some other application to hundreds of devices in your datacenter.
RSS Feed