As IT organizations employ Docker containers to drive hybrid cloud computing deployments, there’s an increased need for monitoring tools that can track how containers are being employed both in the cloud and on-premises. To enable IT organizations to achieve that goal, Anchore has made available an edition of its software-as-a-service (SaaS) monitoring tools that can invoke Anchore Engine, an open-source edition of its software that can be deployed in an on-premises IT environment.
Anchore CEO Saïd Ziouani says that while most container applications are deployed in the cloud today, it’s now only a matter of time before a substantial number of containerized applications also get deployed on-premises. In fact, many legacy applications are being lifted into containers to make them more accessible to developers. Sometimes those applications are then shifted into a public cloud. But just as often they remain where they are because of performance concerns and compliance requirements, says Ziouani.
Anchore Cloud 2.0 also provides tighter integration with Kubernetes container orchestration software, which rapidly is becoming a de facto standard both in the cloud and on-premises. Ziouani says over time most of the hybrid instances of container applications will be built on distributed instances of Kubernetes. To facilitate the management of those deployments, Anchore has added a a graphical policy editor to allow creation and management of custom policies.
Other new capabilities in Anchore Cloud 2.0 include deep inspection of operating system packages and software libraries being employed by container images; email notifications for image updates, policy evaluations and security vulnerabilities; a search interface that supports historic tag and image data as well as access to both private and public images on Dockerhub and Amazon EC2 Container Registry.
Ziouani says capabilities have become increasingly critical because right now most organizations have no real way of knowing when a container was last updated—or, for that matter, what’s in it or the dependencies that might exist. That issue becomes increasingly problematic as more container images get continuously updated over the life cycle of an application, says Ziouani.
Finally, there’s a continuous integration/continuous delivery (CI/CD) plug-in for integrating the on-premises edition of Anchore Engine with local instances of third-party CI/CD software.
There’s clearly a fierce battle underway between a posse of startups that have focused on monitoring containers as means to usurp incumbent providers of tools used to monitor legacy applications. Most of the startups are betting that developers who increasingly are tasked with managing applications end to end will prefer monitoring tools designed from the ground up to support containers. However, IT operations teams have shown some reluctance in the past to apply monitoring at scale, given the costs.
Monitoring is typically reserved for what are perceived as the most mission-critical of applications. It’s too early to say whether that trend will change as developers become more responsible for maintaining the application environment. But it’s clear most developers will push back against being held accountable for those environments if they don’t have the appropriate tools.