Docker containers reduce some of the risks of application deployment. But they also add new ones.
Assessing the extent to which Docker can reduce your application’s net risk is a key step in determining whether Docker is right for you. Here’s how to do that.
What are Application Deployment Risks?
The risks associated with application deployment break down into two distinct categories:
- Risks that can cause your application deployment to fail entirely. In other words, the application (or an update to the application) never reaches production.
- Risks that can make the work of managing, administering and updating the application more challenging.
All types of risk are bad, of course. The goal of DevOps engineers is to reduce risks.
How Docker Helps Reduce Risk
In several respects, Docker can help to reduce risks:
- Docker increases environment parity and reduces the number of environment variables you have to worry about when deploying the same application to different types of operating systems or host infrastructure. Fewer variables mean fewer chances for something to go wrong with deployment.
- Docker improves the effectiveness of software tests. Your application can be tested in the same environment (a Docker container) in which it will run in production.
- Containers make it easier to deliver application updates. You can simply push out a new container image, which allows for a clean, reliable update process.
- By making updates easier, as well as providing a greater level of application isolation than you’d have if you ran multiple applications on the same server without containers or virtual machines, Docker adds security.
These are all key benefits associated with using Docker.
Docker Container Risks
At the same time that Docker helps to reduce some forms of risk, it also creates new ones:
- With containers, you have more moving parts to manage, as compared to an application deployed using a virtual machine. You have to worry about communication between different containers. You have to figure out how to connect containers to external data sources, if you want to run stateful applications. These are all areas where something can go wrong.
- Deploying containers at scale requires using an orchestrator, such as Kubernetes. This dependency creates another chance for something to go wrong.
- Compared to the world of traditional virtualization, the container ecosystem remains young and somewhat immature. Using Docker means depending to a large extent on community-developed code, along with tools from vendors that may or may not be around in five years. Thus, there is some Docker risk from an ecosystem perspective.
To sum up, Docker helps reduce specific risks associated with the way applications are tested and deployed into production. When it comes to managing containers, however, there is more to worry about, and more that can go wrong. In addition, if you deploy production applications using Docker, you will probably end up depending on third-party tools that are at somewhat of a risk of disappearing or no longer being supported.
So, deciding whether to use Docker means evaluating which types of risk you are more able to accept. If you don’t like management risks, Docker might not be right for you. But if you want to minimize the risks of pushing code down the pipeline into production, Docker is a great solution.