Container Training: How to Teach IT Teams About Containers

As containers become more critical to modern software deployments, training IT engineers to work with container technologies is also growing in importance. That begs the question: How should you go about educating someone about containers?

Keep reading for tips …

Container Training 101: Focus on Concepts, Not Tools

When it comes to educating IT professionals about containers, perhaps the most important guidance to follow is to focus on teaching concepts, not tools.

That’s because the tools that IT teams use to work with containers change constantly. Utilities such as the Docker CLI evolve. Container runtimes rise and fall in popularity. Cloud-based container services come and go.

So, while it’s important for engineers to learn to use whichever specific tools they need to work with containers in a given context, the primary goal of container training should be to communicate the core concepts of containerization, rather than teaching the mechanics of particular tools.

Toward that end, here are the main concepts that container training should cover:

Process Isolation

The core distinguishing feature between containers and alternative types of application deployment architectures (such as virtual machines) is that containers isolate processes inside software-defined environments. No matter which particular container runtime you use, understanding the idea of process isolation, and why it matters, is critical.

Unless you are going to develop a container runtime, you probably don’t need to know how process isolation actually works at a low level. But you should understand it conceptually.

Container Data Storage

Someone who hasn’t worked with containers previously is likely to be surprised by the unique challenges posed by data storage for containers. Unlike virtual machines or physical servers, containers can’t store data persistently inside themselves; they require more complex data storage solutions.

The specific tools used for container data storage will vary, but teaching IT professionals why containers require a special approach to data storage, and providing an overview of the storage solutions and strategies available, should be a core part of any container training initiative.

Container Networking

Like storage, networking is a special beast when it comes to containers. Container training should include an overview of the concepts of overlay networking, service discovery and load balancing. All of these concepts are critical to setting up and managing networking for containers.

Container Management and Orchestration

In some ways, monitoring, managing and orchestrating containers is not fundamentally different from doing the same things for other types of technologies. All modern applications require some kind of systematic monitoring and management strategy, and most applications deployed at scale require orchestration tools.

Thus, these concepts should already be familiar to most IT professionals. But explaining how they apply to containers is an important part of container education. So are the unique challenges posed by containers with regard to monitoring (which is much more complex in fast-moving containerized environments) and orchestration (which requires a level of automation that  typically is not necessary when working with other types of technology).

Security Concepts: Isolation and Access Control

Container security is a discipline unto itself. Training in container technology in general can only touch on the basics of security. But at a minimum, such training should emphasize the importance of two key security concepts in a containerized environment: Isolation between containers and resources, and strict access control for containers to various resources. No matter which specific tools you use to secure containers (OS-level frameworks, security policies within your orchestrator or something else), it’s always a best practice to isolate containers as much as possible, as well as to restrict access controls to the minimum necessary.

Conclusion

Container management tools and frameworks will come and go. But the core concepts and best practices regarding container design, deployment and management will stay the same. Container education should focus on those concepts first and foremost. Teaching about container tools is good and well, too, but unless engineers understand the why of using a tool, rather than just the how, they’ll never excel in working with containers.

Christopher Tozzi

Christopher Tozzi has covered technology and business news for nearly a decade, specializing in open source, containers, big data, networking and security. He is currently Senior Editor and DevOps Analyst with Fixate.io and Sweetcode.io.

Christopher Tozzi has 254 posts and counting. See all posts by Christopher Tozzi