Container Drawbacks: When Not to Use Docker

Containers from Docker and other vendors are trending pretty spectacularly right now. But they’re not a perfect solution for every type of infrastructure challenge. Like any other technology, they have their drawbacks. Here’s a look at times when you should not use containers.

Like “the cloud” before them, containers might seem to be the perfect answer to all of your life’s problems. But also like the cloud, containers come with some pitfalls and rough edges.

So, in the midst of the excitement following this month’s DockerCon, it’s worth reminding ourselves of the following situations, in which containers are not a good infrastructure solution:

  • You don’t have container expertise in-house. Containers are not a new technology, but it’s only recently that they have gone mainstream (unless you count Solaris containers, I guess, but those are not the same thing as Docker). Few admins learned containers in training, and container certifications are still rare (although Red Hat offers one program). As a result, not all teams are prepared to deploy and manage containerized infrastructure. If yours is not, you should skip containers until you have admins who are ready for them, or go with a container-as-a-service (CaaS) solution to outsource most of the management.
  • You need ultra-high security. Yes, containers are much more secure than they used to be, thanks to initiatives such as Docker Security Scanning and CoreOS Clair. But those tools only secure part of the container infrastructure—specifically, container registries—and they’re still not perfect. If you have very high security or data privacy compliance needs, containers probably are not yet a good idea.
  • You use Windows. It’s true: Docker now runs on Windows—but only with the huge caveat that it requires a virtualized Linux environment to do it. That makes a Windows infrastructure a poor choice for running containers. Things will change as adoption of Windows Server 2016, which supports containers natively, takes off. But new Windows Server releases tend to take a while to trickle down to production.
  • You need traditional virtualization. Being able to take an app and containerize it is cool, and it makes deployments portable and scalable. But sometimes there’s just no substitute for good-old VMware (or KVM, or Hyper-V, or whichever traditional hypervisor floats your boat). Networking and persistent storage are trickier on containers than they are within full virtual machines, for instance.

Some of these drawbacks will be addressed as containers continue to mature. Others reflect fundamental limitations of container architecture. Either way, they constrain the viability of containers as they exist today, and they’re reminders that what is popular is not always right.

Christopher Tozzi

Christopher Tozzi has covered technology and business news for nearly a decade, specializing in open source, containers, big data, networking and security. He is currently Senior Editor and DevOps Analyst with Fixate.io and Sweetcode.io.

Christopher Tozzi has 254 posts and counting. See all posts by Christopher Tozzi