Long-time Pivotal Cloud Foundry (PCF) customers know that the platform supports Docker images. You can push your image with a single cli command:
$ cf push my-app --docker-image
What if you want to run Docker images in a multitenant environment, with pay-as-you-go flexibility? Use Pivotal Web Services! The service now supports Docker images, just like PCF has for years.
Why Push Docker Images to Pivotal Web Services? Because the Platform Gives You So Many Benefits.
Pivotal Web Services (PWS) is a public version of Pivotal Cloud Foundry. When you push your code - and now, when you push a Docker image - the platform does so much for you, including:
Load balancing and DNS
Application performance monitoring
Logging and auditing
Starting your application in a healthy state with the desired number of instances
Scaling is a breeze; it’s as simple as
cf scale. And you gain automated app recovery with four built-in 4 layers of high availability. This quick video shows how easy it is to get your Docker images running on PWS:
PWS: A Secure Place to Run Your Docker Images
Developers and IT ops teams love Docker. It simplifies common workflows, and solves the “works on my machine” issue elegantly. But for IT security teams, it’s a different story. Why? With hand-built containers, the individual developer must manage dependencies and ensure everything stays patched and secure. That’s a tough sell at scale, no matter how vigilant your software engineers claim to be.
Here’s the good news: Pivotal has built our software with security-conscious developers and InfoSec teams in mind. We’ve been at the forefront of container security since Cloud Foundry’s inception in 2011. Our engineers brought features like AppArmor, Seccomp, and unprivileged containers to Cloud Foundry.
The underlying container tech has matured to the point where you can now run Docker images in a multitenant environment like PWS. Of course, you should still follow best practices for patching! Using a trusted registry would help too, PWS supports this option.
The next frontier for container security tech in Cloud Foundry is rootless containers. Our own Ed King wrote up a brilliant summary of this effort. And check out his talk at Kubecon on the same topic:
You’re Going to Have Platform-Built Containers and Developer-Built Containers. That’s Why Pivotal Supports Both.
Startups and enterprises alike are writing more software than ever. That software is often going to be best packaged with platform-built containers. This workflow is the classic Cloud Foundry buildpack model. Push your code, and the platform will build your container for you. This option suits high-velocity development teams well. (It also helps InfoSec teams sleep easier at night. It’s easy to audit the apps running on the platform, and it’s far easier to quickly patch software when a CVE is uncovered.)
You’re going to have plenty of developer-built containers as well. Use Kubernetes and Pivotal Container Service for these workloads. Docker image support in PCF and PWS are worth a look too.
Either way, you need a secure, highly automated way to run all your apps and containers at scale. And that’s exactly what Pivotal gives you.
Ready to give Docker a try on PWS? Sign-up for a free trial now.
Containers will be a hot topic at the cloud event of the year: SpringOne Platform Sept 24-27 in Washington, DC. Register now!
About the AuthorFollow on Twitter Follow on Linkedin More Content by Jared Ruckle