The Doppler Quarterly Fall 2017 - Page 40

Service Models Cloud Stack Stack Components Who is Responsible User Application Stack Authorization User Interface Transactions Reports Dashboard PaaS Application Authentication Administration Infrastructure Vendor supplies: • Application Stack Security • Infrastructure Security Figure 2: Shared responsibility model for PaaS In the financial services industry, it’s common to have over 200 controls that must be baked into the infrastructure. This often includes integration of 10 or more vendor solutions like firewalls, centralized logging tools, various moni- toring tools, Active Directory and more. All of this initial setup work for IaaS starts to look and feel very similar to data center work, minus the procurement process. Things like patch management, key and secrets management, third party tool life-cycle management and other processes consume large amounts of time. As important as this work is, it can significantly impact productivity, thus reducing agility. Enter Containers Containers promised to abstract away a lot of the IT plumbing and configura- tion management in order to enable developers to be more productive. What used to take 100s of lines of code in Chef or Puppet can now be reduced to a few lines of code in a Docker Image file. In addition, the painful patching pro- cess gets reduced to the updating of the image file and re-deploying the con- tainers. At first glance, containers look super simple to build and manage, but at scale in a heterogenous environment, containers start to look more like a science project. There is an incredible amount of complexity when building out containers at scale. Integrating with various network, database, and storage 38 | THE DOPPLER | FALL 2017 Registration Login You do this: