Service Models
Cloud Stack
Stack Components
Who is
Responsible
User
Application
Stack
Authorization
User Interface Transactions
Reports Dashboard
PaaS
Application
Authentication
Administration
Infrastructure
Vendor supplies:
• Application Stack Security
• Infrastructure Security
Figure 2: Shared responsibility model for PaaS
In the financial services industry, it’s common to have over 200 controls that
must be baked into the infrastructure. This often includes integration of 10 or
more vendor solutions like firewalls, centralized logging tools, various moni-
toring tools, Active Directory and more. All of this initial setup work for IaaS
starts to look and feel very similar to data center work, minus the procurement
process. Things like patch management, key and secrets management, third
party tool life-cycle management and other processes consume large amounts
of time. As important as this work is, it can significantly impact productivity,
thus reducing agility.
Enter Containers
Containers promised to abstract away a lot of the IT plumbing and configura-
tion management in order to enable developers to be more productive. What
used to take 100s of lines of code in Chef or Puppet can now be reduced to a
few lines of code in a Docker Image file. In addition, the painful patching pro-
cess gets reduced to the updating of the image file and re-deploying the con-
tainers. At first glance, containers look super simple to build and manage, but
at scale in a heterogenous environment, containers start to look more like a
science project. There is an incredible amount of complexity when building out
containers at scale. Integrating with various network, database, and storage
38 | THE DOPPLER | FALL 2017
Registration
Login
You do this: