Essential things to know about container networking

Networking is a crucial component in the container ecosystem, providing connectivity between containers running on the same host as well as on different hosts.

1 2 Page 2
Page 2 of 2

Containers represent a huge change in technology stack and the software-development lifecycle process. Unsurprisingly, enterprises are challenged not only to make sure the systems function properly but also to secure them.  

Container networking breaks many of the assumptions that make traditional firewalls and networking security controls work, says Rani Osnat, vice president of strategy at Aqua Security, a container security technology firm. Enterprises need a way to control ingress and egress; to micro-segment containers so that applications don’t interfere with each other; and to have firewalls that can map to container connectivity and not VM connectivity, preventing potentially unsafe east-west network traversal, Osnat says. 

Recognizing the growing need for strong protection, various projects are springing up with the goal of making security an integral part of container network technology. "For example, the Cillium project provides low-level security and visibility by utilizing Berkeley Packet Filters to inject security policy into the network layer," Letourneau says. Istio, meanwhile, is a service mesh that addresses the challenges inherent in a distributed microservice architecture. "[It takes] some of the requirements of service meshes and pushes that functionality down to the networking layer where it, arguably, belongs," Letourneau notes. 

Although both of these projects are relatively new, they offer a view into extending the security layer directly into networking, defined not by network administrators working on separate teams, but by the teams that are actually building the services and applications. 

In the big picture, the container networking space is evolving rapidly. "New things are showing up all the time; it's an interesting space to watch develop," Meyer says. "The latest and greatest tools are really helping to ease the transition into this new paradigm and to get forward-thinking enterprises deployed with this new architecture." 

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2020 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
IT Salary Survey: The results are in