Sandboxes: Uber Containers for Enterprise DevOps
April 08, 2016

Joan Wrabetz
Quali

According to Gartner, 2016 is the year that 25% of enterprises will embrace DevOps. Organizational and behavior headwinds notwithstanding, is there anything else different about Enterprises? 451Research's Customer Insight, Voice of the Enterprise Cloud, Q4 2014 survey found that 56% of workloads will be in private or hybrid cloud environments by 2016. Enterprises will require additional capabilities in order for DevOps to succeed there. 

Three critical capabilities are required to ensure success with DevOps in Enterprises that have hybrid IT environments:

1. Containers for encapsulating applications

2. DevOps toolchains

3. Sandboxes for replicating the production hybrid cloud environment

Think of these 3 capabilities as addressing the "what", "how" and "where" elements of the enterprise DevOps challenge:

Containers (the "what") - Putting your applications into containers allows them to look uniform as they cross between non-production and production environments and between on premise and cloud.

DevOps Tools (the "how") - Using DevOps tools that automate the steps from programming to testing to production deployment is designed to address the "how" part of the challenge. 

Sandboxes (the " where") - Sandboxes address the real question of "where" do I develop my application so that the environment and infrastructure that it runs on look the same from the development lab to the test lab to the production datacenter or cloud.

Sandboxes (aka Uber Containers) are self contained infrastructure environments that can be configured to look exactly like the final target deployment environment, but can be created and run anywhere. For example, developers can create a sandbox that looks like the production environment - from network and hardware to OS versions and software to cloud APIs. They do their development in that sandbox for a short period of time and when they are done they tear down the sandbox.

Testers can do the same thing, and in addition, they can run a bunch of tests with the sandbox configured to look like their internal IT environment and then automatically re-configure the sandbox on the fly to look like the external cloud environment and run more tests. This allows them to test all of the possible environments that the application could run in without disrupting the actual production infrastructure.

What is a Sandbox? Intuitively we know that a sandbox is a protected space where you have complete control and others are allowed in only if you invite them. You can bring in your own toys to the sandbox and make anything you want in the sand. Just stomp it out if you don't like it and start over. Technically, sandboxes follow these same rules. A number of vendors are now providing Sandbox solutions (some are called "Environment as a Service") that have a simple interface for creating any target infrastructure environment and configuring it with as much control as you want. They allow you to bring applications, tools, tests and automated processes into that sandbox. They provide protections so that others cannot mess with any infrastructure that you are currently using in your sandbox. They provide reservation and scheduling for many people so that whole teams of developers and/or testers can share physical and virtual infrastructure on-the-fly for hours, days or weeks at a time. Finally, a good Sandbox solution can be triggered from the outside (for example, from a DevOps tool).

In the world of hybrid clouds, applications need to be deployable on both on-premise infrastructure and on public cloud infrastructure. Sandboxes allow developers to mimic both environments and define applications that can run successfully in both types of infrastructure. The sandbox can be used to test in both types of infrastructure.

Of course, in the perfect world, Containers, DevOps tools and Sandboxes can be combined to enable continuous deployment in an enterprise hybrid cloud. Package your applications in Containers, use DevOps tools to manage and automate the process of moving through the development cycle, and create Sandboxes for each step in the development cycle that mimic the actual target production infrastructure(s) on which those applications need to run. This 3 step combination ensures Enterprise DevOps success.

Joan Wrabetz is CTO of QualiSystems.

The Latest

September 20, 2018

The latest Accelerate State of DevOps Report from DORA focuses on the importance of the database and shows that integrating it into DevOps avoids time-consuming, unprofitable delays that can derail the benefits DevOps otherwise brings. It highlights four key practices that are essential to successful database DevOps ...

September 18, 2018

To celebrate IT Professionals Day 2018 (this year on September 18), the SolarWinds IT Pro Day 2018: A World Powered by Tech Pros survey explores a "Tech PROactive" world where technology professionals have the time, resources, and ability to use their technology prowess to do absolutely anything ...

September 17, 2018

The role of DevOps in capitalizing on the benefits of hybrid cloud has become increasingly important, with developers and IT operations now working together closer than ever to continuously plan, develop, deliver, integrate, test, and deploy new applications and services in the hybrid cloud ...

September 13, 2018

"Our research provides compelling evidence that smart investments in technology, process, and culture drive profit, quality, and customer outcomes that are important for organizations to stay competitive and relevant -- both today and as we look to the future," said Dr. Nicole Forsgren, co-founder and CEO of DevOps Research and Assessment (DORA), referring to the organization's latest report Accelerate: State of DevOps 2018: Strategies for a New Economy ...

September 12, 2018

This next blog examines the security component of step four of the Twelve-Factor methodology — backing services. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...

September 10, 2018

When thinking about security automation, a common concern from security teams is that they don't have the coding capabilities needed to create, implement, and maintain it. So, what are teams to do when internal resources are tight and there isn't budget to hire an outside consultant or "unicorn?" ...

September 06, 2018

In evaluating 316 million incidents, it is clear that attacks against the application are growing in volume and sophistication, and as such, continue to be a major threat to business, according to Security Report for Web Applications (Q2 2018) from tCell ...

September 04, 2018

There's a welcome insight in the 2018 Accelerate State of DevOps Report from DORA, because for the first time it calls out database development as a key technical practice which can drive high performance in DevOps ...

August 29, 2018

While everyone is convinced about the benefits of containers, to really know if you're making progress, you need to measure container performance using KPIs.These KPIs should shed light on how a DevOps team is faring in terms of important parameters like speed, quality, availability, and efficiency. Let's look at the specific KPIs to track for each of these broad categories ...

August 27, 2018

Protego Labs recently discovered that 98 percent of functions in serverless applications are at risk, with 16 percent considered "serious" ...

Share this