Container Approach to Virtualization Gaining Traction

The concept of virtualization has been argued in many a boardroom, but do all participants understand the implications, potential and impact on transforming network infrastructure? The answer is likely negative as we tend to lean towards trending concepts without fully understanding the possibilities.

In the larger organization, however, you expect that the IT manager is the thought leader in this space and can bring along the solid argument for or against a transformation of any kind. Virtualization has long been a part of the server architecture conversation, but what does that really mean? For those on the other side of the table, the goal is really all about performance.

To that end, container-based virtualization is coming to the forefront in the data center thanks to recent cloud computing and architectural advantages. The goal is to ensure better security and high performance, according to this TechTarget piece. Containers are designed to run on a single OS copy, with hardware memory controls lack the necessary capacity to help fence multiple containers.

To achieve the desired data security, data centers have the ability to run containers within the VM from the hypervisor, but this approach has the potential to slow down container creation and thereby eliminating the main selling points of the virtualization container. Hundreds of containers can be built within a single VM, but the resulting infrastructure then becomes cumbersome to operate.

Intel is striving to develop solutions that address this challenge overall. The company’s architectural developments for transforming network infrastructure are designed to target virtualization containers. Intel’s Clear Containers offer a way to merge the lightweight hypervisor with the containers approach so as to incorporate extensive memory-sharing capabilities. The goal is the requirement of fewer servers to achieve the same workload – improved efficiency.

Along with these capabilities, Intel has also paid attention to security. A small monitor is placed between the hardware and the kernel to register modifications. A hash for key modules is created and the trusted platform module is invoked to sign them, proving the verification is valid. Further evolutions are in the planning stages to affect security, efficiency and performance overall, but the current offerings already address a number of concerns for network performance.

As the demand for increased capability within the data center continues to grow, transforming network infrastructure will focus more priority on data and the role the data center plays in overall business objectives. When that happens, the boardroom discussions will certainly become even more lively.