JFrog Shines Light on Container Issues
At the recent JFrog swampUp annual user conference JFrog expanded its DevOps ambitions into the realm of containers with tools that gives IT organizations visibility into both the container and the IT infrastructure on which it depends.
JFrog CEO Sholmi Ben Haim says although there is no shortage of tools for scanning containers, JFrog Xray is the only tool that enables IT organizations to see how changes to containers will impact the overall IT infrastructure environment before those containers get deployed in a production environment.
JFrog Xray includes a graph capability that allows IT organizations to zoom in and out easily to discover all the containers associated with any given container. That capability, Ben Haim says, derives from JFrog’s ability to sift through metadata to create visualizations of the IT environment.
In addition, JFrog Xray comes integrated with a variety of vulnerability and compliance databases from vendors including VersionEye, Black Duck and WhiteSource. It also provides access to an open application programming interface (API) that can be used to integrate JFrog Xray with a wide variety of other IT management tools and services.
In general, most IT operations teams are unprepared to manage containers in production environments. As a result, most of them are deploying them on virtual machines to take advantage of their existing tools to manage containers. But Ben Haim says it’s only a matter of time before more containers wind up running on bare metal servers to increase the economic efficiency of the IT environment. For the foreseeable future, that means IT organizations will need visibility into container environments running on virtual machines, bare metal servers and even platform-as-a-service (PaaS) environments.
To facilitate that process, JFrog has integrated its core DevOps management tools with platforms from Mesosphere, Atlassian, Sumo Logic and Google. The end result, says Ben Haim, is a comprehensive approach to managing all aspects of application deployment both inside and out of the cloud.
Of course, the degree to which containers push IT operations teams to embrace a more structured approach to DevOps remains to be seen. Containers represent a major IT operations challenge in that there will be thousands of them to manage in IT environments. Ben Haim notes that until now, those containers essentially have been black holes in the eyes of the IT operations team—many of whom have lacked enough confidence to deploy the containers in production applications. The container revolution clearly has started, but it’s off to a slower start in production environments, Ben Haim says.
At the same time, adoption of DevOps practices has also been limited primarily to webscale companies. Traditional enterprise IT organizations have been slower to embrace DevOps mainly due to cultural inertia. But as the rate of application development and deployment continues to rise thanks to the rise of containers, it would seem the need for more structured approaches to DevOps is now all but inevitable.