The Continuum of Cloud Native Topologies
As containers gain mainstream momentum, the cloud native ecosystem is experiencing rapid growth of new technologies and projects that are spinning off and expanding from the initial core of containers. One particularly intense area of innovation is in workload deployment/management. There are many options in the cloud-native environment and the differences between these technologies are often small and nuanced. This makes it challenging to understand the benefits and tradeoffs between them. Each brings its own set of advantages and downfalls — but the decision is not whether to use these technologies, but rather which ones to prioritize. Few organizations will find a single option that’s a great fit for all their needs, and instead will find several options, each providing advantages for different workloads and use cases as they change and grow.
In this white paper, John Morello, Chief Technology Officer at Twistlock, shares a helpful model of viewing the different cloud native technologies as a continuum, to address different scenarios and efficiently choose which combination of technologies work best for running different workloads. The continuum starts with bare metal and VMs on the left, continues into “light” hypervisors (like Canonical’s LXD), and extends into containers and services like AWS Fargate and then, ultimately, serverless. Technologies to the left provide the most isolation and control with the tradeoff of greater management and performance overhead. Those to the right facilitate more agile development and app density with the tradeoff of less control.
Cloud Native Security: What it Means, Why it’s Hard & How to Achieve it
7 Experts on Cloud-Native Security
Strategies for Securing Highly Scalable Container Environments
The Proactive Security Paradigm
How Twistlock works with any orchestration tool (eg. Kubernetes, OpenShift, Amazon ECS, Docker Swarm DC/OS)