Currently, cloud computing provides shared computer processing resources and data to computers and other devices on demand. In addition, DevOps (a clipped combination of development and operations) emphasizes collaboration and communication of software developers and other information technology (IT) professionals while automating the process of software delivery and infrastructure changes.
Further, cloud and DevOps technologies may allow increased productivity and reduction of software time-to-market and costs. For example, DevOps may automate the process of software delivery, allowing fast deployment of changes from development to operations, which may result in increased speed and reliability when building, testing, and releasing software. Microservices is an architectural style in which applications comprise small, independent modules communicating via well-defined interfaces. These modules may be easily updated, modified or replaced without influencing the stability of the entire application.
LINUX™ containers is an example of an operating-system-level virtualization model which groups resources such as processes, files, and devices into isolated spaces. Container management and orchestration solutions, such as DOCKER™, are employed to create the containers and to control their lifecycle. For example, DOCKER™ may allow saving the state of containers to images that contain everything necessary for their execution including code, runtime, system tools, and system libraries. These images may be stored and instantiated to running containers wherever required. Thus, there is a well-defined lifecycle phases of containers defined by container management solutions, such as DOCKER™, which include their creation (build), distribution (pull) and deployment (run) stages. These may be executed, for example, on LINUX™ or WINDOWS™ hosts or any other suitable host operating system. As used below, the term “image” refers to such images. Finally, cloud computing service platform solutions (also referred to as Platform as a Service or PaaS cloud computing solutions), such as OPENSHIFT™ and CLOUDFOUNDRY™, may provide automatic orchestration of containerized services across large clusters of servers.
It is to be understood that references herein to LINUX™ are examples only and that embodiments of the invention are not limited to any particular operating-system-level virtualization model but may include or employ any other suitable OS-level virtualization model or models. It is to be further understood that references herein to DOCKER™ are likewise examples only and that embodiments of the invention are not limited to any particular container management and orchestration software but may include or employ any other suitable container management and orchestration solution or solutions. In addition, it is to be understood that references herein to OPENSHIFT™ and CLOUDFOUNDRY™ are also examples only and that embodiments of the invention are not limited to any particular cloud computing service platform but may include or employ any other suitable cloud computing service platform.
Significant bottlenecks in the adoption of these technologies by large enterprises include, for example, new security threats, integration with existing enterprise architectures, especially in the areas of infrastructure orchestration, application lifecycle management, and fulfilling external security requirements. Existing security solutions are insufficient to fulfill all of the security requirements of such large enterprises Although cloud computing service platform providers have made initial efforts to strengthen the security of their solutions, such efforts fail to fulfill all of such security requirements and cannot be easily integrated with existing enterprise system.
There is a present need for technological solutions that address the problems of these legacy mechanisms and enable a mechanism that eliminates the deficiencies associated with these currently employed mechanisms. The problem to be solved is rooted in technological limitations of such legacy approaches. Improved techniques and, in particular, improved applications of technology are needed to address the problems of these current mechanisms. More specifically, the technologies applied in the aforementioned legacy approaches fail to achieve the sought-after capabilities of the herein-disclosed techniques for integrating such legacy approaches with existing enterprise architectures while preventing security threats.