Container Technology Comes of Age at the Intelligent Edge

PinIt

Containers can provide powerful benefits to make it easier to deploy long-lifecycle, embedded solutions that require minimal footprints and are robust enough for critical edge-computing applications.

Digital Transformation is real. It’s happening. In fact, 68% of publicly traded companies report progress on digital transformation during their quarterly filings. And as Gartner predicts, more than 50% of all enterprise-generated data will be created and processed at the edge by 2022, and the intelligent edge is increasingly becoming a critical part of this digital story.

What’s needed to deliver on the potential of this new intelligent edge that demands low-latency, high-bandwidth performance? Emerging technologies, including 5G networking, artificial intelligence, and machine learning, IoT and mobility advances, and — increasingly — container technology.

Containers can provide powerful benefits such as leveraging existing investments, agility, updatability, and security to make it easier to deploy long-lifecycle, embedded solutions that require minimal footprints and are robust enough for critical edge-computing applications. As such, Gartner predicts that by 2022, more than 75% of global organizations will be running containerized applications in production, up from less than 30% today.

To give you an idea of their potential, here are some interesting use cases across a variety of industries in which containers can energize edge computing:

  • Manufacturing operations and industrial robotics: AI-based automation is bolstered by compact, low-power installations that require the mission-critical reliability that can be delivered by containerized deployments of an RTOS.
  • Healthcare delivery: Remote patient care, health monitoring systems, counseling, and other healthcare practices that have helped medical organizations deal with the COVID-19 pandemic can benefit from the security and agility of container technology.
  • Autonomous vehicles and smart city operations: Lightweight, low-power operations are a vital factor in many embedded use cases involving AI-controlled vehicles, communication between vehicles, traffic flow monitoring, advanced driver assist systems (ADAS), and citywide warning and alert systems.
  • Retail customer personalization and communication: Automated information kiosks, personalized signage displays, rich media product demonstrations, and online ordering systems can tap into the flexibility and power of container technology implemented at the intelligent edge.

ARC Advisory Group analyst Harry Forbes notes the new opportunities container technology promises: “Thinking about these new capabilities and how they might be used, it seems to me that in the longer term, today’s sharp border between embedded systems and edge computing will become much blurrier. Indeed, today’s real-time embedded applications may eventually become a special case within a broader set of edge applications that are containerized and orchestrated very much the way cloud apps are deployed today.”

Container technology distribution

In terms of container technology distribution, the process can be handled in several different ways at the intelligent edge. For example, after landing, an aircraft can taxi to the maintenance area, connect to the service infrastructure at the airport, and pull any recently updated containers from the registry in the system server. The container updates will then be incorporated into the aircraft system.

Or picture having an edge cloud that lets you push software. A vehicle equipped with modern wireless capabilities can be driving past a 5G base station, receive a transmission with updates in a container, and then proceed to install the updates automatically once the car is parked at home in the garage.

Ensuring container security

The benefits of software containers, however, can only be fully realized if the technology’s security aspects are well understood. In particular, if container technology is to become successful in environments that call for heightened security — such as aerospace and defense, automotive applications, energy grids and subsystems, robotics implementations, and so on — extra measures for hardening solutions are needed.

Cloud-native, open-source registries typically provide a layer of security when using containers. For example, policies and role-based access control can be employed to secure container components. Here, each container image is scanned to ensure that it is free of known vulnerabilities and then signed as trusted before distribution. For sensitive, mission-critical deployments, a level of assurance when moving containers across cloud-native compute platforms should be implemented.

One of the most effective means of protecting container security is to follow DevSecOps software development best practices. The Department of Defense has published the Container Hardening Guide (October 2020), which outlines DevSecOps processes that are important for guarding against security breaches.

As the complexity of applications and their supporting infrastructures create new potential attack vectors for increasingly sophisticated hackers to exploit, containers in embedded systems can offer a means to deliver responsive, secure application delivery to the intelligent edge. With their low-latency, high-bandwidth performance, software containers can deliver security solutions for the most challenging applications.

A good example of this is avionic systems that have evolved from fundamentally hardware-based solutions to agile, highly upgradeable, software-defined infrastructures that enable new technologies to be incorporated into systems on the fly and without substantial hardware replacements. Software container technology promises to be an effective means of countering cybersecurity threats to both the commercial and aerospace/defense sectors as it offers quick updates and patches. Though, this does not mean that verification and validation is not done, rather than deployment is greatly simplified.

Future applications of containers on the edge

As 5G networks become more prevalent, this will provide a ready means of distributing data and containers from the edge and linking local and central data centers using 3GHz cell towers and 28GHz small cells through fiber interconnects. Just imagine the potential for mission-critical systems that can be enhanced by secure, reliable access to the intelligent edge.

Michel Chabroux

About Michel Chabroux

Michel Chabroux is responsible for the Product Management team driving technology and business strategies for Wind River’s runtime environments, including the VxWorks and Wind River Linux families of products. He has more than 20 years of industry experience including roles in technical sales, support, training and product management. Prior to joining Wind River, he was a consultant in Business Management and Information Systems working with a variety of clients. He holds a Master’s degree in Computer Science Applied to Business Administration from Universite de Lorraine.

Leave a Reply