Sysdig looked at how and when companies implement security checks into the development lifecycle, how they use containers, and what technologies are popular right now.
The data comes from analyzing nearly two million containers and public sources such as GitHub, Docker Hub, and CNCF. Let’s look at the most exciting figures from the report.
How Many Containers Do Companies Use On Average
More than half of the companies use 250 containers or less. Only 4% manage more than 5,000 containers. This is because container adoption typically starts small, often initiated by developers who promote containerization to speed up software delivery.
DevOps and cloud teams report that adoption is accelerating once companies see the benefits of application containerization as business units move to the new platform.
At the same time, the density of containers per host increased by a third compared to last year. This number may increase in the future as companies strive to use computing resources efficiently.
Kubernetes: How Many Clusters And Nodes Do IT Departments Deploy On Average
Kubernetes is still the leader among container orchestrators, with 75% of organizations using it. Most companies maintain only a few clusters; few manage complex architectures from many clusters of different sizes.
A large number of individual clusters and a small number of nodes per company is an indication that many organizations are just starting to use Kubernetes.
The use of managed services in public clouds to deploy Kubernetes also affects these indicators – KaaS provides users with the ability to instantly scale clusters by connecting and removing nodes and quickly collapse and expand the clusters themselves.
It is also interesting to look at the average number of pods per cluster and node.
Security Is Shifting Towards Development, But These Measures Are Not Always Enough
Now 74% of companies scan containers before deployment. This is a good sign—build-time scanning helps teams mitigate potential security risks before they hit production.
At the same time, 58% of the images run on behalf of users with Root rights, which allows the use of privileged containers that can be compromised.
Also, the latest sample shows that 49% of containers live less than five minutes, and 21% live less than 10 seconds. This is a significant problem for auditing security issues, as many monitoring tools fail to provide detailed information in such a short amount of time.
Docker Is Losing Popularity
Over the past year, the popularity of container environments such as containers has doubled – used by 33% of companies – and CRI-O – used by 17% of companies. Compare that to Docker, which grew 79% last year but dropped to 50% this year, down 29%. It is also notable that Kubernetes will officially phase out Docker in 2020.
Key Takeaways From The Report
The report highlights the changes taking place in the container ecosystem and the need for companies to adapt to them, including:
Cloud teams need to integrate security into DevOps now to stay ahead of risk while running containerized applications.
Real-time monitoring is critical to security, which provides a detailed audit of containers with a short lifespan.
Organizations should invest in Kubernetes-compatible tools to make it easier to work at scale.
Also Read: Four Frequent Mistakes About Kubernetes