Docker embraces Kubernetes with Docker Enterprise 2.0

two-flowers-beneath-clouds

It turns out Docker was serious about adopting Kubernetes. Docker has its own container orchestration program, Docker Swarm mode, but the company saw the wind was blowing towards Kubernetes so it added Kubernetes to its selection of orchestration tools in October 2017.

But, there’s adoption and then there’s “Adoption.” With the first you announce you’ll support a technology, but you don’t really do it. Then, there’s what Docker is doing in Docker Enterprise 2.0. In its latest business release of its famous container technology, Kubernetes is an equal member of the Docker ecosystem.

As Vivek Saraswat, Docker’s Group Project Manager, blogged, “Both orchestrators operate interchangeably in the same cluster meaning IT can build an environment that allows developers to choose how they want to have applications deployed at runtime. Teams can deploy applications to Swarm today and migrate these same applications to Kubernetes using the same Compose file. Applications deployed by either orchestrator can be managed through the same control plane, allowing you to scale more efficiently.”

In addition, you can use either Kubernetes or Swarm to set policies around container image promotions. This way you can automate moving an application through test, quality assurance, staging, and production. For example, you can set a policy around image vulnerability scanning results so only clean images are promoted to production.

You can also set Docker EE 2.0, so administrators can enforce rules about which applications can be deployed. So, for instance, you can set your supply chain so only signed off images can run in production. These automated processes enforce governance without slowing down continuous integration/continuous deployment (CI/CD) with manual bottlenecks.

Docker EE 2.0 also enables even the largest companies to manage their containers with the following features:

  • Centralized image repository: Some organizations want to maintain one source of truth for all applications. They want a centralized private image repository for their global organizations. With Docker EE 2.0, you can connect multiple EE clusters to a single, common private registry with a common set of security policies built in.
  • Remote office access: Many organizations have development teams that are not in the same location as the registry. To ensure that these developers can quickly download images from their location, Docker EE 2.0 includes an image caching capability to create local caches of the repository content. Caching extends the secure access controls and digital signatures to these remote offices to ensure no breaks in the supply chain.
  • Multi-site availability and consistency: Alternatively, some organizations wish to have separate registries for different office locations – possibly one for North America, one for Europe, one for Asia. But they also want to make sure they’re using common images. With the new image mirroring capability, organizations can set policies that “push” and “pull” images from one registry to another. This also means when one region goes down, copies of the same images are available in the other registries.

To secure all of the above, Docker EE uses TLS encrypted network links. To ensure the network traffic still moves at speed, the new Docker also includes an optional Calico network plugin for Container Network Interface (CNI) for Kubernetes and Layer 7 routing and load balancing for Swarm.

Put it all together and you have an outstanding container orchestration solution.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: