Hot Topics
News 

Docker Engine 1.12 Democratizes Container Orchestration

, , , ,
by Miles Blatstein

Built-in orchestration features enable organizations to easily define and manage complex Dockerized applications from development through production

Docker 1.12 provides Developers and IT Operations with built-in, decentralized orchestration capabilities that support multi-container environments on multi-host application environments. Docker supports all applications — from monoliths to microservices — and enables portability across the entire application lifecycle. New and integrated capabilities that span across security, networking and orchestration equip organizations with the functionality needed to more rapidly, scalably and securely move applications into production.

Users can elect to initiate swarm mode, designating Docker Engine as a decentralized building block for self-organizing and self-healing swarms. These new features simplify container orchestration and bring capabilities that were previously only available to an elite set of engineers – to the masses. All of this is delivered at scale with a pluggable platform to provide flexibility, choice and portability, regardless of the underlying infrastructure.

Why Integrate Orchestration Now?

  • Containerization has matured and time is now right to democratize orchestration
  • Docker is at the nexus of enterprise-wide initiatives around microservices, DevOps and hybrid cloud
  • Looking to Docker to ensure that containerization can scale from small groups to global supply chains, from tens of apps to entire app portfolio, etc.
  • Leverage the simplicity of Docker Swarm and integrates with Docker engine to streamline experience and add advanced networking, security and automation

Key Features

  • Swarm mode is a powerful, yet optional, capability that enables users to create coordinated swarms of Docker engines. It is available on every every Engine to automatically discover each other and form a decentralized Swarm
  • Service Deployment API defines services, attaches storage, networking and compute and scales to ensure high performance, consistency and resiliency
  • Powerful routing mesh capability provides out of the box multi-host overlay networking with build-in container aware load balancing
  • Secure by default -cryptographic node Identity ensures end-to-end encryption and other security features
  1. Swarm mode Simplifies Distributed Application Definition, Deployment and Reliability
    In this release, Docker advances the Orchestration portfolio to empower developers and IT operations to build and manage complex distributed applications across the application lifecycle. With the latest updates to Docker Engine, developers can build more complex applications with multiple services, container-defined networking and powerful security.
  • Swarm mode is available in every Engine to automatically discover each other and self-organize into decentralized Swarm
    • Swarm mode is an option to be switched on; batteries included but swappable
  • Built-in, strongly consistent distributed store
  • Self-healing Swarm handles node failures to restore desired application state
  • Dynamic role promotion and demotion of Engines in the Swarm
  • Zero-downtime node management, including maintenance mode and advanced diagnostics
  • Robust architecture infrastructure with zero-SPOF (single point of failure) architecture
  1. Service deployment API ensures application service consistency and resiliency
  • Declarative services API with desired state reconciliation of applications as an abstraction above containers. Declare services, image, scale and ports
  • Rolling updates to enable blue/green, canary and other deploy models
  • Application-specified health checks
  1. Powerful Routing mesh provides container-aware, dynamic load balancing
  • Out of the box multi-host overlay networking
  • Automatic service discovery by DNS available out of the box
  • Built in container-aware load balancing Load balancing and global port definition by service dynamically reroutes traffic to the right container
  1. Secure by default with end-to-end encryption available out of the box
  • Out of the box TLS configuration ensures all nodes in a Swarm communicate with each other using mutual TLS.
  • Cryptographic Node Identity is general purpose framework that allows for trusted workload dispatch. It enables cryptographically secure decisions about which nodes can runs sensitive workloads, or access sensitive networks.
  • Seamless PKI with automatic certificate rotation
  • Configurable acceptance policies to configure how nodes can join a swarm: automatic, manual or require a secret.

Benefits

By integrating orchestration capabilities directly into Docker Engine, Docker is addressing the requirements users have when evaluating orchestration solutions:

  • A framework that is simple yet powerful
    • Streamlines and advances orchestration within Engine
    • One uniform building block to know, operate and maintain for building, shipping and running distributed applications
  • UI command syntax aligns with what millions of Docker users already know
  • Native compose integration extends developer user experience to IT ops
  • Compute, network and storage are all pluggable ensuring that applications are portable and work on any infrastructure
  • Robust
    • Highly resilient design – decentralized architecture eliminates single point of failure
    • Proactive state management that ensures desired and actual state are the same
    • Architected for seamless horizontal scaling
    • In-memory scheduling management ensures performance at scale
    • No external infrastructure dependencies or dependencies on an external DB
    • Resistant to node outages
  • Secure by default
    • Security is enabled by default securing the whole swarm without complex configuration
    • Robust and granular security provides strong protection against attacks and misbehaving system attacks and user error
    • Usable security: Node communication and membership are secure out of the box

Docker 1.12 on AWS and Azure Private Beta

Docker for AWS and Docker for Azure are the best ways to deploy Docker Engine on these platforms.They provide an integrated, easy-to-deploy environment for building, assembling, and shipping applications on AWS and Azure. In addition to Docker Engine, they bundle custom plugins that provide deep integration between Docker and the target platform capabilities (storage, networking and load balancing).

  • Docker for AWS is a native AWS application optimized to take advantage of the underlying AWS IaaS services while giving you a modern Docker platform that you can use to deploy portable apps. Docker for AWS does not require any software installed. You just need a browser and an AWS account, and can provision Docker in a few clicks. Docker for AWS installs a Swarm of Docker Engines secured end to end with TLS by default, and is integrated with AWS Autoscaling, Elastic Load balancer and Elastic Block Store.
  • Docker for Azure does not require any software installed. You just need a browser and an Azure account, and can provision Docker in a few clicks. Docker for Azure installs a Swarm of Docker Engines secured end to end with TLS by default, and is integrated with Azure VM Scale Sets for autoscaling, Azure Load Balancer and Azure Storage.

What Does It Mean for Devs?

For Developers, they have a powerful yet simple way to preserve the familiar Docker experience into production, ensuring full stack portability across the application lifecycle.
What Does it Mean for Ops?

IT Ops have the reassurance that they are using the only orchestration solution that is highly resilient with no single point of failure. Docker’s orchestration tooling embodies management simplicity and system performance at scale and is the only orchestration solution that is secure by default, providing end-to-end encryption automatically.

What Does It Mean for the Ecosystem?

For Docker ecosystem partners it further expand their opportunity building around the Docker platform. Our plugin architecture is evolving to allow our networking, storage, logging, monitoring partners etc. to take advantage of these native orchestration features. Additionally, plugins can rapidly be deployed across Swarms as global services allowing these solutions to work across an entire Docker implementation.

Availability

Docker 1.12 will be available in July 2016.

Miles Blatstein

Miles Blatstein is a Web Engineer with the parent company of cloudnativenow.com, MediaOps. As a Web Engineer, Miles is tasked with front and backend development/management of MediaOPS sites, social media marketing, SEO, and customer/client relations and services.

Miles Blatstein has 79 posts and counting. See all posts by Miles Blatstein