Docker Inc. today made good on its promise to support Kubernetes container orchestration software as an alternative to Docker Swarm in Docker Enterprise Edition (EE) 2.0, an update to the container-as-a-service (CaaS) platform Docker created to make it easier to build containerized applications.
David Messina, chief marketing officer for Docker Inc., says IT organizations can employ Docker Swam or Kubernetes at will, which is much easier to provision and manage within the context of a CaaS environment, since it provides IT organizations with a much higher level of abstraction for managing the overall container environment. That approach also eliminates the need to find and retain a dedicated team of Kubernetes experts, Messina says.
IT organizations can also opt to run Swarm and Kubernetes interchangeably in the same cluster and deploy applications with either Docker Compose or Kubernetes YAML, he adds.
For example, Docker EE provides support for GUI-based operational workflows integrated with role-based access controls (RBAC) as well as cluster and registry management. It also provides support for secure application zones to provide logical and physical separation of applications within the same cluster. In contrast, other platforms force “cluster sprawl” by requiring customers to stand up a separate cluster for each application added to the Kubernetes infrastructure, says Messina.
The operational workflows for managing Kubernetes are abstractions that run atop a full-featured and CNCF-conformant Kubernetes stack. All core Kubernetes components and their native APIs, CLIs and interfaces are made available, he says.
Docker Inc. also updated the trusted registry for image caching and mirroring. These features ensure that centrally stored images can be propagated to regional registries for better performance as well as replicated to ensure higher availability.
Also being added to Docker EE 2.0 is support for mutual TLS encryption by default, signing/scanning enforcement of container signatures and automated image promotion.
Docker Inc. also revealed that storage vendors Blockbridge, Dell EMC, Hedvig, HPE/Nimble, NetApp, Nexenta, Portworx, Pure Storage, StorageOS, Veritas and Virtuozzo have been or plan to be certified for Docker EE 2.0 On the networking front, Docker Inc. has certified implementations of the Container Network Interface (CNI) developed by Cisco Systems, Infoblox and Weaveworks. Docker EE already supports an instance of Project Calico, container networking software developed in collaboration with Tigera.
Docker EE 2.0 also provides improved Layer 7 routing performance.
Docker Inc. is clearly anxious to move past the Docker Swarm-versus-Kubernetes debate. Docker Swam is easier to implement, but if organizations decide they want to standardize on Kubernetes, that shouldn’t preclude them from adopting Docker EE, says Messina. Thus far, Docker Inc. has more than 400 customers licensing Docker EE, which the company positions as a much lighter-weight alternative to traditional platform-as-a-service (PaaS) environments.
It may take a while for IT organizations to fully embrace CaaS platforms. But as DevOps teams become more familiar with all the intricacies associated with managing containers, Docker Inc. is betting organizations will have more important decisions to make beyond figuring out which container orchestration engine to use when.