At the KubeCon + CloudNativeCon Europe 2019 conference, Docker Inc. today announced that it is extending an existing networking alliance with Tigera to include an instance of the open source Project Calico software running on Windows Server.
Docker Inc. at the DockerCon 2019 conference last month, revealed it was including an instance of Project Calico within Docker Enterprise 3.0. That alliance is now being extended to include instances of Docker Enterprise that incorporate Kubernetes on Windows.
Scott Johnston, general manager for enterprise solutions at Docker Inc., says virtual networks enabled by Project Calico will play a critical role in advancing adoption of microservices based on containers. Unlike monolithic applications that make service calls within the same server environment, microservices tend to make service calls across an extended network. A virtual network provides the overlay that makes it easier to first make those connections and then secure them, says Johnston.
Tigera also will make available Tigera Secure Enterprise Edition available on Windows, in addition to instances of Linux running Kubernetes. Tigera Secure Enterprise Edition creates a zero-trust implementation of a virtual network to both encrypt network traffic and verify the identity of all the endpoints on that network.
Tigera takes advantage of the Container Network Interface (CNI) specification to plug Project Calico networking software into a Kubernetes cluster, which then uses that virtual network to communicate directly with any other platform capable of running Project Calico, including (soon) Windows Server platforms running Kubernetes. Right now, Kubernetes is just becoming available on Windows Server. But as adoption of Kubernetes on Windows Server increases, more organizations will want to create virtual networks between instances of Kubernetes running on Linux and Windows Server in both on-premises IT environments and public clouds. Via its alliance with Microsoft, Docker Inc. is betting there will be many more instances of Docker Enterprise running in Microsoft environments once Kubernetes becomes more widely deployed in those environments.
Via Calico, organizations can then define which connections are allowed, in addition to applying rules for each node such as limiting access based on IT governance policies.
Johnston says Calico support within Docker Enterprise 3.0 is yet another example of how Docker Inc. has created an enterprise platform than allows IT organizations to swap modules as they see fit. For example, he says, IT organizations can configure Docker Enterprise with either Kubernetes or Docker Swarm, the container orchestration engine developed by Docker Inc.
It’s unclear right now the degree to which virtual networks will be incorporated into best DevOps practices. Most networking software and hardware today is deployed by dedicated network operations (NetOps) teams. But as the rate at which Kubernetes clusters are being spun up and torn down increases, so, too, does the pressure to enable developers to programmatically invoke virtual connections either via an application programming interface (API) or a self-service portal. Regardless of the approach, that rate of change represents of major cultural shift that most NetOps teams will find challenging to make.