SAN FRANCISCO -- The Docker roadmap through 2018 stars Docker Enterprise Edition support for multi-cloud container management.
The planned features, dubbed federated application management and laid out in detail by company officials at DockerCon here this week, will come through updates to the Docker Trusted Registry (DTR) and Docker Enterprise Edition user interface. DTR will support the replication of container images among distributed container deployments and will enforce security policies pertaining to their use, such as role-based access control and read-only privileges.
The Docker Enterprise Edition GUI and command-line interface will add management access for all the container clusters a company controls, including those hosted in managed Kubernetes services on public cloud, such as Amazon Elastic Container Service for Kubernetes, Microsoft's Azure Kubernetes Service and Google Kubernetes Engine.
Docker Enterprise Edition users at the conference said these features have long been on their wish lists.
"They did this because we talked to them, and not just once," Till Schenk, IT infrastructure architect at Robert Bosch GmbH, said in a DockerCon presentation.
Bosch, a multinational engineering and electronics company based in Germany, created its own multicluster container management scheme based on Docker swarm mode over the last two years, and it hasn't been easy, Schenk said. DTR image replication and read-only access enforcement were particularly painful, and Bosch will explore how the Docker Enterprise Edition features may simplify that work.
However, for a company the size of Bosch, which has 62,500 R&D associates in 125 engineering locations worldwide that share one network, container image replication and multicluster management are far from the only problems that inhibit containers offered as a service to internal developers.
Bosch's container platform also supports optional preinstalled third-party services for internal users' needs, such as internet access and security monitoring. The team must also monitor the underlying infrastructure and collect logs to track its performance, alert on that monitoring data, enforce security and compliance, charge business units for their use of the platform, perform API health checks and monitor the use of software licenses in the container infrastructure.
"No one vendor gives us the whole stack out of the box," Schenk said.
Till Schenk, IT infrastructure architect at Robert Bosch GmbH, presents on multi-cloud container management at DockerCon 2018.
Docker roadmap intensifies container competition
Multi-cloud container management's prominence in the Docker roadmap will entice enterprises, as it puts support for swarm mode and Kubernetes container orchestration, as well as Windows and Linux hosts and containers, under one management umbrella. But in the Kubernetes world, competitors such as Red Hat OpenShift and Rancher already offer multi-cloud container management.
Red Hat OpenShift can tap into Red Hat's Gluster distributed storage products to move data along with applications among multiple Kubernetes clusters; Docker has partnerships with distributed storage vendors, such as Portworx, but doesn't own them, so it can't offer one-stop enterprise support at that layer of the stack. The OpenShift Container Platform also folds in an implementation of the Open Service Broker API for Kubernetes to connect third-party apps and services with Kubernetes clusters. OpenShift doesn't yet support Windows containers, however, which Docker swarm does.
OpenShift is on the radar for many of the enterprise IT organizations attending DockerCon. According to a director of engineering at one healthcare company in Boston, who spoke on condition of anonymity because he is not in charge of the company's evaluation of container orchestration products, while some developers will use Docker Enterprise Edition internally, OpenShift will likely be the company's strategic choice for customer-facing services.
I don't think that most organizations really appreciate or understand the journey they're about to embark on [with multi-cloud container management].
Brad LinderDevOps and big data evangelist, Dish Technologies
Other Docker users have an open mind, but already use competitors' container orchestration products.
"Everyone has the same story, 'One click and you're there,'" said Brad Linder, DevOps and big data evangelist at Dish Technologies, the engineering arm of Dish Network in Englewood, Colo.
Dish Technologies uses Rancher's Kubernetes in production for multicluster container management within the same data center and anticipates multi-cloud container operations this year. "That's the dream, but I don't know if it's been realized yet," Linder said.
He'll track the Docker roadmap for Enterprise Edition, but agreed with Bosch that multi-cloud container management at scale is not easily simplified with just one tool.
"I don't think that most organizations really appreciate or understand the journey they're about to embark on [with multi-cloud container management]," Linder said. "The biggest challenge isn't the technology you use; it's the organizational and people problems."
On the technical side, Linder's team spends most of its time on focused on logs, monitoring and alerts as it moves toward multi-cloud container management. Both Linder and Bosch's Schenk said observability at all layers of the container infrastructure is a thorny problem that requires integration of multiple tools to solve.
"That's the weakest part of the container ecosystem," Linder said.
