Kirill Kedrinski - Fotolia

Mirantis rethinks Docker Swarm vs. Kubernetes

Docker Enterprise users say plans to allow Docker Swarm to run on a Kubernetes back end could provide both ease of use for developers and granular infrastructure control for ops.

Reports of Docker Swarm's demise were greatly exaggerated, Mirantis announced earlier this year -- and this week it disclosed more details about how it plans to develop the container orchestrator.

Mirantis bought Docker's enterprise business in November. Initially, the company said it would provide two years of paid support for Swarm before sunsetting the homegrown product. But Mirantis switched course in February, saying Swarm still would be developed and coexist with Kubernetes.

The next major release of Docker Enterprise under Mirantis will include support for the Docker Swarm interface running on a Kubernetes back end, according to CEO Adrian Ionel. This flips the existing integration of the two orchestrators on its head: In the past, Docker Swarm could run Kubernetes, but Swarm didn't run on Kubernetes.

Adrian Ionel, CEO, Mirantis Adrian Ionel

"We believe Kubernetes is the right approach, and it's becoming the standard," Ionel said. "But it's easier for existing Swarm users to keep [the interface]."

And yes, despite pre-acquisition appearances, there are still active Docker Swarm users, including large enterprises such as S&P Global and Swedish bank SEB. IT pros at these companies said many of their developers -- especially those who work with Windows apps -- still prefer the simplicity of Docker Swarm vs. Kubernetes, which is more flexible, but also more complex.

"You can describe it in the same way we describe programming [languages]," said Johan Spännare, a senior developer at SEB, which runs a primarily Windows-based IT environment on Docker Swarm in production. "If I need to do really specific things toward the processor in the computer, I would probably go for [assembly] code, but if I want to do more business-case things that ... have a time-to-market expectation, I need to have a rich [programming framework] like .NET Core."

Kubernetes is analogous to the former example, while Docker is to the latter, Spännare said.

"I want to be able to use [Kubernetes], but not at the detailed level that it is today," Spännare said. "I want some kind of abstraction for it."

Docker Swarm on Kubernetes an ideal combo for dev and ops

Still, it's not lost on SEB's IT teams that Kubernetes is the direction in which most of the market, including Microsoft, is headed -- and for good reason on the ops and infrastructure side, said Daniel Terry, a solution engineer at SEB.

Docker Swarm was written by devs, for devs. Kubernetes was written by DevOps, for DevOps.
Daniel TerrySolution engineer, SEB

Kubernetes offers more granular enforcement for cluster network and security policies versus Docker Swarm, for example. It also supports more monitoring and performance tuning knobs for IT infrastructure specialists.

"Docker Swarm was written by devs, for devs," Terry said. "Kubernetes was written by DevOps, for DevOps."

However, Terry agreed with Spännare that among devs, the Docker Swarm vs. Kubernetes debate heavily favors Swarm, especially among developers not experienced with Linux or infrastructure management. Thus, the ideal resolution for that either-or discussion would be some combination of both.

"If they find a way for the two platforms to work together, that would be great," Terry said. "It might mean less infrastructure to take care of."

The Docker Swarm vs. Kubernetes divide between dev and ops has also been the experience for Docker Enterprise user Phil Fenstermacher, a systems engineer at William & Mary, a university in Williamsburg, Va.

"Swarm has been phenomenal for onboarding new folks," Fenstermacher said. "But as an ops person, I struggle with it."

When it comes to IT monitoring, for example, the Prometheus time series database added only a native Docker Swarm endpoint to collect data with July's version 2.20 release. Without that, Docker Swarm monitoring with Prometheus required a cumbersome, imperfect workaround, Fenstermacher said.

"For Kubernetes, we used Kubernetes endpoints managed with a Prometheus Operator, but we had to have an agent in Docker Swarm clusters to send data to the Docker API, which would write a file Prometheus could then pick up," he said. "Now, we can monitor each Docker service individually, rather than having [to parse] one file that includes all of them."

Docker Swarm users want CSI support, networking fixes

Docker Swarm stability and support have improved under Mirantis so far, Docker Enterprise users said, but there are still some key items users want for the orchestrator's development beyond integration with Kubernetes.

Specifically, many Docker Swarm users are clamoring for the orchestrator to support the open source Container Storage Interface (CSI) plugins used by Kubernetes, which Mirantis officials said is slated for delivery in the next major Docker Enterprise release.

Don Bauer, Docker captain and community leaderDon Bauer

"I would love to have both [Docker Swarm and Kubernetes] use the same storage adapter," said Don Bauer, a Docker captain, community leader and Docker Enterprise user at a large financial services company he requested not be named. "Both the storage vendors I use have Swarm and Kubernetes support, but it's separate, so for each deployment, I have to deploy two separate plugins, four times [for redundancy], each with a separate configuration."

Bauer said his team members still strongly prefer Swarm for its ease of use, especially for stateless applications that don't need detailed infrastructure configurations. He said he's largely indifferent to whether Swarm runs on Kubernetes or Kubernetes on Swarm -- as long as it works.

For Fenstermacher, this will be the main question to answer before his organization considers moving forward with Docker Swarm on Kubernetes, and it's an open one.

"It will be interesting to see how they implement the integration," he said. "The back ends for each are completely different setups, but there's certainly a lot of potential there."

At SEB, there's also an urgent need to enhance Docker Swarm independently from Kubernetes, as it will remain the bank's primary production container orchestrator for the foreseeable future. Like other large-scale Docker Enterprise users, SEB has encountered performance issues at scale with Docker networking, particularly with the Interlock ingress controller, an item specifically acknowledged by Mirantis CTO Adam Parco this week, who pledged improvements.

"It's important that [Mirantis] continues to support Swarm, since it's up to developers to get started with containers," Terry said. "It's not up to me as an operations guy to say, 'You have to start using Kubernetes, because it's the thing right now.'"

Next Steps

KubeCon 2020 preview: Session guide for Kubernetes beginners

Dig Deeper on Containers and virtualization

Software Quality
App Architecture
Cloud Computing
Data Center