The container ecosystem took a great leap forward at the end of February with the full launch of Docker Datacenter (DDC). It’s what Docker describes as “an integrated, end-to-end platform for agile application development and management at any scale.”
Still, what exactly is Docker Datacenter and how does Docker Datacenter work?
It’s a sort of container-as-a-service (CaaS) setup within a company, where IT departments can build and store Docker images, code jockeys can build and test applications in containers on their laptops or desktop machines, and administrators can zip them over to servers in the corporate data center – or on virtual machines in the cloud – to put them into production.
As we’ve discussed before in this column, container technology itself is now pretty snore-bore stuff that will soon be standardized. What’s exciting is how companies like CoreOS, Docker and others differentiate themselves with enterprise-grade container management systems that allow companies to utilize containers in practice.
The Docker Datacenter is important today because while it was actually shown off in the middle of last year, it’s only now entering into general availability (GA). It’s also important because it comes from Docker, and of course Docker is the VMware of the container space – the 600-pound alpha male gorilla in its market.
Differences Between Docker and Docker Datacenter and Other Container Management Platforms
But beyond the Docker hype, DDC is similar to CoreOS’s Tectonic container management platform in that it comprises proprietary software and open source projects to make a complete solution.
The proprietary parts are Docker Universal Control Plane (UCP) and Docker Trusted Registry (DTR), which support Docker Engine as well as embedded open source Docker projects such as Swarm, Content Trust and Networking.
Image courtesy of Docker Datacenter Blog
So what exactly are these proprietary pieces in Docker Datacenter?
Well, UCP is the management pillar of DDC, and it lets administrators deploy containers and applications both on premise and in the public cloud. It integrates with key systems like LDAP/AD to manage users, and provides an interface for IT operations teams to deploy and manage Dockerized applications in production environments. (It’s actually this component of DDC that’s just gone from beta to GA, meaning the DDC as a whole is now in GA.)
The DTR, which was unveiled last Autumn, is like a secure local Docker Hub. It allows companies to store and manage their Docker images on-premise or in a virtual private cloud to support security or regulatory compliance requirements, and it includes various access management mechanisms to ensure that only authorized people can use it. (It’s possible to create admin, user or read-only level permissions for users and organizations.)
Images can also be signed by developers when they are created to ensure they can’t be modified or hacked and then find their way into a production environment.
Docker’s Banjot Chanana explains: “For example, a central IT team can create base images, sign them and upload to their instance of Trusted Registry. The integration to DTR exposes the signature status in the UI for developers and IT. Developers can pull these images, start building apps on top of them and deploy them out. With Content Trust activated, the Docker Engines in the environment cannot gain access to or run images that are unsigned.”
As you might expect from something that is touted as an enterprise-grade product, the integrations between the various proprietary and open source parts of the platform have been tested and validated, and Docker also offers commercial support.
What’s New in the Docker Datacenter May 2016 Update
Three months after the initial general availability of Docker Datacenter, Docker debuted a new release of DDC in May that packaged updated versions of Universal Control Plane 1.1 (UCP), Docker Trusted Registry 2.0 (DTR), Docker Engine 1.11, Swarm 1.2 and Compose 1.7.
New features in the May Docker Datacenter release include enhanced container scheduling, Unified Authentication with a common authentication service for DTR and UCP, and the ability to deploy applications directly within the GUI by typing in or uploading a compose .yml file.
The DDC update in May also delivered several new capabilities to enhance high availability (HA), including a completely redesigned DTR HA cluster architecture, replicated Certificate Authorities (CAs) for UCP, container rescheduling from Swarm, and a backup/restore feature.
Finally, the May release of Docker Datacenter also added features centered around improving usability and system hardening to further provide secure infrastructures where developer applications can be built and deployed in a seamless, self-service manner.
Containerization Now More Credible than Ever
While DDC is not entirely new, because it is now in GA and has already seen a “version 1.1” update in May 2016, it can hit the mainstream and companies can start using it in earnest.
That means the container software ecosystem is now more credible than ever – not least because DDC has the Docker name behind it. (Other available management products are backed by less well-known names such as CoreOS and – in the context of containers, anyway – Google.)
All this can mean only one thing: there are becoming fewer and fewer good reasons for companies to hold back from using containers.
There’s two obvious outcomes of all this. The first is that containers are going to continue to proliferate. The second is that the capabilities of container management products are going to be ratcheted upwards very quickly as an increasing number of startups enter the market with new and innovative container management-related products. We’ll be looking at some of these solutions in this column in the coming weeks.
Paul Rubens is a technology journalist and contributor to ServerWatch, EnterpriseNetworkingPlanet and EnterpriseMobileToday. He has also covered technology for international newspapers and magazines including The Economist and The Financial Times since 1991.