At DockerCon Europe, we announced that Docker will be delivering seamless integration of Kubernetes into the Docker platform. Bringing Kubernetes to Docker Enterprise Edition (EE) will simplify and advance the management of Kubernetes for enterprise IT and deliver the advanced capabilities of Docker EE to a broader set of applications.
Swarm and Kubernetes Side-by-Side
Docker EE is an enterprise-grade container platform that includes a private image registry, advanced security features and centralized management for the entire container lifecycle. By including Kubernetes for container orchestration, customers will have the ability to run both Swarm and Kubernetes in the same Docker EE cluster while still leveraging the same secure software supply chain for building and deploying applications.
Figure 1. Docker EE Architecture with Multiple Orchestrators
This is possible because Docker EE has a modular architecture that is designed to support multiple orchestrators. The Linux nodes are both Swarm and Kubernetes-ready and application teams can decide which orchestrator to use at app deployment time.
When creating a new Stack in Docker EE, you are given the choice of deploying it as Swarm Services or as Kubernetes Workloads:
Figure 2. Selectable modes at app deployment time
Upon deployment, the Docker EE dashboard has a “Shared Resources” area which allows you to view and manage the entire EE environment, including both Swarm Services and Kubernetes Workloads.
Figure 3. New dashboard with shared resources view of both Swarm and Kubernetes
Get Docker EE Capabilities for Kubernetes
Bringing Kubernetes into Docker EE means making Kubernetes work as easily and powerfully as Docker EE. That includes enabling all of the advanced EE features for Kubernetes workloads.
Easy Production Install
By leveraging Swarm for cluster management, creating a highly available and fault tolerant Kubernetes environment is much easier and much more secure.
For admins, they can get a cluster up and running with Kubernetes by simply installing Docker EE with a one-line command. Once the cluster is running, Kubernetes is installed as part of Docker EE. This includes built-in security to enable mutually authenticated TLS, with certificate rotation.
Figure 4. Docker EE cluster where the same nodes are both Docker and Kubernetes-ready
NOTE: This view shows Kubernetes v1.7 although the Beta will be leveraging v1.8.
Secure and Unified Supply Chain
Docker EE delivers end-to-end security across the supply chain from the developer’s laptop to production deployment. With this integration, teams leverage the same supply chain capabilities for both Swarm and Kubernetes deployments. That includes:
- Secure Image Management: With image scanning and Docker Content Trust, Docker EE provides a way to validate and verify images before being deployed and manage them in a privately hosted image registry.
- Secure Automation: With policy-based image promotion, organizations remove bottlenecks in the supply chain while enforcing policies such as scanning for vulnerabilities.
With flexible and granular role-based access controls (RBAC) down to the API-level, admins can integrate AD/LDAP once and support different teams bringing different apps (Windows, Linux, or mainframe) of different app types (microservices, ISV, or traditional), leveraging different orchestrators (Swarm or Kubernetes) all into the same Docker EE environment with secure isolation between them. That allows development teams to bring their own tools and processes into the same environment.
Figure 5. Docker EE access controls with resource collections
For users deploying applications to the EE cluster, they get the choice of API in Kubernetes or Swarm, across a common set of nodes and using a common set of container images secured by the Trusted Registry.
Deploy Apps to Kubernetes
A new capability with this upcoming release allows organizations to use existing Docker Compose files and deploy to a Kubernetes environment. The same Docker Compose file can be deployed with either orchestrator by mapping Docker service definitions to native Kubernetes resource types.
Figure 6. Docker Compose YAML file being deployed as a Kubernetes workload
With Docker EE, all of these different applications can be monitored and managed in a single environment that is integrated with centralized logging and monitoring capabilities. IT can manage and secure all applications in a unified operating model that aligns with their current responsibilities.
Figure 7: Container view in the Docker EE dashboard that includes containers deployed in Swarm and in Kubernetes from the same Docker Compose YAML file
Docker EE delivers a consistent experience across certified infrastructure platforms including multiple Linux distributions (RHEL, SLES, CentOS, Ubuntu, Oracle Linux) and Windows as well as cloud platforms including AWS and Azure. This means organizations are not locked into an underlying platform and get greater cloud portability.
Sign up for the Beta
Docker will be integrating the latest stable release of Kubernetes and contributing back to the Kubernetes project. As part of this announcement, Docker will also be adding Kubernetes support in Docker for Mac and Docker for Windows.
If you’re interested in getting an easy-to-manage and secure deployment of Kubernetes with advanced lifecycle management capabilities, visit https://www.docker.com/kubernetes and sign up for the upcoming Beta.
To learn more about Docker Enterprise Edition:
- Register here to live stream the Day 2 keynote
- Visit www.docker.com/enterprise
- Test drive Docker EE without installing anything at www.docker.com/trial