DEVOPSdigest asked experts from across the IT industry for their opinions on the top tools to support DevSecOps. Part 3 covers security and monitoring ...
Docker announced Docker Enterprise Edition (EE) 2.0, an enterprise-ready container platform to manage and secure applications on Kubernetes in multi-Linux, multi-OS and multi-cloud customer environments.
Docker EE provides organizations with choices – from orchestration (Kubernetes and Swarm) to applications (legacy or cloud native) to infrastructure (cloud or on premises) – enabling IT leaders to advance their digital and cloud initiatives with the flexibility needed to make adjustments as business requirements evolve.
In keeping with Docker’s heritage of making complex technology easy to use, Docker EE provides a unified operational model that simplifies the use of Kubernetes for those that want the capabilities for their application delivery environment, but do not want to hire a team of Kubernetes experts. With Docker EE, security is built in every step of the way, ensuring organizations have security and governance over their containers without slowing down software delivery.
Docker EE eliminates risk for organizations by providing the freedom to choose how, when and where to innovate their applications without the fear of technology or infrastructure lock-in. Organizations can start big or small, with legacy or cloud-native applications, using any application stack on any OS, across any infrastructure, whether it be on prem or across multiple clouds and still have the same Docker experience throughout the application lifecycle.
As part of Docker EE 2.0, organizations have these capabilities:
- Multi-OS Support: Availability across certified infrastructure platforms, including multiple Linux distributions (SLES, CentOS, RHEL, Ubuntu, Oracle Linux) and Windows Server.
- Multi-Cloud: Organizations are not locked into an underlying infrastructure and get the greatest flexibility in hybrid cloud deployments across all major clouds including AWS and Azure.
- Orchestration Choice: Docker EE is the only platform that runs both Swarm and Kubernetes simultaneously on the same cluster - so developers do not need to make an orchestration choice. Operations teams have the flexibility to choose orchestrators interchangeably.
- Networking: Consistent with Docker’s “batteries included but swappable” model, Docker EE offers integrated secure networking through Project Calico by and in collaboration with Tigera, Docker’s integration partner for Calico. With this CNI integration, organizations get a fully-supported Kubernetes solution with Project Calico built-in - the only one that works uniformly across the leading Linux OSes and the major cloud providers. Companies with networking plugins that are certified or being certified on
- Docker Enterprise Edition 2.0 include: Cisco Contiv, Infoblox and Weaveworks.
- Storage: Companies with volume plugins that are certified or being certified on Docker Enterprise Edition 2.0 include: Blockbridge, Dell EMC, Hedvig, HPE/Nimble, NetApp, Nexenta, Portworx, Pure Storage, StorageOS, Veritas, Virtuozzo.
All certified containers in Docker Store continue to work on Docker EE certified infrastructure.
“Enterprises are investing heavily in containers to enable their strategic IT initiatives, but to further drive success, they need a container platform that addresses the scale and operational requirements of a global business,” said Scott Johnston, Chief Product Officer at Docker. “In working closely with our customers, we developed Docker EE 2.0 to meet these enterprise needs and bring the unique security, portability and agility benefits of the Docker platform to Kubernetes. From ensuring end-to-end security across a globally-distributed IT organization to enabling existing teams to operationalize Kubernetes, Docker EE 2.0 provides the foundation for enterprises to innovate at their own pace, without fear of vendor lock-in.”
Docker EE simplifies day-to-day operational tasks when using Kubernetes - similar to how Docker has operationalized Swarm. Docker EE allows you to leverage your existing team and processes to adopt and operationalize Kubernetes. For example, Docker EE offers:
- GUI-based operational workflows for simplified yet powerful Role-based Access Control (RBAC) as well as cluster and registry management.
- Secure application zones that provide logical and physical separation of applications within the same cluster. This approach maximizes both operational efficiency and infrastructure utilization leading to significant cost savings.
Docker EE streamlines managing Kubernetes; however, operations teams also have access to raw Kubernetes components that run atop a full-featured, CNCF conformant Kubernetes stack. Accordingly, Kubernetes-native APIs, CLIs and interfaces are available to advanced users seeking to fine tune and troubleshoot the orchestrator.
Docker EE brings a complete secure supply chain to Kubernetes in the same way it has for Swarm. Combining Docker image signing and scanning with policy-based image promotions allows organizations to build governance over the container environment without impeding the speed of development and application delivery.
To tailor these capabilities to globally distributed organizations, Docker EE 2.0 comes with new functionality within its trusted registry for image caching and mirroring. These features ensure that centrally stored images can be propagated to regional registries for better performance and replicated for higher availability. The result is that organizations with software projects that span multiple continents can seamlessly and securely share their software within a given development team. When one part of the organization is done for the day, they can sign their content, push it to the private registry and then have the content changes automatically cached, for a hand-off, in other private registries around the globe.
The Docker Desktop integration of a complete Kubernetes stack ensures that developers can seamlessly leverage features like multi-stage builds, application composition (Docker Compose) and in-container development and have them run consistently from development all the way to production. Developers have the flexibility to write their application with Docker and then can choose their orchestrator without requiring any additional modification. Similarly developers can maintain their Docker native workflows, while experimenting with Kubernetes native tools and commands.
Docker Enterprise Edition 2.0 and Docker Desktop for Mac and Windows are immediately available.