Today, Docker is making a number of announcements around what they have previously called “Enterprise Edition.” The company is now calling the advanced product “Docker Enterprise Edition,” and has also announced that they are adding support for managing secrets to their platform — as well as a new plugin framework intended to provide greater flexibility as to how admins can customize their container deployments.
Contents
- 1 Docker’s enterprise container platform will now include the ability to manage secrets and credentials, the company announced this morning.
- 2 Today, Docker is also announcing that it’s updating its plugins SDK with a way to move containerized applications and their data across Amazon ECS, Kubernetes, and Swarm in an automated fashion.
- 3 Currently, when users want to update their Swarm clusters to a more recent version, they have to manually update them (a process that can take up to an hour for each node).
- 4 With this update, the upgrade process should only take about 15 minutes.
- 5 The vendor has been working on these for a while but decided to make the announcement ahead of next week’s DockerCon 2018 conference.
- 6 Docker announces support for secrets management along with updates on their plugin SDK, and easier updates to clusters.
- 7 Bottom Line
Docker’s enterprise container platform will now include the ability to manage secrets and credentials, the company announced this morning.
Docker’s enterprise container platform will now include the ability to manage secrets and credentials, the company announced this morning. The news was made at DockerCon 2018, where Docker made several additional announcements in conjunction with this.
Docker Enterprise Edition (EE) customers will have access to a new set of features for securely working with sensitive data on their container-based systems. Docker has partnered with CyberArk’s Conjur open source project, which is an open source secret management solution. With the addition of CyberArk’s solution, users will be able to securely store and manage secrets from within their containers using Docker EE.
The need for a service like this arises from the increased usage of containers by companies across many industries. As container adoption grows, concerns about security have become more prevalent as well. As a result, keeping secrets secured has been one major challenge for enterprises looking to implement containers at scale. By partnering with CyberArk and implementing its secrets management system into EE, Docker provides a simple way for organizations to keep these secrets secure while still achieving greater efficiency through containerization
Today, Docker is also announcing that it’s updating its plugins SDK with a way to move containerized applications and their data across Amazon ECS, Kubernetes, and Swarm in an automated fashion.
Automated migration is a feature that Docker’s enterprise customers have been asking for since its launch two years ago.
“We’ve had plenty of customers who’ve said to us that they love the ability to write their applications once and run them on any environment, but what happens if you want to move an application from one platform to another? How do you automate that?” Larsen told TechCrunch. “This gives customers the ability to move applications both in test and production across different environments.”
To accomplish this, Docker has built on its existing plugin SDK so users can automatically update their cluster nodes with new information. This plugin architecture allows developers and operators to manage infrastructure as code, according to Larsen. “You can write scripts and then deploy those into your Kubernetes cluster and have them enforced automatically on all of your nodes,” he added.
Currently, when users want to update their Swarm clusters to a more recent version, they have to manually update them (a process that can take up to an hour for each node).
Before, when you used to want to update your Swarm clusters to a more recent version, you had to manually update them (a process that can take up to an hour for each node).
Now, you can use the command docker swarm update and it will take only five minutes!
Previously, after the first node was updated with new images and restarted in a rolling fashion, there would be some service downtime. For example, network routes would not work properly until all nodes were on the same version.
Now, with every new release of Docker Engine, a new major and minor version is pushed as part of that release. That means that if you are running 17.09 and want to upgrade directly from there without updating 17.06 or 17.03 in between, the built-in engine updates feature will allow you to do that seamlessly. This is possible because all nodes in a cluster are automatically updated one by one while they continue serving traffic normally during this process so that no downtime occurs during the upgrade operation itself or even afterwards when all nodes have been restarted with their respective new versions running (e.g., 1704 vs 1801).
With this update, the upgrade process should only take about 15 minutes.
According to Docker, the upgrade process for its enterprise container platform will now take only about 15 minutes. Previously, it could take hours.
The company has been working on this update for a while in order to make it easier to upgrade and update clusters. This is going to be available as part of the Docker Enterprise 3.0 release, which happens later this month.
The vendor has been working on these for a while but decided to make the announcement ahead of next week’s DockerCon 2018 conference.
DockerCon 2018 is taking place in San Francisco, CA from June 12-14. It will feature speakers from across the Docker community and provide an overview of the latest features and innovations with Docker technologies. During this year’s event, Docker will also be making a major announcement regarding its secret management tool.
The vendor has been working on these for a while but decided to make the announcement ahead of next week’s DockerCon 2018 conference. Next year’s event will take place in San Francisco, CA from June 24-26 and it was recently announced that Amsterdam, Netherlands would host DockerCon 2020 from November 3-5.
Docker announces support for secrets management along with updates on their plugin SDK, and easier updates to clusters.
Docker’s enterprise container platform will now include the ability to manage secrets and credentials, the company announced this morning. In addition, they are also releasing their plugin SDK to general availability, so that users can extend and customize their Docker Enterprise deployments. Finally, they’re making it easier for customers to update their clusters.
The new secrets capabilities in the platform are part of a larger shift towards what Docker is calling a “zero trust,” or “least privilege” security model: rather than granting access to everything on a containerized host by default, admins need only assign permissions on a per-service basis. This is much more secure than having credentials stored in plaintext files that might be accessed by other containers—which was an option until today.
Bottom Line
We expect this new mode of authentication to become a common one, not only because it addresses an actual security problem, but also because it makes good business sense. With this model, Docker can ensure users are paying for the features they’re actually using—and of course, each additional feature rented costs money. Expect to see this adopted by other communities and cloud providers, and expect the focus on security in enterprise-focused container management solutions to continue to grow.
