• Skip to primary navigation
  • Skip to main content
Rishidot Research

Rishidot Research

deciphering the modern enterprise

  • Home
  • About Us
    • Meet The Team
  • Research
    • Research Agenda
    • Research Data
  • Services
  • Blog
  • Stacksense
  • AISutra
  • Rishidot TV
  • Modern Enterprise Podcast
  • Contact Us
    • Information For AR/PR Representing Vendors
  • Show Search
Hide Search

docker compose

Docker Announces Support For Kubernetes – An Analysis

Krishnan Subramanian · October 18, 2017 · Leave a Comment

Yesterday at Dockercon EU, Docker announced its support for Kubernetes on the Docker Enterprise Edition, Docker Community Edition as well as its desktop apps as well as the Moby project. This is a significant shift for a company that almost broke the open source community around the then Docker project. They wanted to push the hooks for their orchestration and management plane into the containers under the “batteries included but swappable” marketing campaign. Since then, the wind has blown in the direction of Kubernetes at the orchestration level and the conversation has effectively moved from the standardization around containers to standardization on orchestration plane. In this post, we will discuss the implication of this announcement in the market and how it impacts IT decision makers.

Docker’s foray into Kubernetes World

Yesterday Docker pre-announced the availability of Kubernetes on Docker platforms and the Moby project citing the shared roots between Docker community and Kubernetes community. They also announced that they would make vanilla Kubernetes available and stay close to the recent version instead of the Red Hat model of releasing stable releases for OpenShift Container Platform. According to Docker, there will be better collaboration between the Moby project and Kubernetes project. The end users get the option of selecting Kubernetes or Swarm for orchestration.

The State Of Developer Platforms

It is all about application platforms. How do you empower developers in your organization to seamlessly deploy apps ensuring faster time to market? How organizations enable them depends on the abstraction which, in turn, depends on the nature and requirements of the application being deployed. The early days of cloud saw the debates of IaaS+ vs PaaS and we see similar trends in the era of container native workloads. Kubernetes is fast gaining mindshare, driven by the declarative approach it offers in the automation of container native infrastructure. The quest to pick the right abstraction needed for various applications still see the same kind of demarcation we saw in the early days of cloud computing. It is IaaS+ (driven mainly by Kubernetes even though Mesosphere DCOS and Docker Swarm are other competing platforms) vs the platform abstraction at the developer layer enabled by platforms like OpenShift and Pivotal CloudFoundry (picking Pivotal CloudFoundry specifically because I don’t see any other credible vendor in that ecosystem) vs the serverless or Functions as a Service offerings. The usage patterns range from monolithic and web apps in IaaS+ to Modern apps including Microservices on developers focussed platforms like OpenShift and CloudFoundry to event-driven Microservices in the Serverless/FaaS platforms.

The announcement by CloudFoundry that Kubernetes will become the Container Runtime for CloudFoundry platform combined with Docker’s announcement that Kubernetes will be one of the choices in orchestration plane puts Kubernetes as the core component in the container native application platforms. Kubernetes, by itself, has limited impact but it is emerging as the core component of modern day platforms whether it is IaaS+ or modern PaaS or FaaS. Both Pivotal CloudFoundry and Docker are positioning their support for Kubernetes as giving a choice to their customers. While this may be true in the short term, there is a high chance that Kubernetes will emerge as a standard in the container orchestration and be a standard component of any developer-centric platform.

In that sense, Kubernetes is fast emerging as a standard for container orchestration. But, we want to discount any notion that Kubernetes has won the platform wars. The platform market is wide open with many of the workloads still in VM machines and Kubernetes adoption in production is still in early stages. Functions as a Service (as a public cloud service) or a FaaS Platform that is multi-cloud and agnostic of orchestration layer may take the steam out of Kubernetes just like how Kubernetes took the winds off Docker momentum.

Considerations for IT Decision Makers

This makes the decision much easier for IT decision makers and it helps them consolidate their platform choices without worrying about whether the platform supports Kubernetes or not. If your organization has already invested in Docker Platform, this makes it easy to have a mixed environment where Kubernetes can be used for managing dev and test clusters and Docker Swarm for production. The next version of Docker Enterprise Edition and Docker Community Edition will make this easier for your organization. If you are not a Docker shop and want to have a choice in the container orchestration, it makes sense to go with Docker Platform. Otherwise, there are other choices from established vendors like Red Hat OpenShift or Pivotal’s CloudFoundry Platform. Between Red Hat OpenShift and Pivotal CloudFoundry, the decision is mostly cultural. If you are an IT-centric organization, Red Hat OpenShift Container Platform is well suited for your needs. If you are a developer focussed organization, Red Hat’s OpenShift Online or OpenShift Dedicated or Pivotal’s CloudFoundry are better options. Depending on the tolerance level of the organization for betting on startups, there are other options like Mesosphere DCOS, Rancher Labs, Heptio and many others. But if your end goal is to embrace Functions as a Service, you could still use containers to encapsulate the backend services but we would strongly recommend that you bet on multi-cloud, container orchestration agnostic platforms. It doesn’t make sense to embrace Kubernetes just for using FaaS.

Conclusion

Docker’s move into Kubernetes is the next logical step for them after they failed to capitalize on the momentum behind their container mindshare. This also makes them a much easier acquisition target as every big company has bet their modern stack strategy on Kubernetes. It will be interesting to see where Docker goes from here as Steve Singh takes full control with the newer round of funding expected to happen soon.

Quick Analysis: Docker Secrets Management Announcement

Krishnan Subramanian · February 13, 2017 · Leave a Comment

Recently Docker Inc. announced Docker Secrets Management, a secure way to store confidential announcements like credentials, tokens, passwords, certificates, etc. so that containerized applications can securely communicate with other services. This is released for Docker Swarm right now and it will be released for Docker Compose in the near future. The basic secrets management feature is available for all users of Docker platform right now but if you want role based access control, it is a paid feature. Clearly, Docker is making their platforms more palatable to enterprise customers, one of the weakness they had to fend off as the compete with other platform vendors like Red Hat and Pivotal who tout container security as one of their strong points.

Even though Kubernetes has a similar feature and one can manually enable TLS with Kubernetes Secrets, Docker makes TLS a default for access. Docker secrets uses In-Memory for keeping the decrypted password and doesn’t store the file in a disk storage while an application is using it. However, if the service running in the container is compromised, the Docker Secrets kept unencrypted in-memory will also be compromised. The secrets management system will also notify all nodes to delete the secrets if the service is deleted or rescheduled.

In short, this is a required enterprise feature added by Docker for their platform and making role based access control to secrets a premium feature is a smart move which indicates that Docker, as a company, has realized that they need to go beyond the spirits of end to end OSS model to justify their valuation. There is nothing wrong with it as it is the reality in the industry.

Document Source

Quick Analysis: ]([]https://github.com/rishidot/Quick-Analysis/blob/master/2017/Docker-Secrets-Feb.md)

Subscribe to Modern Enterprise Newsletter & get notified about our research




© 2021 · Rishidot Research