By Tim Clark
June 20, 2016
Containers need an orchestration scheme to be useful to enterprises, and Docker, the granddaddy of Docker containers, today announced that it will bundle orchestration in its next version of Docker Engine, v1.12, scheduled for release in July. The announcement came at DockerCon in Seattle.
While predictable, the news could cause indigestion for parts of the Docker ecosystem: Google and its open-sourced Kubernetes orchestration engine, IBM with Bluemix, AWS and Marathon, an element of open source Mesos that is promoted by Mesosphere.
Architecturally, Docker is folding its Swarm product plus orchestration into its Docker Engine. Docker says its built-in orchestration will enable organizations to easily create and manage complex containerized applications from development through production, simply and automatically.
Docker Swarm provides native clustering for Docker, which turns a pool of Docker hosts into a single, virtual Docker host using the standard Docker
“Orchestration is at the same stage today as containerization was before Docker. You either need an army of experts to build it, or you lock yourself to a monolithic platform which will drastically reduce your choice of suppliers,” said Solomon Hykes, founder and CTO at Docker. “As leaders of the market, it’s our responsibility to lead this change.”
With orchestration in Docker Engine, Docker says containers will be able to form a self-organizing, self-healing pool of machines for running multi-container distributed applications, including microservices. Docker even contends the orchestration features will help align dev and ops teams.
Docker also unveiled a new service deployment API that will allow operations teams to run and scale services. Through the API, the swarm of containers will continuously check and reconcile the environment against application requirements when something adverse happens, a feature Docker claims will differentiate it from other orchestration engines. The state of all services is replicated in real time across a group of managers so containers can be rescheduled after a node failure.
The new “Swarm mode” can be turned on to utilize the built-in orchestration, or users can choose to use their own custom tooling or third-party orchestrators that run on Docker Engine.
“Developers have encountered growing pains with orchestration at scale,” said Fintan Ryan, industry analyst with RedMonk. “With the inclusion of secure built-in orchestration in the 1.12 release, Docker is providing developers with a simple-to-use, yet extremely powerful, orchestration tool while further investing in a consistent, easy-to-manage experience for operations."
Docker listed multiple benefits for its built-in orchestration:
Ease of Use: Simplifies the process of creating groups of Docker Engines, also known as swarms. The self-organizing, self-healing capabilities of swarms are now backed by automated service discovery and a built-in distributed datastore. As a result, it takes just one command to add a Docker Engine and horizontally scale a swarm.
Resilient: The new service deployment API describes all the resources and components with a single command that allows operations teams to run and scale a service. The swarm will continuously check and reconcile the environment against the requirements of the application when something adverse happens. The state of all services is replicated in real time across a group of managers so containers can be rescheduled after any node failure.
Performance at Scale: Docker orchestration includes an in-memory caching layer that maintains state of the entire swarm, which assures scheduling performance even during peak times. The system has a built-in routing mesh technology that addresses the challenge of how to provide container-aware load balancing for applications run within a single enterprise. For distributed application that run across environments, Docker supports legacy load balancers.
Secure: Each Docker Engine is automatically assigned a cryptographic identity to ensure that only validated Engines can be accepted into a swarm. Moreover, Docker Engine comes with mutually authenticated TLS, providing authentication, authorization and end-to-end encrypted communications among every node in the swarm. Transport Layer Security is a successor to Secure Sockets Layer (SSL), cryptographic protocols that provide communications security over a computer network.
Availability: Users can obtain Docker 1.12 today as part of the newly opened public beta of Docker for Mac and Docker for Windows at https://www.docker.com/getdocker. It also is available through cloud-optimized experiences such as Docker for AWS and Docker for Azure that bundle custom plugins for networking, load balancing and SSH key management. Finally, Docker 1.12 is also available as a binary download or a package for all major Linux distributions at https://docs.docker.com/engine/installation/linux.