New Tools Seek to Orchestrate Container Management
Several application container management tools were released this week with the goals of securing the software supply chain while improving orchestration of container clusters as the percentage of production workloads inches upward.
San Francisco-based Docker on Thursday (Feb. 9) released the latest version of its Docker Datacenter, intended as a platform for application developers and IT operators to collaborate to streamline enterprise software delivery. Specifically, the new release adds a security feature dubbed "container-native secrets management".
The tool ensures that API and encryption keys along with passwords required when applications enter production are managed across the software supply chain. Docker Datacenter integrates the "secrets" feature to provide a standard interface for applications running in containers. The company said the security features are encrypted in transit and at rest, leveraging "orchestration capabilities to deliver defined secrets only to the containers running the service associated with it."
"Docker’s secret management capability is the latest security enhancement integrated into the Docker platform as part of our ongoing effort to ensure applications are safer in a containerized environment," Nathan McCauley, Docker's security director, asserted in a statement. The goal is a single security model that works on premise as well as across private and public clouds.
The capability also reflects ongoing efforts to deliver "stateful" container applications that on the one hand isolate individual containers to maintain security while addressing current limitations to getting containers to "work together."
These and other management tools are designed to fill gaps in the existing application container ecosystem that strives to become the "third wave of computing." According to one recent estimate, application containers currently account for about 5 percent of the total workloads per server. By 2020, that share is estimated to grow to at least 20 percent.
Observers noted that a key barrier to that lofty goal is addressing current limitations to getting containers in work in concert across enterprise IT infrastructure.
To that end, Docker and container rival CoreOS are increasing the frequency of product releases aimed at improving management of containers. Also this week, San Francisco-based CoreOS rolled out extensions to Tectonic cluster manager that ships with the latest version of the Kubernetes container orchestrator. The release includes a "self-driving" container infrastructure for Kubernetes.
"Self-driving extends the scale and hybrid deployment features of Kubernetes," to improve container security, simplicity and the ability to remain current on container innovations, CoreOS CEO Alex Polvi noted in a blog post. "Like the self-driving features of a modern car, we have made the functionality available as an option."
Betting the Kubernetes is emerging as the de facto open source standard for managing, automating and scaling container infrastructure, CoreOS also announced this week it is pulling its in-house cluster scheduling software called "Fleet" from the Linux Foundation container project.
"This move reflects our focus on Kubernetes and Tectonic for cluster orchestration and management," the company said.