Vivek Saraswat

Swarm Orchestration in Docker Enterprise Edition

swarm orchestration

At DockerCon Europe, we announced that the next release of Docker Enterprise Edition (Docker EE) would include Kubernetes integration. We’re really excited about bringing Kubernetes to our customer base and continuing to increase our involvement within the community. But it’s equally important for us to note that Swarm orchestration is not going away. Swarm forms an integral cluster management component of the Docker EE platform; in addition, Swarm will operate side-by-side with Kubernetes in a Docker EE cluster, allowing customers to select, based on their needs, the most suitable orchestration tool at application deployment time.

Here are just a few reasons that Swarm is integral to the Docker EE solution:

  1. Support our existing customers and ecosystem integrations
  2. Provide customers the flexibility in choice of orchestrators
  3. Provide secure and highly available clustering architecture

Existing Customers and Ecosystem Integrations

Docker now has hundreds of Docker EE customers who have standardized on Swarm orchestration. In fact, at our Customer Summit during DockerCon, all of the customers stated that they intend to continue using Swarm even with the Kubernetes announcement. Having both orchestration options available is definitely a plus for some of these customers that have organizations within the company using both Swarm and Kubernetes, and we remain committed to our customers who continue to build and extend their Swarm environments.

In addition, as a platform solution, it is critical that Docker EE works with other IT solutions in the wider ecosystem, such as solutions for monitoring and logging or infrastructure for storage and networking. As a result of this, we have certified many 3rd party tools for Swarm. As there are customers actively leveraging these ecosystem solutions and investments that technology partners have made, we are committed to supporting our technology partners and our customers who benefit from these joint solutions.

Flexibility in Choice of Orchestrators

The vision of Docker EE is to provide a single platform which offers the customer choice for multiple architectures, multiple application teams, and multiple orchestrators. Kubernetes is a powerful solution that offers a variety of orchestration features, and Swarm provides a simple learning curve and powerful capabilities that make it easy to get started with production-ready container deployments.

Some of the areas of Swarm orchestration that may be attractive to those new to containers or looking for a straightforward solution:

Simple and straightforward application deployment. You can get a highly available Swarm-based application up and running via a quick docker service create CLI command or the Docker EE UI’s service creation wizard. Swarm makes use of simple defaults in order to speed up the application process, while more advanced users can customize these settings as parameters in the API, CLI, or UI.

Batteries included networking. Docker Swarm includes capabilities for integrated VIP-based service discovery and load balancing, and Docker EE in particular makes hostname routing to applications easy through the use of labels and a batteries-included proxy service. Networks are first class objects in the API, CLI, and UI, so it’s easy to segment applications by just attaching services to each virtual network. And finally, adding network encryption is as simple as clicking a checkbox or adding a CLI flag during network creation.

Production support for multiple infrastructures. Out of the box, Docker EE-based Swarm provides generally available production support for a number of infrastructures, including Linux on x86, Linux on IBM Power and Z mainframes, and Microsoft Window Server 2016.

Simple yet powerful cluster management capabilities. Docker EE leverages Swarm for its powerful node management capabilities and to make setting up out-of-box highly available production clusters a snap–not just for Swarm workloads, but for Kubernetes workloads as well. Let’s dive into this in more detail.

Secure and Highly Available Clustering

Regardless of whether you end up using Swarm or Kubernetes for application orchestration, Docker EE leverages the clustering capabilities of Swarm to provide a secure and highly available, enterprise-ready container environment.

Docker TLS

Cluster Creation and Adding Nodes

With Docker Swarm, creating a cluster is as simple as running docker swarm init on the first node. Docker EE builds upon this functionality to provide a simple one-line install command to bring the cluster manager up and running. Adding new nodes to the cluster is as simple as copying and pasting the  the docker swarm join command with the provided token from the Docker EE UI into each node and Docker EE automatically downloads and configures the components necessary to get the node linked up to the cluster. In both cases, Docker EE automatically installs Kubernetes components, providing an easy way to get a Kubernetes-ready cluster up and running in any environment.

High Availability

High Availability (in the form of redundant cluster managers) is a necessity for any production enterprise environment. Creating a highly available Kubernetes cluster can be a daunting task, involving extending the distributed key value store, installing new components, and manually replicating certificates across new nodes. Docker EE leverages Swarm clustering to make high availability as simple as promoting worker nodes to managers via a single UI click or API call. Behind the scenes, Docker EE ensures that the right system components (orchestration controllers, certificates, distributed key value store, user authentication/authorization containers, etc.)  are installed and replicated across the manager nodes. With just a few simple clicks, Docker EE uses Swarm to give you a highly available Kube cluster right out of the box.

Secure Clustering with Auto Certificate Rotation

A core principle for Docker is creating a zero-configuration, secure-by-default, out-of-the-box experience for the Docker platform. Docker Swarm clustering comes with mutually authenticated TLS, providing authentication, authorization and encryption to the communications of every node. Every node joining the cluster will automatically be issued a new certificate with a randomly generated ID, and these certificates can be automatically rotated. These features extend to Kubernetes, providing a secure-by-default Docker EE cluster for both Swarm and Kubernetes.

Conclusion

The next release of Docker EE will allow customers to run Swarm or Kubernetes orchestration side-by-side, giving our customers the freedom to run the best orchestration solution for their needs. We are excited to deliver an enterprise-grade container platform that extends the value of Docker EE to Kubernetes workloads while still continuing to support Swarm, our customers, and our ecosystem.

If you’re interested in the upcoming Beta, be sure to sign up at https://www.docker.com/kubernetes.  

Additional Resources:

, , , ,

Vivek Saraswat

Swarm Orchestration in Docker Enterprise Edition


One Response to “Swarm Orchestration in Docker Enterprise Edition”

  1. Rodislav MOLDOVAN

    docker-ce will continue to have access to full swarm ?

    Reply

Leave a Reply

Get the Latest Docker News by Email

Docker Weekly is a newsletter with the latest content on Docker and the agenda for the upcoming weeks.