Enterprises have been on sidelines watching the next most important tech stuff happening in the industry and do not want to waste time adopting it. Many financial institutes have started taking keen interest in understanding the benefits and eagerly awaiting to adopt Docker in dev and prod sites. They don’t need to have a microservices model or a fleet of full-stack engineers. One of the most important stuff the enterprises is trying to do is deploying Hybrid Cloud. As an enterprise they have always had private cloud being sold to them as “secured”, “reliable” but now they have been able to identify and distinguish application which are not critical and hence would like to use Public Cloud. Despite the supposed flexibility benefits of hybrid clouds, it is quite an engineering feat to manage security and scalability across multiple complex systems. The vast majority of an enterprise’s applications are burdened by internal dependencies, governance models, network complications, and huge on-premises database clusters. They have realized that the word “cloud bursting” is laughable and cannot be achieved in near future as there is no seamless way. In the meantime these enterprises have realized that it’s essential that if they have to be competitive they have to develop application which are consumable with the users, they need to listen to feedback and launch the application version.next sooner and faster. Here is where the monolithic systems have failed always. Here is where Docker comes in…
This is also good news for enterprises looking to push a DevOps transition forward. The DevOps movement is really about moving faster and consuming fewer resources. Enabling developers to provision Docker containers, run tests against them, and deploy to production in minutes is cost-efficient and eliminates a developer’s worst enemy: manual system configuration work.
One of the attempt of the enterprises across the globe is to avoid vendor lockin.They look at a product which is based on Open Standard and standardization across industry. And the noise which Docker has made in last 2 months helps in that. Container standardization makes it that much easier to move across clouds operated by multiple vendors.The enterprises are using Docker is to help them deploy across multiple systems, migrate applications, and remove manual reconfiguration work. Because application dependencies are built into containers, Docker containers significantly reduce interoperability concerns. Docker works equally well on bare metal servers, virtual machines, AWS instances, and so on.
As a result, applications that run well in test environments built on a public cloud instance will run exactly the same in production environments in on-premises private clouds. Applications that run on bare metal servers can also run in production on any public cloud platform.
Docker is also extending its attempt to make itself enterprise ready. They have started addressing concerns across networking model which allows containers across the systems to communicate a must need for enterprises. They have started developing libraries for its tools (libnetworks & libcontainer). There is a strong push to address Docker Orchestration, logging, monitoring and scaling.
However there are still some issues which Docker community should address. One of the beasts an enterprise IT dept sleeps with is fear of security breach.. Enterprises are rightly concerned about Docker security in hybrid environments. Containers may resemble virtualization, but they have vastly different implications for system segregation, log aggregation, and monitoring. Enterprise applications often have strict governance procedures that require extensive logging and monitoring. Quite simply, there is no mature orchestration tool that monitors security across multiple Docker clusters. Most monitoring tools on the market don’t have a view of transient instances in public clouds, let alone the sub-virtual machine entities. Docker lacks “maturity” is what I hear when I start and discuss with CIOs.
In case of an enterprise, most of the images are “hardended”..which means an image is made trustful and in the case of a security threat, the enterprises do not have to react but is already done so. So what has been announced in Docker 1.8.0 is “Content Trust” is a good step for enterprise.This would ensure that a Docker containers currently would not require a lot of manual security patching by the developer. These trusted images can be downloaded from the hub, but still developers would have to manually ensure that base image is running in each container. Some form of image inheritance is necessary for Docker to be ready for a mission-critical enterprise application.
Docker is quite possibly the answer to enterprises’ challenges in hybrid cloud. But it is also new technology without much tooling around it which enterprises can exploit. May be an enterprise can start investigating, running the app in hybrid environment and understand the issues, take it forward to the Docker club members and work with them to resolve it before they get into production.