Building Docker infrastructure still tough, but maybe not for long

Docker could become the next generation compute platform, and even replace server virtualization, but the container technology has some growing up to do first.

Delivering apps as Docker application containers may be a walk in the park for developers, but early adopters say building your private Docker infrastructure is still easier said than done. Just as galling: a surprising lack of key functionality.

“We’ll get 95% of the way there with Docker, and then encounter some huge thing like ‘How do we mount a disk?’” said Derek Haynes, CEO of Scout, which makes infrastructure and application performance monitoring software, and recently tried to use Docker for internal development purposes.

If Docker is to realize its potential as a next-generation compute platform – or as an alternative to traditional server virtualization -- it needs to be just as easy to setup a production Docker infrastructure as it is to ship a Docker application container, industry experts said.

“Where Docker has really done a great job is getting developers to adopt the container packaging model,” said Nand Mulchandani, Citrix vice president of market development for its networking and cloud group.

And while Docker the company has made some strides toward delivering enterprise-grade infrastructure software, it’s still early days. For example, the company's Universal Control Plane, a commercial version of its Swarm orchestration tool, is only in beta. Enterprise deployments based on orchestration frameworks such as Google Kubernetes and Apache Mesos are also few and far between, Mulchandani said.

That being said, Citrix put its toe in the Docker container market this week with a tech preview of Netscaler CPX -- a containerized version of its application delivery controller (ADC) because it wants to get ahead of the containerization trend, Mulchandani said.

Furthermore, containerization stands to mature much faster than server virtualization before it, said Mike Matchett, senior analyst at Taneja Group in Hopkinton, Mass, and a TechTarget contributor.

“My overriding premise is that containers will get adopted really fast – instead of the six to eight years it took for VMware to mature, you’ll start seeing production Docker in the next year or so,” he said.

For now, the most common way to deploy Docker in the enterprise is via what Citrix’s Mulchandani calls “rogue containerization” – containerizing an application for the packaging benefits, but then delivering it to IT within a virtual machine to run on top of existing virtual infrastructure. That approach works (and is in fact the point behind VMware vSphere Integrated Containers), but is unnecessary.

“Over time, people will realize that the virtualization layer is just overhead,” he said.

Docker users, meanwhile, report turning to third-party vendors to provide them with the advanced functionality they need to run a production Docker infrastructure.

“I’ve been enthusiastic about Docker for a while, but before I found Rancher [Labs], I hadn’t found a good solution for managing across multiple hosts,” said Ryan Muller, a software developer a pharmaceutical company. In particular, he likes how easy Rancher makes it to spin up new hosts in the Docker cluster, much in the same way he could spin up servers on a platform as a service such as Heroku.

Indeed, there’s a veritable cottage industry of startups focused on augmenting the Docker infrastructure stack with enhanced networking, security, storage and management functionality. Besides the afore-mentioned Rancher Labs, there’s ClusterHQ with its Flocker persistent storage driver, Twistlock for container monitoring and security, and Weaveworks for monitoring and multi-hosting networking.

And adding in these value-add Docker services promises to get easier, what with the advent of Docker Plugins, said Matthew Lodge, Weaveworks COO. Docker 1.7 supports Docker Plugins to allow third-parties to easily extend the functionality of the Docker platform.

“When Docker first started out, it was difficult for others to integrate with it,” said Lodge, and led Weaveworks and ClusterHQ to petition Docker support a plugin architecture. Today, Docker supports two types of plugins: network and volume, and the promise of more plugin types down the road. To date, there are 12 plugins on its website, which provide functionality such as persistent storage, key management, or advanced networking.

In Weavework’s case, integrating with Docker Plugins means not having to run an instance of its Weave Net 1.4 multi-host networking stack on each Docker host and proxying the Docker API, Lodge said. As of this week, Weave Net 1.4 also relieves administrators from having to run and manage an external database to keep track of IP addresses like other Docker networking stacks.

Going forward, the plan is to take that same plugin architecture to the Cloud Native Computing Foundation, to avoid having to reinvent this wheel for each new infrastructure platform that comes down the pike.

“We want to standardize a plugin architecture for all container formats,” Lodge said.

Alex Barrett is editor in chief of Modern Infrastructure. Contact her at [email protected].

Next Steps

Docker is still leading the container charge

A brief history of Docker's overnight success

Enterprise use of Docker containers still a ways off

Dig Deeper on IT Ops Implications of Continuous Delivery