Docker Trusted Registry (DTR) in a Docker Enterprise Edition (EE) cluster allows users to create a private image repository for their own use. They may want to do this when they want to use the cluster for their work but don’t want to or can’t use their own system or they’re not ready yet to share it with others. However, using a private image repository in a Kubernetes deployment requires some additional steps. In this post, I will show you how to setup the repository and use it in your deployment. Continue reading →
The Docker Universal Control Plane provides a wealth of information about the Docker cluster. There is information for both Swarm and Kubernetes. There are tons of detailed information about stacks, services, containers, networks, volumes, pods, namespaces, service accounts, controllers, load balancers, pods, configurations, storage, etc. (I think you get the point).
For Kubernetes in a Docker Enterprise Edition (EE) 2.1 cluster, namespaces can be used to segregate objects and, with Role Based Access Control (RBAC), designate which users or groups can do what within each of them. In this post, we are going to create three namespaces for development, test and production environments, four groups for the development, test, operations and management teams and access controls defining what each of these groups can do in each of these namespaces. Continue reading →
With Docker Enterprise Swarm you can generally setup these environments in one of the following ways: Single Cluster, Multi-Env Cluster, Geo-Single Clusters, and Geo-Multi-Env Cluster. I will explain these different approaches and help you determine when each approach might be useful in your enterprise. Of course, there are a myriad of variations on each of these that you could employ to suit your own needs. Continue reading →
It’s been nearly 3 months since my last blog about new the Layer 7 Routing (aka Interlock) in Docker Enterprise 2.0. It’s been a journey of up’s and down’s to get this to work, scale, and become stable enough for a production environment. I’m not sure we can declare total success just yet.
Near the end of my previous blog post I mentioned that there is an alternative configuration for Interlock regarding overlay networks. You could utilize Interlock’s host mode networking. Docker states the following:
By default layer 7 routing leverages the Docker Swarm routing mesh, but you don’t have to. You can use host mode networking ￼for maximum performance.
In early 2018 Docker made an announcement of the release of its newest Docker Enterprise 2.0 product. This newest release provides a significant advancement in the Docker platform in the form of a choice between Swarm and/or Kubernetes orchestration. But that’s not what i want to talk about.
Layer 7 Routing
Another great addition to the platform is the replacement of the HTTP Routing Mesh, known as HRM, with a new Layer 7 routing and load balancing. This latest enhancement is built upon the new Interlock 2.0 architecture which provides a highly scalable and highly available routing solution for Swarm. Interlock provides the same functionality as HRM but also includes 2 new features: 1) path based routing and 2) SSL termination. Continue reading →
When configuring a Docker environment before a big rollout to production, it’s important to understand what “zero downtime deployment” really means and if it is what it claims. This requires an understanding of the intricacies of how a rolling update works.
So let’s look at what “zero downtime deployment” actually means. Most people don’t want to specify and arrange a maintenance window and have to kick people off just to roll out a new version of an application. This is a problem that Docker Enterprise Edition solves by providing an approach referred to as “rolling updates.”