News

Docker Announces Universal Control Plane Beta, First Hardware Signing System

• By John K. Waters
• November 23, 2015

Docker, Inc.,the chief commercial supporter of the open source Docker Project, has unveiled a new on-premises tool for deploying and managing dockerized distributed application in production.

The Docker Universal Control Plane (UCP) 1.0 was announced at the recent DockerCon EU conference in Barcelona and is now available as a public beta.

According to the company, with this tool, Docker is aiming to provide enterprises with a solution that gives sysadmins operational control without limiting developer productivity, explained Scott Johnston, Docker Inc.'s SVP of Product Management.

"Historically, it has been difficult to satisfy the needs of development teams and operations teams," Johnston told ADTmag. "Developers want to move fast and ship apps quickly. Sysadmins want to support that, but they also have obligations for security, compliance, control, and governance."

The UCP is designed to solve that problem by providing operations with a set of centralized controls with which they can provision the compute, network, and storage resources to run dockerized apps on any infrastructure, and at the same time providing developers with Agile self-service capabilities for deploying and managing applications, Johnston explained.

The UCP is an enterprise ready solution designed to integrate with an organization's directory services, such as LDAP or Active Directory, Johnston said. And it's a Docker-native solution with open APIs, pluggable architecture, and broad ecosystem support. The product is built on and integrates with such Docker-native solutions as Docker Engine, Docker Swarm, and Docker Trusted Registry. It's also integrated with Docker Hub and Tutum, a cloud service used by developers and sysadmins to deploy and manage Docker applications, which Docker acquired in October.

The UCP is an on-premises tool, but the company says it will be able to manage the simultaneous deployment of apps on Docker hosts across multiple platforms, including bare metal, VMs, and public and private clouds.

Docker, Inc. also announced the industry's first hardware signing system for container images, which will be based on Yubico's Yubikey 4. Yubico actually announced this fourth generation authentication device at the DockerCon event. Yubikey 4 includes a touch-to-sign feature, which Docker will support. Docker users will be able to sign code digitally during initial development and through subsequent updates.

"We already had the industry's best security solution for containers," Johnston said. "This completes that last mile of verification—that it is, in fact, the developer typing away on the keyboard who is signing that image."

Both announcements advance the Container-as-a-Service (CaaS) model, which the company describes as "a framework in which operations delivers secure and manageable content through a self-service portal on programmable infrastructure to developers." It also fits into the evolving story of DevOps, because it's an end-to-end approach that creates a continuous application delivery pipeline (build to ship to run). Developers and operations share that pipeline, in which agility and control become "foundational capabilities."

Docker Universal Control Plane will be offered as a subscription solution bundled with Docker Trusted Registry and official commercial support for Docker environments, the company said. Docker is providing limited access to the UCP beta. More information is available on the Beta signup page.