Recently I addended Docker’s MTA (Modernize Traditional Apps) program. My company was the first 4-5 companies that has ever attended this training and it was an honor to be part of such an exclusive group. The biggest take away for me was that Docker is the new VMware. Now, this isn’t the first time I’ve thought such a thing, as a matter of fact the more consulting engagements I’ve done around Docker the more I’ve begun to think the same thing, but now it’s more apparent than ever that this is the future of application deployment and hosting.
Virtualization vs Containerization
There are 1,000 blog posts you can read on the difference between containerization and virtualization as a matter of fact here is a great stackoverflow.com question on that very topic (How is Docker different from a normal virtual machine?).
The problem with virtual machines is that there really is noway to track what actually was installed on that Virtual Machine. Chances are, inside of your organization, the infrastructure team provisions a VM, and some application engineer installs a bunch of stuff on that VM, but really there is no “software defined” mechanism to track how that VM was built. VMware doesn’t even provide a construct for such a thing. Now it could be argued that configuration management solves this problem, and I would have made that argument 6 months ago but the landscape is quickly evolving and the need for configuration management for legacy apps is dwindling while the benefits of containerization are growing.
Docker & Networking
Its funny because SDN is really starting to get traction in the enterprise. As a matter of fact, companies are still having arguments about ACI or NSX, but quickly I don’t think this will even be a relevant conversation. Where VMware failed, Docker is going to win. Not only does Docker provide overlay network support which is basically what you get with NXS (micro-segmentation), and MacVlan support which is very similar to traditional bridged networking in VMware, Docker has built an open platform which enables partners to build 3rd party drivers one good example lies with Cisco and Contiv. This is one of the biggest market differentiators for Docker over VMware and will be a huge driver for it’s success in the future.
Docker & Storage
One of the biggest misconceptions in the market today is that Docker somehow only equates to microservices, but that isn’t necessarily true. One of the first things we do when deploying Docker Datacenter is leverage GlusterFS or and NFS volume for /var/lib/docker. The benefits of this go far beyond the scope of this blog but it does allow for stateful applications, such as databases, to persist and maintain their data after the life cycle of the container has ended. While a similar approach is available in VMware, Docker again comes to us with an open platform for volume drivers. For instance RexRay is an open-source project aimed at providing support far beyond NFS or shared storage but integration with EBS, Isilon, Azure Unmanaged Disk, etc..
Docker & Security
Finally Docker has a very strong security model. You can argue that VMware provides isolation between the virtual machines and hypervisor which is true but VMware has no built-in model for scanning virtual machines for security vulnerabilities of the OS and the application. This is an area which Docker excels, not only will Docker perform a vulnerability scan of the container for OS level vulnerabilities but also vulnerabilities related to applications running inside of that container.
Many companies are still trying to figure out where Docker fits inside of their echosystem but from the looks of it Docker is on a path to replace VMware for both microservices and for legacy workloads. Check it out and let me know if you have any questions.