News

Docker Announces Universal Control Plane, First Hardware Signing System

The new tool integrates with Docker Engine and Docker Swarm.

• By John K. Waters
• 01/21/2016

Docker Inc., the chief commercial supporter of the open source Docker Projects, has unveiled a new on-premises tool for deploying and managing dockerized distributed applications in production. The Docker Universal Control Plane (UCP) 1.0 is now available as a public beta.

With this tool, Docker is aiming to provide enterprises with a solution that gives sysadmins operational control without limiting developer productivity, explained Scott Johnston, Docker's SVP of product management.

"Historically, it has been difficult to satisfy the needs of development teams and operations teams," Johnston said. "Developers want to move fast and ship apps quickly. Sysadmins want to support that, but they also have obligations for security, compliance, control and governance."

The UCP is designed to solve that problem by providing operations with a set of centralized controls with which they can provision the compute, network and storage resources to run dockerized apps on any infrastructure. At the same time, it will provide developers with Agile self-service capabilities for deploying and managing applications, Johnston explained.

The UCP is an enterprise-ready solution designed to integrate with an organization's directory services, such as LDAP or Active Directory, Johnston said. And it's a Docker-native solution with open APIs, pluggable architecture and broad ecosystem support. The product is built on, and integrates with, such Docker-native solutions as Docker Engine, Docker Swarm and Docker Trusted Registry. It's also integrated with Docker Hub and Tutum, a cloud service used by developers and sysadmins to deploy and manage Docker applications, which Docker acquired in October.

The UCP is an on-premises tool, but the company says it will be able to manage the simultaneous deployment of apps on Docker hosts across multiple platforms, including bare metal, VMs, and public and private clouds.

Docker also announced the industry's first hardware signing system for container images, which will be based on YubiKey 4 from Yubico. YubiKey 4 includes a touch-to-sign feature, which Docker will support. Docker users will be able to sign code digitally during initial development and through subsequent updates.

"This completes that last mile of verification; that it is, in fact, the developer typing away on the keyboard who is signing that image," Johnston said.

Both announcements advance the Container-as-a-Service (CaaS) model, which the company describes as "a framework in which operations delivers secure and manageable content through a self-service portal on programmable infrastructure to developers." It also fits into the evolving story of DevOps, because it's an end-to-end approach that creates a continuous application delivery pipeline (build to ship to run).

The Docker UCP will be offered as a subscription solution bundled with Docker Trusted Registry and official commercial support for Docker environments, the company said. Docker is providing limited access to the UCP beta.