No one doubts that Docker is hot with developers. What's at issue is whether "hotness" translates into "production ready for enterprise adoption." While naysayers insist "Hardly anyone is using Docker in production, even in the cloud," Docker CEO Ben Golub told me in an interview that "this statement simply doesn't reflect reality in 2016."
It's not hard to see where the confusion comes from. Even as Docker hype reached a fever pitch in 2014, some warned that "if you're going to attempt using Docker seriously in production, you need to be pretty skilled at systems management and orchestration." Others pointed to successful deployments within startup-sized companies that don't reflect enterprise requirements.
But that was then. This is now. And in 2016, Docker just might be more enterprise-ready than you think.
Customers? We've got customers
When pressed for actual examples of enterprises running Docker in production, Golub first noted that the company has over 75 paying customers for its Docker Enterprise product, released in February 2016, plus an additional 6,000 companies using Docker Inc.'s paid Docker Cloud service. He then listed a slew of companies (Uber, Swisscom, BBVA, Barclays, Salesforce, and more), but gave color commentary on a select few:
- ADP: Moving its core application to a solution based on Docker Datacenter and Docker Swarm;
- Goldman Sachs: Transitioning 90% of its applications to Docker over the next 12 months;
- General Services Administration (GSA) of the US government: Basing its entire next-generation platform (which processes $1.7T) on Docker; and
- Multiple U.S. Department of Defense agencies run mission-critical apps on Docker.
And yet the promise of Docker is seemingly undermined by its operational immaturity. In particular, a lack of enterprise-class management, orchestration, and security solutions should hobble real-world adoption of Docker. However, this may be a place where "common knowledge" and reality diverge, as Golub told me, leaving Docker very much ready for enterprise adoption.
Docker goes big with the 'early majority'
The best proof of customer readiness is customer adoption, which Golub provided above. Yet I couldn't quite shake my doubts as to the nature of the enterprise adoption. So I asked Golub whether Docker had truly graduated from test-and-dev to enterprise production.
His response? "I understand your skepticism, but it is undeniable that there are many examples of mainstream enterprises—across financial, healthcare, media, government, consumer goods, and defense—using Docker in production." Indeed, while I've pooh-poohed some of the rah-rah Docker surveys as representative of "Long Tail" adoption and not Fortune 500 adoption, a substantive O'Reilly Media survey uncovers 40% Docker adoption within the enterprise.
Pressed further on the nature of this adoption, Golub acknowledged that we're still in the "early majority" phase of Docker adoption:
We should not conflate 'Docker has not been deployed in production in a majority of enterprises' with 'Docker is not ready for enterprise use.' There is a natural technology adoption lifecycle, and many enterprises from the executive level down have articulated container strategies that are in various phases of deployment.
To that end a more relevant question for a technology of Docker's age is not: 'Are the vast majority of enterprises deploying Docker?' but instead, 'Has Docker crossed the chasm?' We think there is ample evidence to show that Docker is being embraced by early majority/pragmatist organizations.
Put another way, no, Docker is not yet omnipresent in the enterprise in the same way that VMware is, but it's ludicrous to think that it could be, given the pace at which enterprise technology adoption happens. In that light, it's frankly astonishing that Docker is as big as it is. Embraced by developers and greased by the limited friction of cloud deployment, Docker is on a tear.
Guess what? Operations hasn't imposed serious speed bumps to that traction, either.
More than good enough ops for Docker
When I suggested to Golub that enterprise adoption can't really happen in the absence of better operational tooling, he didn't deny that improved orchestration, security, and networking is needed, but instead focused on the impressive and rapidly improving tooling that already exists.
According to Golub, "Our progress in orchestration has been so rapid that we realize everyone might not be aware of all the capabilities and use cases for Docker Swarm," which is the company's orchestration solution. So as part of SwarmWeek, the company has published quite a lot of information, including customer use cases, for Swarm.
Security isn't generally developers' first concern, but to get real enterprise traction operations eventually has to get involved, and Ops cares about security. In this area, Golub told me, "In the last year we've made security enterprise-class by addressing three distinct areas as part of our integrated security model: Secure code, secure content, and secure access. The goal is to provide flexibility and usability for developers and IT teams to be able to secure their applications and environment in a manner that supports their business requirements."
He then went on:
Docker's goal is to enable any user to build least privilege app architecture by combining flexible and granular security controls along with best practices. This model is one where an application can be designed to have only as much access as it needs to the network, host resources, and other container(s) to complete its function and no more.
As proof, Golub stressed that this approach "has been validated by the most security conscious organizations in the world, including the U.S. Department of Defense and highly regulated industries like financial services, healthcare, and pharma." To get there, the company has bolstered Docker with new capabilities, including image scanning and vulnerability detection for official repositories, hardware signing, and user namespaces for enhanced access control, among others.
Finally, on networking, Golub listed a range of improvements that Docker has tackled in the last year:
As networking is a feature of Docker Engine, it allows you to create virtual networks and attach containers to them so you can create the network topology that is right for your application. The networked containers can even span multiple hosts, so you don't have to worry about what host your container lands on. They seamlessly communicate with each other wherever they are - thus enabling true distributed applications. Networking is also pluggable, so you can use any third-party networking driver to power your networks without having to make changes to your application.
Ready for prime time?
So is Docker ready for your application? That depends. But it's clearly no longer enough to simply call Docker a test-and-dev developer fetish. Docker isn't yet mainstream in the enterprise, even if we believe that 40% number that emerged from O'Reilly's survey. Rather, it's moving quickly beyond the innovators to an early majority audience.
In sum, Docker is no longer a question of if, but of when? And the answer to that question is increasingly, right now.
- Containers rock the enterprise: 81% look to increase use of data center's hottest tech (TechRepublic)
- Docker announces Container-as-a-Service to bridge the DevOps gap (TechRepublic)
- Just how hot is Docker? (TechRepublic)
- Consider this operational challenge before implementing containers (TechRepublic)
- 10 things you should know about Docker (TechRepublic)
- Docker improves container security and management (ZDNet)
Matt is currently head of the developer ecosystem at Adobe. The views expressed are his own, not those of his employer.
Matt Asay is a veteran technology columnist who has written for CNET, ReadWrite, and other tech media. Asay has also held a variety of executive roles with leading mobile and big data software companies.