juanjo tugores - Fotolia
The new Docker Trusted Registry will give enterprises a more controlled and standardized way to deploy containers in Amazon's public cloud.
The Docker Trusted Registry developed by Docker Inc. and supported by Amazon Web Services (AWS) offers a private repository for containers running within an Amazon Machine Image (AMI), as opposed to using public Docker repositories such as DockerHub.
Users have called for Amazon to offer its own registry for some time, to simplify container management.
"This looks exactly like what I was looking for," said Christian Beikov, co-founder of Sweazer, maker of a mobile e-commerce application which uses Docker containers within Amazon's Elastic Beanstalk platform as a service.
Originally, Elastic Beanstalk configuration version 2 required that the container image be located in a registry. When using the version 1 configuration with Docker Trusted Registry, Elastic Beanstalk will use a Dockerfile provided alongside the application version to build the image on the host and directly start it there.
Christopher RileyHKM Consulting
"That way I can build the image myself up front and the Elastic Beanstalk host just has to pull it from the registry and then start the container," Beikov said.
Docker Trusted Registry is available in a ready-to-deploy AMI format in the AWS Marketplace for 30 days, when costs kick in for Docker and AWS usage combined. Initially Docker Trusted Registry is just for AWS.
"The value of running in AWS is the additional security and flexibility on how to expose the images as well the overall integration with the AWS public cloud," said Christopher Riley, a founding partner at HKM Consulting in Rochester, Mass. "Images are stored on S3 which also provides further security and control, [and] all images are easily accessible to any AWS resources and should be easily consumable."
While the Docker Trusted Registry doesn't solve every security and networking issue with containers, it's a substantial step toward more sanctioned use of containers in enterprises, particularly those with regulatory compliance requirements, according to Jay Lyman, analyst with 451 Research, an IT market research firm based in New York.
Amazon and Google open up new container skirmish
Amazon isn't the first public cloud provider to offer a private Docker repository. The Google Container Registry, launched in January, integrates with Google's Kubernetes container orchestration and management system.
Google's Kubernetes has yet to become the de facto standard in container orchestration and management that Docker is in the construction of the containers themselves, but analysts see strong support for Kubernetes as the Docker market evolves. Vendors including Red Hat, IBM and Joyent have joined Google's Cloud Native Computing Foundation to develop Kubernetes, and it is one of the most widely supported container orchestration and management technologies in the industry, Lyman said.
"Google's done a very good job of opening up Kubernetes and widening that community … there's definitely a race going on," Lyman said.
Still, these private repositories are a way of entrenching existing customers more deeply in either AWS or Google clouds, rather than swaying customers to move away from the clouds they've already chosen.
"It's only natural that [enterprises] are going to build on what they've done so far," Lyman said. "Changing your container organization and management strategy is more likely than switching clouds -- it's about that experience that they're accustomed to."
Lyman cautioned that Docker in the enterprise is still very much a work in progress.
"The sheer immaturity of containers is one of the biggest hurdles right now," Lyman said. "There aren't a lot of standards and best practices out there -- it's still in a very test and dev, pilot project phase."
AWS, Google spar over containers
Amazon ECS can better secure Docker containers
Container hype swirling in the cloud