Enhanced Layer 7 Routing for Swarm in Docker Enterprise Edition Beta
Path-Based Routing
Layer 7 load balancing allows traffic going to host domains like acme.com to be distributed across specific containers in your environment. With path-based routing, traffic headed to sub-domains within acme.com (eg. acme.com/app1 or acme.com/app2) can be separately routed to different sets of containers. This can be especially useful for optimizing application performance by driving different requests to different groups of containers.
SSL Termination
HTTPS traffic ensures secure, encrypted communications from the client to your application, but there are many reasons to decrypt the message once it has reached the load balancer. Layer 7 routing often requires decrypting the incoming message in order to make the intelligent routing decision within the trusted network; in addition, managing multiple certificates at the container level does not necessarily scale well. SSL termination at a proxy service allows for secure external communications to end when it is already within your secure network, allowing you to manage certificates in one location and making it much more scalable.
Proxy Extensions
The new Interlock architecture in Docker EE includes a pluggable extension service that can connect to different load-balancing proxies. As part of Docker’s “batteries included” strategy, the service comes with a supported NGINX proxy today and other proxy solutions will be pluggable into the architecture in the future. The pluggable framework allows you to use industry standard solutions while still having the simplicity of configuring them using standard Docker rolling updates.Service Clusters
The new version of Docker EE also introduces the concept of Service Clusters which provides a separate instance of the reverse proxy to each application, making application traffic isolated to each service cluster. This allows you to segregate application clusters at Layer 7. Some of the benefits to this feature include isolating service disruptions, reconfiguration downtimes, mis-configurations, and update errors to a single application as opposed to the entire cluster.
Fully-Integrated Design
Layer 7 routing with Swarm is fully Docker native. It runs on Docker Swarm and routes traffic using cluster networking and Docker services, leverages Docker APIs, and is configurable via CLI and UI. It is also designed to be both scalable and highly available, meeting the needs of production applications.
- Get access in minutes to Docker EE beta with Kubernetes
- Learn more about Docker Enterprise Edition and view pricing
- Watch our DockerCon Europe 2017 Kubernetes Announcement