NEW! Mirantis Academy -   Learn confidently with expert guidance and On-demand content.   Learn More


New in Docker Enterprise 3.1: Making Kubernetes on Windows, GPU Orchestration and Istio Ingress Easier

Nick Chase - July 06, 2020
To celebrate the release of the latest version of Docker Enterprise, Principal Solutions Engineer David Kramer talked to John Jainschigg about some of the new features. You can see the entire webinar here, but we also wanted to bring you the answers to your questions, including those we didn't have time to cover live.

Can you please post the link for the github repo?

You can find the code for these demo projects here:

Is it possible to get a document that gives us an overview of infrastructure components in terms of setting up a production Docker Enterprise cluster?

You can find host requirements for each component, as well as reference architectures and best practices

Are older nVidia GPUs such as Tesla k80 supported?

The platform supports most GPUs that support the NVIDIA CUDA drivers.

Can Swarm L7 Interlock work together with K8s ingress?

Yes, L7 and Kubernetes Ingress can run in the same cluster. 

Do you plan to support the full Istio service mesh?

In this release, we've just started with the ingress portion of Istio, as it's the biggest ask from our customers, but in a subsequent release later this year, we plan to have full Istio service mesh support. (Learn more about what is a service mesh by reading our guide to Istio)

Do you support Istio Ingress on public cloud infra as well?

The Istio ingress gateway in this offering will be on all of our supported infrastructures. Any certified infrastructure that's listed in our documentation will be fully supported.

Can you talk more about how to implement canary/blue/green deployment? How can we manage those in istio?

All of the canary and blue/green deployment strategies that are available in Istio are also available in Docker Enterprise 3.1. We are really just taking the upstream conformant Istio ingress gateway and making it available. So via your YAML you can specify various deployment approaches and strategies, such as the percentage of nodes you want to be healthy. You can even do A/B testing where you send some of your traffic to one version of your application and some to the other. We have some examples in our documentation, and we are continuing to build out examples and additional GitHub repos to really highlight this functionality. All of the demos we did in this presentation are available on public GitHub repos, and we'll work on trying to clean that up and make those available so people can go and try out some of the demos that people saw here today.

In the future, will the Istio implementation in Docker Enterprise have the monitoring tools that are used in the open source version, such as Prometheus, Grafana, Kaila, or Jaeger?

Currently we don't package those tools, but they can be installed and used on our platform. We're currently working on a product within Mirantis that will bring a best-in-breed approach to monitoring that we'll offer as either an additional side project or as part of our OpsCare and other componentry that will expose the Prometheus, Grafana, Elastic stack that will have all this available. We do run the Istio telemetry within our platform, so it is all available and it can be sent off to an existing Prometheus stack within your environment, or we'll be providing that functionality at a future date.

How is your Kubernetes different from upstream Kubernetes?

Our Kubernetes distribution, which is rolled into our Docker Enterprise platform, is a fully conformant Kubernetes offering. We don't deviate or heavily customize that. All we really do is wrap that into our Docker Enterprise platform and bootstrap it. We also apply a lot of configuration to the default Kubernetes cluster to make it more secure and more enterprise-ready.

Is Kubernetes an integral part of Docker Enterprise?

Kubernetes is installed and bootstrapped as part of the Docker Enterprise platform.

Can you talk a little more about the CLI tool to install and upgrade Docker Enterprise?

If you go to the website and go through the instructions for installing UCP or DTR, it walks you through using a docker command. It's a docker/ucp container that you pull down. It's tagged with the version of UCP that you're installing, and you pass a parameter. You can run in interactive mode. It supports a lot of different ways of running UCP, including install, update, and various setup commands as well. There's also one available for DTR that does exactly the same thing. It provides the ability to join DTR replicas, update them, back them up and do all of those various things. While you can look at it as a CLI, it's actually more of a container that you just run using Docker commands.

I want to give Launchpad a try. I remember it works only in Windows Professional. Any plans to release for Windows Home Edition?

Launchpad is distributed as a cross-platform binary. While I have not personally tried Launchpad with the Windows 10 platform, I have tried it on Windows 10 Professional. I do not anticipate any specific platform SKU-related features inside Windows Home that may be an issue. I do know that historically the Docker runtime did have issues based on some of the Hyper-V components that are not in Windows 10 Home. However because we distribute Launchpad as a binary, not as a container, that should not be a problem. I also believe that Docker Inc with Docker Desktop Community has very recently increased support for the Docker Engine on Windows 10 Home, so if we did do it, it should work either way. So I have not tried it, but I don't anticipate that there would be any issues with Windows 10 Home.

Where can I download the kubernetes IDE from?

Lens was mentioned at the beginning of the webinar, but VSCode was used during the demos.  You can download Lens from

What Lens UI is Aaron referring to?

Lens is a Kubernetes IDE to which Mirantis is contributing.

Do different licensing models exist for non-production environments?

This is something you would typically work on with your account team to figure out what the best options are for you. We have quite a few different offerings, from basic support all the way to fully managed service support. The licensing model for the paid product is core-based licensing, and also based on the level of support that you want. So we do have an offering of ProdCare vs. LabCare vs. OpsCare. Those all are priced at a different point. 
Usually a non-production environment would be licensed under a LabCare model, which is slightly cheaper than a ProdCare model, but it doesn't provide 24x7 support. So typically we work with our customers to really understand what that environment is being used for, then we can offer them the best options for licensing that. For example, some companies have clusters that they don't deem production, that maybe their developers are using to build and test their applications, but if that cluster goes down, you're basically out of service. While some people may not deem it a production cluster, you may want production support on that cluster. 

Can Docker Enterprise manage multiple K8s clusters?

David: In accordance to our product roadmap, we are now actually building out a multicluster UCP tooling. With 3.1, it is single cluster focused. As we move to the next release, it will be multicluster focused. We are actually going through quite a bit of customer conversations just to understand the various use cases out there. So if anyone is interested that we haven't already talked to, and you would like to give some feedback, we would welcome that.
John: It strikes me that maybe some further clarification is called for. There's no problem managing multiple clusters now with Docker Enterprise. You and I have certainly done it on numerous infrastructures simultaneously. Docker Enterprise and the various deployers that Mirantis puts in place bring information back from new cluster deployments to a deployer machine to your laptop. They make it very easy to download individual authentication bundles and other stuff from clusters under management. You can very quickly organize yourself to log into nodes, to access kubectl on 50 different clusters if you want to. The question is, can you do it within in web UI, and the answer for that is "soon," but there's a lot going in the platform that assumes that probably many more than one cluster is going to be operated on.
David: To further clarify, we previewed Lens, and that does have context to multiple Kubernetes clusters, and John just talked through and very much used Docker Enterprise to manage multiple clusters, essentially my control plane from the UCP standpoint in today's release will be singular in focus. As we move forward, we're going to add configuration management as well as multi cluster provisioning in a Unified Control Plane experience.

What are your plans for Swarm?

We will continue to support Swarm for the foreseeable future. Mirantis recently added Jobs functionality to Swarm, and we are working on adding support for using Kubernetes CSIs.

Are docs available on migration paths from Swarm to Kubernetes on the platform? What if we have Swarm services running today?

Our services team is working on several campaigns around Swarm to Kubernetes migrations, as well as tooling to be able to do that. Right now we're not 100% sure how much of that will be publicly available or how much of that will be behind our subscription for the Docker Enterprise platform, but it's definitely something that a lot of our customers are coming up against right now. We're working to try to create webinars and white papers around that, as well as offer services to help our customers move from Swarm to Kubernetes if that's what they want to do.

I saw you join the node into Docker Swarm. How do they become available in the Kubernetes cluster?

The whole Docker platform is built on top of a Swarm bootstrapper. When you add a node — this is one of it's most powerful features — you can choose whether it is a Swarm or a Kubernetes node. Actually UCP will spin up a reconciler and a bootstrapper on that node and install the required Kubernetes or Swarm components on that node. So you join a node to the Swarm cluster, and you can designate Kubernetes and it will install the kubelet, KubeAPI, proxies and all the different componentry that is required automatically. You don't need to go through and manually configure that host in any way, shape, or form. You install the Docker Engine. You do a Docker Swarm join to UCP. Everything can be configured and changed via UCP from that point on.

How do I upgrade from Docker Enterprise 3.0 to 3.1?

It's a standard upgrade process similar to a patch release:
  1. Upgrade the engine
  2. Upgrade UCP -
  3. Upgrade DTR -
There are some caveats around Calico and IPinIP vs VXLAN.
The upgrade from Docker Enterprise 3.0 to 3.1 is very similar to a patch update if you've used the Docker Enterprise platform before. Once you have the system installed, it's a matter of updating the engine on all of your machines and then running through the interactive UCP installer, which is a containerized installer that you just run from the command line. It walks you through updating your entire system. It even gives you the ability to do a blue/green update, so if you wanted to add additional nodes, and only update specific worker nodes at a time, it provides that ability, as well as updating the DTR component of the platform to the latest and greatest version. Even though it is a major version upgrade, the update process is very similar to patch releases.

Choose your cloud native journey.

Whatever your role, we’re here to help with open source tools and world-class support.


Subscribe to our bi-weekly newsletter for exclusive interviews, expert commentary, and thought leadership on topics shaping the cloud native world.