K
Q

Features of Docker Kubernetes Service (DKS)

9/30/2019

On DockerCon 2019 Docker announced the Docker Kubernetes Service (DKS).

Quoted from here:

Docker Enterprise 3.0’s Docker Kubernetes Service (DKS) integrates Kubernetes container orchestration from the developer desktop to the production server.

...It also provides an automated way to install and configure Kubernetes applications across hybrid and multi-cloud deployments. Other capabilities include security, access control, and lifecycle management

And from here:

The Docker platform includes a secure and fully-conformant Kubernetes environment for developers and operators of all skill levels, providing out-of-the-box integrations for common enterprise requirements while still enabling complete flexibility for expert users.

After some searching and research I haven't succeed to fully understand the different solutions and features that DKS has to offer. So, my question is:
What DKS has to offer regarding topics like: Security, Networking, Access Management, etc'?

I'll start with what I discovered so far as an entry point for the discussion, hopefully that others will share there own understanding and experience and maybe provide some references and examples.

-- RtmY
docker
kubernetes

Similar Questions

Configuring Gloo virtual service SSL with AWS ACM cert
How to override a namespace override
Airflow - KubernetesPodOperator - TypeError: argument of type 'NoneType' is not iterable
Passing Configuration object from Ciris-Kubernetes Loader
kubernetes unable to pull image docker private registry

1 Answer

9/30/2019

This is very basic - but I'll share what I found so far - starting with the product page as my entry point for research.

Security

  1. Secure Kubernetes cluster with TLS authentication and encryption.

  2. Integrated security for the application lifecycle with Docker Content Trust.

  3. Integration with validated and certified 3rd party tools (monitoring, logging, storage, networking, etc') .

Access control

  1. Restricting visibility for different user groups and operate multi-tenant environments - I found only this: restrict services to worker nodes.
  2. Advanced Access Controls Docker Enterprise includes integrated RBAC that works with corporate LDAP, Active Directory, PKI certificates and/or SAML 2.0 identity provider solutions - I found only this: Configure native Kubernetes role-based access control.

Networking

Found only this which is related to installation of cni plugins.
I think DKS offers much more regarding to integrating with 3rd party networking solutions - Quoted from the product page:

Out-of-the-box Networking Docker Enterprise includes Project Calico by Tigera as the “batteries included” Kubernetes CNI plug-in for a highly scalable, networking and routing solution. Get access to overlay (IPIP), no overlay, and hybrid data-plane networking models in addition to native Kubernetes ingress controllers for load balancing.

-- RtmY
Source: StackOverflow