Built In Orchestration
Each Docker Engine is a powerful building block for building distributed applications.
- Built in orchestration allows every Engine to be a cluster manager or worker with a single command.
- Fault tolerant and highly available system without dependencies on external systems.
- Simple to use commands creates a swarm of Engines in just two commands.
- Designed for scale and performance with in memory caching, distributed store and load balancing.
SECURE BY DEFAULT
Docker Engine delivers a secure application environment with an out of the box security configuration for every Engine.
- Automatic mutual TLS for secure communications between every node in the cluster.
- Seamless PKI out of the box with automatic certificate rotation and support for external CAs.
- Cryptographic node, cluster and image identities provide assurance on what components are allowed in the environment.
- Most secure container isolation including all Linux namespaces, cgroups, seccomp profiles and more with strong default settings out of the box.
CONTAINER CENTRIC NETWORKING
Docker Engine abstracts logical container networks from the physical network infrastructure enabling greater flexibility for both developers and IT ops.
- Create and manage logical networks for multi-container and host applications.
- Provides a secure network control and data plane with IPsec tunneling.
- Built in services like embedded DNS, service discovery and load balancing available out of the box.
- Routing mesh allows for container aware dynamic load balancing of traffic across the cluster.
- Network plugins allow portability of applications across different network infrastructures without recoding.
Define declarative services and improve the resiliency of applications.
- Services are defined as a set of containers based on a specific image.
- Services deployment API schedules tasks onto the worker nodes and constantly checks to see what is running on the environment.
- When nodes or containers fail, the API will redeploy onto healthy nodes to restore the desired state.
- Flexible container scheduling policies allow the operator to choose how the services should be deployed across the cluster.
EXTENSIBILITY AND PORTABILITY
Docker Engine has open APIs with a pluggable architecture providing flexibility for the developer and operator in how they build applications and integrate Docker into their environment.
- Infrastructure agnostic to run on any physical, virtual or cloud infrastructure and the broadest range of operating systems.
- Network plugins provide choice in network provider and application portability across networks.
- Volume plugins provide choice in storage provider and application portability across providers.
- APIs and drivers allows operators to send Engine level statistics and log data to monitoring and logging systems.