Hot on the heels of Docker's 1.9 release and right before DockerCon in Europe, several third parties with deep commitments to Docker have offered new and revised products that leverage the most recent changes to the software containerization system.
The latest changes to Docker address many long-standing problems, such as networking and storage, so third parties are leveraging them right away. But many new offerings also continue the tradition of extending Docker's functionality.
Rancher Labs, creator of the Docker-powered, superminimal RancherOS, is rolling out Persistent Storage Services. It allows storage volumes to be deployed alongside applications so that Dockerized apps can have stateful data associated with it. While you can manage data volumes in Docker by hand with native tooling, PSS streamlines the process, which wasn't possible before the storage changes in Docker 1.9.
Meanwhile, ClusterHQ expands on Flocker, which originally did volume management for Dockerized apps. Volume Hub is a catalog for all data volumes in a Flocker cluster, and dvol provides a Git-like command-line interface for performing version control on data. The idea is to capture data in a particular state, freeze it, then re-create it on demand when running tests or deploying a live app. Since some hard-to-tease-out bugs depend on application state, this simplifies the debugging of whole classes of applications.
CoreOS, which brought you the other minimal Docker-based Linux, tackles a different problem: What happens when the software inside your containers -- unseen, unknown, unexamined -- has a vulnerability? Its new open source project, Clair, uses the CVE database to scan the contents of containers for software with known issues. It's reminiscent of Black Duck and Red Hat's work with the Black Duck Hub on the OpenShift PaaS, but via an open source product that can be hosted on any container registry.
Speaking of container registries, Google has buffed its offerings in that area, along with its Container Engine service generally. Support for version 2 of the Docker Registry API is now in place, along with advanced authentication, scaling and load balancing functions, and integration with Twistlock's Container Security Suite.
Another major addition to Container Engine is Kubernetes 1.1. A mere week out the door, it has performance improvements, better job-operation options, and features to ease the lives of devops folks. Most of the changes are in parallel with Docker, rather than building directly off new or changed features. That isn't too surprising, given how Kubernetes has started to resemble a software ecosystem, with projects like Mesosphere DCOS and Hypernetes springing up.
Last but not least is the latest work by Sysdig in container monitoring and introspection. The company has since added visibility into containers running under Kubernetes to its product line. This means its monitoring functionality can report back metadata specific to the orchestration framework -- such as in which pods a given application is running. Monitoring and introspection for containers still falls largely to third parties, so there's plenty of room for enterprising entrepreneurs to make useful contributions.