Hot on the heels of yesterday’s Flocker news, continuous delivery (CD) specialists CloudBees have announced six Docker-related plugins to enable CD of application environments with Jenkins. We got in touch with CEO and Founder Sacha Labourey to chat CD, containers, and why everyone wants a piece of Docker.
Voxxed: What was the impetus for introducing this new deep Jenkins integration with Docker?
Labourey: There’s a lot of interesting news around Docker and what it enables. Developers love it because it’s easy to use and you don’t need to depend on IT to use it, and it becomes one of the de facto tools for DevOps. IT-Ops like it because they’re not having to do any more to provide images to teams, so all that is really good.
What we’re seeing in the trenches is that Docker by itself is a great enabler to virtualisation technology. It’s lean and it’s fast, so it has many advantages, but it gets truly powerful when you combine it with something else. You still need to articulate Docker as part of the flow. It’s not so much what one person can do with Docker that’s interesting – it’s more what a team or company can achieve. For this to happen, you need to build a sort of walk-through or pipeline that will describe what the steps will be, and what you are trying to achieve.
That’s where the partnership and integration between Docker and Jenkins proves to be extremely powerful. The relationship between the community and CloudBees means that we were able to work quickly over the past few months to add some really key features to Jenkins to make sure that Docker was tightly integrated with Jenkins.
Now, we can really offer a sophisticated flow for companies and teams to really move from one application to a set of tests, to staging, to production, all nicely integrated. You could argue that Jenkins is what brings life to Docker as part of the CD pipeline.
Is this a community led change?
Yes, the community has worked on it, we’ve worked on it, and at some point the CloudBees realised that we needed to make a decision. We had some of the features which we offered as a paid part of our platform offering, and we decided that it was too important to keep it as a property that was tied solely to one product. That’s why we decided to open source it. A lot of people are trying it out…a lot of large companies have been trying Docker out extensively, and have been pushing for those use cases of what’s the best way to leverage Docker on those DevOps/CD pipelines.
Is there any concern from your side about the security of Docker?
I think that, as with any new technology, there is always concern about security – and that’s healthy. What I think is good is that there is no denial from the Docker community saying that things are perfectly fine as they are. Things need to be done and improved, and I think work is ongoing from the Docker team itself, as well as from third party vendors providing solutions around it. So I do think that there is work going on.
I do think, in many cases, Docker would already be more secure than many other solutions just because it’s a well defined set of machines which are relatively easy to use and rebuild to fix in production – and that’s one of the main goals of what you’re trying to achieve with Jenkins.
When combined with Jenkins, not only can you rebuild a complete application into a Docker image once the source code changes, but let’s say your source code needs to be injected into a different machine with a database or an application server – then the features we added to Jenkins for Docker support also make it possible to automatically rebuild all of your Docker images in case one of those base images like a database or an operating system gets a security patch.
So I don’t think it’s just a question of how secure it is in actual time, but what is the overall flow of your application to make sure that what you’re going to be pushing to production is secure. I think here Docker, along with Jenkins, brings a lot of improvements.
Can expect more Jenkins/Docker collaboration down the line?
Yes, we really very much think Docker is a way forward. It’s a new way to build test and deploy applications, so you should expect a lot more features and collaboration taking place. The Docker team also has a lot of products such as Docker Hub, repositories and so on, and this is all obviously a great fit with what we’re building. You should expect more coming from a product standpoint, but also from a business collaboration perspective.