With the newest Docker Enterprise Edition, you can now have Docker clusters composed of nodes running different operating systems.
Three of the key OSes supported by Docker—Windows, Linux, and IBM System Z—can run applications side by side in the same cluster, all orchestrated by a common mechanism.
Clustering apps across multiple OSes in Docker requires that you build per-OS images for each app. But those apps, when running on both Windows and Linux, can be linked to run in concert via Docker’s overlay networking.
New APIs also allow cluster configuration to be automated.
Docker Enterprise Edition also introduces secure multi-tenancy. Containers have long spurred concerns about how well-isolated they are from each other, because they operate through a shared operating system kernel. To address such concerns, Docker now offers ways to create role-based access controls (RBAC) for most every object in a Docker environment. Resources—services, containers, volumes, networks, and secrets—can also be assigned RBAC controls. Every API in Docker can have a corresponding permission set associated with it.
The access controls and permissions management functions also have their own APIs, so you can further automate them with other products.
You can use other policies to govern how Docker images are moved among repositories in a registry—for example, when they successfully pass build tests and are ready for production. You also can now designate production repositories as immutable, so they can’t be changed or removed by mistake.