I’m currently evaluating, if Docker EE is suitable for our requirements. We are running critical applications in at least two distinct datacenters. The link between them is not of the same quality, then the LAN in each of them.
I was not able to find a official guide how to setup Docker EE in a geographically distributed environment. Is it possible, that Docker EE doesn’t really address this topic?
Based on my research, we would have the following options:
Create a distinct instance per datacenter
- You have total control over the routing
- The isolation is by-design, so misconfiguration or bugs won’t affect the other
- You can have different update cycles
- All management activity needs to be redone on each side, like manage Collections and Permissions
- According to https://success.docker.com/article/can-multiple-ucp-clusters-share-one-dtr, you can’t share a registry between instances. This is very bad, because
- You have to use different image names (because of the DTR URL) for your services
- The replication of each image that runs on HA must be explicitly configured
- There is no “single source of truth” for images
Create a single instance
- You only have to manage one cluster
- There is only a single DTR Instance, with replicas on both instances
- How can we be sure, that no Application Traffic is routed in overlay networks between datacenters? The idea would be to use placement constraints to run services on a datacenter. What about routing in ingress network? Does it need to consider all nodes in the cluster?