Docker will restrict the use of the free version of its Docker Desktop utility to individuals or small businesses, and has introduced a new, more expensive subscription as it seeks a sustainable business model.
The company has changed the name of its free plan to “Personal” and now requires that companies with 250 or more employees, or more than $ 10 million in annual revenue, must use a paid subscription if they require Docker Desktop. There are no changes to the Docker engine from the command line. The $ 5 / month Pro and $ 7 / month Teams subscriptions continue as before, but a new $ 21 / month Business subscription adds features including centralized management, single sign-on, and improved security.
The Docker platform has several components, of which Docker Desktop is only a part. Docker images define the content of the containers. Docker containers are executable image instances. The Docker daemon is a background application that manages and runs Docker containers and images. The Docker client is a command line utility that calls the Docker daemon API. The Docker registries contain images and the Docker Hub is a widely used public registry. Much of Docker (but not Desktop) is open source under the Apache v2 license.
While most of the Docker components are available for Windows, Mac, and Linux, and despite most Docker containers running on Linux, Desktop is only available for Windows and Mac …
Docker Desktop is a GUI tool for managing various Docker components and functions, including containers, images, volumes (container-attached storage), local Kubernetes, development environments within containers, and more. While most of the Docker components are available for Windows, Mac, and Linux, and despite the fact that most of the Docker containers run on Linux, Desktop is only available for Windows and Mac.
What is the rationale for the changes? Docker has become a corporate standard, CEO Scott Johnston told us, but there are security challenges with the software supply chain that the company wants to address. Also, and perhaps most importantly, the company needs a viable business model.
“We continue to see growth in the developer market. The latest statistic we have is that by 2030 there will be 45 million global developers, compared to 18 million today … that requires us to have a business that is sustainably scalable. “. Johnston said Register.
Most Docker users use it for free, Johnston confirmed, though he expects paid subscriptions to increase as a result of the changes. “We estimate that there are twice as many subscribers today who will likely find subscribing to a subscription attractive, but that is still less than 10 percent of overall Docker usage,” he said.
Is there a risk that some users will simply decide to avoid using Docker Desktop and continue with the free command line tools? “There is always nonzero risk, but we have tried to set limits so that those organizations that are already getting a lot of value from Docker Desktop will see $ 5 per seat as modest,” Johnston said.
Businesses only need to subscribe to the Pro or Teams plans to comply. What is the added value of the new Business subscription at triple the price? “The Business level at $ 21 per seat adds a lot more value,” Johnston said. “First, you have what we call secure software supply chain features. Users can set, in a centralized control plane, what they want developers to access. That is distributed to Docker desktops that can enforce those policies. in development environments.
“We also provide centralized SaaS-based management to control configuration of CPU usage, memory, ports, and firewall access. Single sign-on is another example of the security and user management that we provide only on that. business level. “
There are also options on the Business tier to purchase premium support packages and increase Docker image consumption if you exceed the package limits, again at additional cost. Docker used to list “Premium Customer Support” as a feature of all their paid plans, but now this is called “email support.”
There are also some drawbacks to the focus on Docker Desktop, including the fact that it doesn’t run on Linux. “By our estimates, Linux is 20 to 25 percent of development environments,” Johnston told us. “We want to have a consistent management control plane across all of them, so watch this space.” Meanwhile, “the updated terms for Docker Desktop only apply to Mac and Windows.”
Another problem is with remote development environments like GitHub Codespaces or Gitpod. “We have customer requests for that use case,” said Johnston, which will be addressed in part by Docker Desktop for Linux when it arrives. “We still see the vast majority of our users on dedicated local machines, Windows Mac and Linux,” he said, but the company is aware of the trends. “Users want the same experience remotely as they have locally, and that Docker experience can be delivered remotely. It’s a matter of production and delivery.”
The new terms will be hard to sell for some, but one area Docker can take advantage of is security. “Every container image on the Internet is created with Docker Build. Build goes to the Git repositories, extracts the source code, creates the image. Therefore, Docker Build gives us the opportunity to be at the very beginning of the startup of that image. A standards conversion is taking place where we can trace the provenance of each and every layer in the image, we can start signing those layers, and with that metadata, we can start making automated decisions, automated reporting, automated visibility into what has been done for that image at every step of the lifecycle. “
Johnston envisions tools based on this that “help compliance officers say, ‘Show me who’s compliant, update all those desktops with the latest images’ … this set of features we’re introducing [now] it is just the beginning of what will be a multi-year build of additional secure software supply chain patching features. “
However, such a scenario is a bit remote. The signature standard will be Notary v2, a CNCF project, and progress is slow, with plans for 2021 focused on prototypes and on “starting a Notary v2 specification.” Meanwhile, Docker already offers vulnerability scanning based on Snyk technology. ®