As developers will know, Docker Desktop’s popularity stems from its core usability and efficiency as a GUI-based application toolset for building, sharing and running containerized applications.
Yet despite its architecturally appealing functionality and form, software application developers are known to struggle when using it – often as a result of the engineer also requiring environments such as virtual desktop infrastructure (VDI) platforms or managed desktop services.
These elements of the stack typically lack the resources needed to run Docker Desktop.
The Rise of the VDI
VDI usage has grown in recent years because a) major vendors, including Microsoft, offer services such as Azure VDI as a major product offering, b) specialists such as Nerdio are on hand with enterprise managed services that also appeal… and c) it works. We might also argue the case for remote work having mushroomed due to individuals working at home (did somebody mention “pandemic”..?) in recent times.
Although Docker Desktop offers speedy build times and meaningful productivity boosts, using the service has necessitated workarounds, which have been regarded as costly, time-consuming, tough to secure and hard to maintain.
Welcome, Docker Offload
The Docker team says that that time has passed. Docker Offload is a fully managed cloud service that moves the container engine into Docker’s secure cloud, allowing developers to run Docker from any environment without changing their existing workflows – and it’s generally available now.
According to Docker software engineers Deanna Sparks, senior director of product marketing and Maxine Slaveck, principal product manager, what this means in practice is simple, i.e., developers keep using the same terminal, the same “docker run commands” (a command-line instruction used to create and start a new container from images) they know. Developers can also use the same Docker Desktop UI they are already familiar with.
The only thing that has changed is where the engine runs, and by moving it to the cloud, Docker Desktop now works in every environment that once blocked it.
How it Works
The Docker product marketing due explain the mechanics for us and say that when engineers run Docker Offload, the developer opens Docker Desktop exactly as they always have.
Indeed, there’s no configuration.
“[Further, there’s] no retraining or reconfiguring applications for new tools. Containers run in Docker’s cloud infrastructure, and everything, including bind mounts, port forwarding, and Docker Compose, works identically to local.
Every connection runs over an encrypted tunnel on SOC 2 Certified infrastructure, and session activity is logged centrally, giving security teams the audit trail they already require without any changes to existing tooling, firewall rules, or endpoint policies,” explained Slaveck and Sparks, in a Docker blog post.
Every session runs in a temporary, isolated environment without data persistence and closes cleanly.
Any Environment, Really?
The team promises that every Docker CLI command and every Docker Desktop feature works in VDI, locked-down laptops, remote workstations, and policy-restricted networks. Developers are productive from day one, using the exact CLI commands, workflows, and muscle memory they already have.
“Docker Offload deploys alongside your existing VDI infrastructure without touching a single piece of it. Infrastructure and platform teams get a clean drop-in: Existing network segmentation, Identity & Access Management (IAM) boundaries, and access control policies all stay exactly in place. Centralized admin controls, single sign-on (SSO), and per-user access management are built in from day one,” notes the pair.
The Docker duo also notes that dedicated cloud sessions are destroyed at every session end, data stays clean, developer devices stay completely unaffected, and the security perimeter stays intact. Offload operates within an existing security architecture, not around it. SOC 2 Certified, with deployment options that scale from multi-tenant VM-level isolation up to a dedicated single-tenant VPC with private network connectivity for regulated environments.
Unblocked in Minutes
Docker appears to have named Docker Offload well – although it could perhaps have called it Docker Unblock, i.e., Offload detects constrained environments automatically and activates (as already noted) without developer configuration. This means teams go from blocked to building in minutes without tickets, setup queues, or IT escalations.
On the road ahead, the Docker team is sure about the fact that, in the age of cloud-native and Kubernetes, as we are, software development has outgrown the local machine. Docker Offload aims to close the gaps that exist and allow infrastructure teams to keep their architecture intact and also make sure security teams get the compliance they require.
“When nothing changes for the developer, adoption actually happens,” suggest Slaveck and Sparks.
Docker Offload is currently available in two deployment methods: multi-tenant and single-tenant.
Related
