DC/OS 2.0 plays to the enterprise with improved security, and Windows support

Container orchestration

D2iQ, the company formerly known as Mesosphere, has released DC/OS 2.0 into the wild, promising improvements in enterprise security, resource management, and multi-tenant support.

DC/OS was introduced in 2015 as Mesosphere’s datacenter operating system (DCOS). The project is based on the Apache Mesos distributed systems kernel and became open source in 2016. Today, the name abbreviates Distributed Cloud Operating System, which might be timely but can also cause confusion, given that DC/OS can be used on-premises as well. Apart from being an operating system, DC/OS can serve as a container platform or cluster manager.

For its second major release, the DC/OS team highlights, amongst other things, the progress the project has made in terms of security. It now includes TLS certificate verification and capabilities meant to prevent cluster denial of service attacks, rogue service insertion and service takeovers, as well as to protect zookeeper data. Updates to OpenSSL and CockroachDB should ensure users enjoy better protection and have remediations for known vulnerabilities available to them.

DC/OS 2.0 has been fitted with a self-service edge load balancer, enhanced batch computing capabilities and improved logging of network and performance metrics so that teams can work in a more self-sufficient way. Departments more into data science can profit from an integrated data science engine and support for services like Apache Kafka, Spark, and Nifi.

However, resources aren’t always as plentiful as a company would like, which is why DC/OS 2.0 offers a way to restrict availability for certain service groups. This can be done via the UI or CLI, and allows different teams to work on a cluster without affecting the rest.

Since most enterprises don’t start their projects from scratch, UCR support promises to help realising resource sharing when legacy and cloud workloads are mixed. And since Microsoft doesn’t seem to be leaving the business world any time soon, D2iQ follows the example of Docker, Kubernetes and others in offering beta support for Windows.

Apart from that, admins now have a node draining feature available to them. The addition is meant to keep disruptions of service to a minimum during maintenance work and similar scenarios. A detailed list of changes can be found on the D2iQ blog.