When the time comes, software developers have the choice between developing Docker containers for the App Center themselves or providing us with Debian packages, which we then use to create containers at no extra cost. Ultimately, the openness that Docker brings with it conceptionally will put us in a position to expand our App Center beyond the UCS world and include apps which do not support UCS natively. A few days ago, we released the first native Docker app in the App Center: Jenkins. This was a very important milestone for us and will help us to reduce the efforts required of ISVs for the provision of apps.
And that’s not all: Docker opens up yet another perspective, namely that of microservices, i.e., an architecture comprising predominantly uncoupled, reusable program modules, which can be combined and recombined into complex software applications with the help of language-independent APIs. However, this involves the prerequisite that a single app can start multiple containers simultaneously. That’s what we are hard at work on right now.
That’s not the end of the app news either: We have released app appliances (combinations of a UCS runtime environment and the apps themselves) for VMware, Virtualbox, and KVM. This makes it possible to create very simple test and setup possibilities. This will really boost all apps, once we distribute the appliances across the different clouds automatically, which should be the case this year. The next step is therefore to provide the app developers with the opportunity to incorporate their own branding into their appliances.
UCS Management with SSO and Self Service
As far as apps are concerned, UCS 4.1 functions not only as a runtime environment, but also as an app management system – by the way, one project managed by our Professional Services Team includes 30 million (!) users.
From a user perspective, this offers the convenience of single sign-on for the entire company network, whether on a Windows client, groupware, or ERP system. The management system also offers admins convenience and security: If a user is erased, he is permanently prevented from logging in to any app , irrespective of whether on a local server or in a cloud environment.
The single sign-on is possible thanks to the integration of Security Assertion Markup Language (SAML) in UCS 4.1. ownCloud and Open-Xchange offer SAML support from our App Center, but it can also be used in the proprietary world, for example with Google Apps for Work and Office 365. We are currently working on connectors for both solutions. They should already be available by the end of this month. Just to calm any fears: Passwords and password hashes are of course not synchronized with the proprietary cloud services. Speaking of security: UCS 4.1 now allows two-factor authentication – with interfaces between our management interface and the solution privacyIDEA.
Further improvements in terms of management: UCS 4.1 now features a self-service module allowing users to reset their password autonomously using a stored telephone number or e-mail address. You wouldn’t think it, but that translates to considerable potential savings: The Volkswagen Group spends around one million euros on password resets annually.
Continuous Improvement and UCS 4.2
Continuous improvements in the true sense of the word: Our errata updates also contribute to this idea – for all UCS versions being maintained, not just for the latest 4.1 – and are then, in turn, released in bundles as patch level releases. Improvement of usability also remains incredibly important. There is a distinct demand for continuous improvements, for example for DNS and DHCP administration in the management system or for access via mobile devices.
What’s next after UCS 4.1? 4.2 is set to be released in fall 2016 – it will be based on Debian 8 (Jessie). This change of the distribution base in the scope of a minor release may appear unusual, but as we think there is no alternative, as the software basis would otherwise become outdated too quickly. With the help of Docker, the App Center, and our state-of-the-art update mechanisms, we ensure that this transition is as smooth as possible.
Speaking of minor releases: With immediate effect, the time frame in which customers need to upgrade to the next one to receive security updates will be extended from 6 to 12 months for customers with a maintenance subscription. In addition, as the rules applies that security and bug fixes are provided for the current and previous release, users of 4.1 will still be safe for one year after the release of 4.2.