SlideShare a Scribd company logo

Docker for Ops - Scott Coulton, Puppet

Docker, Inc.
Docker, Inc.

In this talk, Scott Coulton will take you through Docker's cluster solution Swarm mode with his operations hat on. We will start from the beginning by describing what swarm mode is, what it does, and how it works behind the scenes. From there, we will look at very basic configurations of Swarm mode from the point of view of the operations team as well as a production-ready workflow including deployments of the cluster, logging and CD best practices. Attendees will be able to apply their learnings to their use cases.

1 of 32
Downloaded 40 times
Docker For Ops Scott Coulton Senior Software Engineer, 
 Puppet
John Zaccone Scott Coulton “Dev” Cloud Engineer, 
 IBM “Ops” Senior Software Engineer, 
 Puppet
Docker for ops 1. What we are going to cover 2. Build for failure 3. Make sure it’s secure 4. Can we log that? 5. Deploy, Deploy, Deploy !!! Agenda
Docker Captain Snr Software Engineer @ About me
As you saw in Docker for dev we have an awesome application that is going to make us some money taking it from the evil corp Initech. To host the app we will use the following: • Both Docker UCP and Docker Swarm mode and make sure the infrastructure is highly available • We will host our images in a Docker trusted registry • We have to make sure the app is logging, the image is signed and there is no vulnerability in our images What we are going to cover
Build for failure
In this day and age an outage is going to cost your business money. Docker have two solutions to help you. • The open source offering is swarm mode • The enterprise offering is universal control plane We don't want our application to go down
Swarm mode is the native clustering solution that is included in the Docker engine from v1.12 until present. Enabling swarm mode on your engine gives you the following : • Scheduling of containers across compute nodes • Overlay networking for container communication • Service discovery via DNS • Load balancing • Secure by default, all comms between node for cluster operations are configured to use SSL Swarm mode
Swarm mode reference architecture
Universal control plane is built on top of Docker swarm mode. In addition to the features you get with swarm mode you also get: • A graphical interface for management • TLS authentication to protect your Docker API • Real time metrics on the cluster via dashboards • LDAP and RBAC Universal control plane
UCP reference architecture Docker swarm worker node CS Docker Engine UCP agent UCP worker worker node CS Docker Engine UCP agent UCP worker manager node CS Docker Engine UCP agent UCP manager manager node CS Docker Engine UCP agent UCP manager manager node CS Docker Engine UCP agent UCP manager
UCP LB architecture
UCP service discovery architecture
How we are building our infrastructure
Make sure it’s secure !!!
As we already have a base image created from our developers. We should make sure that firstly, the image does not have any vulnerable packages in it. Then we want to make sure our image is trusted and has not been tampered with. To do this we will use • Docker trusted registry security scanning • Docker notary • Protect our container with apparmor Let’s make it secure
Security scanning in DTR allows the following to happen at rest: • Images are scanned for vulnerabilities • Scanning is automated on a Docker push • Prebuilt dashboards to display the scan results Security scanning
Secure scanning dashboard
Image signing with notary allows us to make sure our images : • Our images are signed • Sets up a trust model between the registry and the engine Image signing with Notary
Notary architecture
Notary signer interaction credentials auth X TUF server >_ Upload new metadata 401 - please auth bearer token verify(metadata) get metadata generate( timestamp,snapshot) sign( timestamp, snapshot) private keystimestamp/snapshot signatures Token + Upload new metadata timestamp/snapshot store metadata200 OK Token + Get new metadata get metadata200 OK + Latest metadata 1 2 3 4 5 6 7 (signer) (server DB) (signer DB) (client)
Applying apparmor allows us to run only the process we wont to run in our containers : • Wont allow unwanted process to spawn • Locks down file system for unwanted reads or rights Protect our container’s processes
docker run --rm -it --security-opt apparmor=docker-default hello-world How do we apply a policy
Can we log that ?
Applying logging to your container ecosystem is easy using a project called logspout https://github.com/gliderlabs/logspout: • Allows you to capture logs from all your container • Works with most existing logging infrastructure • Allows you to easily encrypt logs on transit Can we log that?
Can we log that?
Deploy, Deploy, Deploy
Now we have everything set up from our security stack through to our logging we can deploy: • How images get into our Docker trusted registry • The flow of request if the clusters need an image Deploy, Deploy, Deploy
Images to our DTR
The flow of request if the clusters need an image
Demo time https://github.com/scotty-c/ dockercon-17
Thank You ! Go containerise your life ! @scottcoulton #dockercon
Ad

Recommended

Global Operations with Docker for the Enterprise - Nico Kabar, Docker
Global Operations with Docker for the Enterprise - Nico Kabar, DockerGlobal Operations with Docker for the Enterprise - Nico Kabar, Docker
Global Operations with Docker for the Enterprise - Nico Kabar, Docker
Docker, Inc.
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support Engineer
Jeff Anderson
 
Escape From Your VMs with Image2Docker Jeff Nickoloff, All in Geek Consulting...
Escape From Your VMs with Image2Docker Jeff Nickoloff, All in Geek Consulting...Escape From Your VMs with Image2Docker Jeff Nickoloff, All in Geek Consulting...
Escape From Your VMs with Image2Docker Jeff Nickoloff, All in Geek Consulting...
Docker, Inc.
 
Taking Docker from Local to Production at Intuit JanJaap Lahpor, Intuit and H...
Taking Docker from Local to Production at Intuit JanJaap Lahpor, Intuit and H...Taking Docker from Local to Production at Intuit JanJaap Lahpor, Intuit and H...
Taking Docker from Local to Production at Intuit JanJaap Lahpor, Intuit and H...
Docker, Inc.
 
Automated hardware testing using docker for space
Automated hardware testing using docker for spaceAutomated hardware testing using docker for space
Automated hardware testing using docker for space
Docker, Inc.
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
Mike Goelzer
 
It takes a Village to do the Impossible - Jeff Lindsay
It takes a Village to do the Impossible - Jeff LindsayIt takes a Village to do the Impossible - Jeff Lindsay
It takes a Village to do the Impossible - Jeff Lindsay
Docker, Inc.
 
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPDockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
Thomas Graf
 
Effective Data Pipelines with Docker & Jenkins - Brian Donaldson
Effective Data Pipelines with Docker & Jenkins - Brian DonaldsonEffective Data Pipelines with Docker & Jenkins - Brian Donaldson
Effective Data Pipelines with Docker & Jenkins - Brian Donaldson
Docker, Inc.
 
Android Meets Docker
Android Meets DockerAndroid Meets Docker
Android Meets Docker
Docker, Inc.
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
Docker, Inc.
 
Node.js Rocks in Docker for Dev and Ops
Node.js Rocks in Docker for Dev and OpsNode.js Rocks in Docker for Dev and Ops
Node.js Rocks in Docker for Dev and Ops
Bret Fisher
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker ee
Docker, Inc.
 
Docker Meetup 08 03-2016
Docker Meetup 08 03-2016Docker Meetup 08 03-2016
Docker Meetup 08 03-2016
Docker
 
Your Auto-Scaling Bot - Volkan Tufecki
Your Auto-Scaling Bot - Volkan TufeckiYour Auto-Scaling Bot - Volkan Tufecki
Your Auto-Scaling Bot - Volkan Tufecki
Docker, Inc.
 
DCSF19 How To Build Your Containerization Strategy
DCSF19 How To Build Your Containerization Strategy DCSF19 How To Build Your Containerization Strategy
DCSF19 How To Build Your Containerization Strategy
Docker, Inc.
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
Docker, Inc.
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 
DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith
Docker, Inc.
 
DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with Docker
Docker, Inc.
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker, Inc.
 
Proactive ops for container orchestration environments
Proactive ops for container orchestration environmentsProactive ops for container orchestration environments
Proactive ops for container orchestration environments
Docker, Inc.
 
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Docker, Inc.
 
DockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker EngineDockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker Engine
Docker, Inc.
 
DockerCon EU 2015: Stop Being Lazy and Test Your Software!
DockerCon EU 2015: Stop Being Lazy and Test Your Software!DockerCon EU 2015: Stop Being Lazy and Test Your Software!
DockerCon EU 2015: Stop Being Lazy and Test Your Software!
Docker, Inc.
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKit
Docker, Inc.
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker, Inc.
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
Docker, Inc.
 
CI_CD_Demo.pptx
CI_CD_Demo.pptxCI_CD_Demo.pptx
CI_CD_Demo.pptx
TheGame26
 
Ad

More Related Content

What's hot (20)

Effective Data Pipelines with Docker & Jenkins - Brian Donaldson
Effective Data Pipelines with Docker & Jenkins - Brian DonaldsonEffective Data Pipelines with Docker & Jenkins - Brian Donaldson
Effective Data Pipelines with Docker & Jenkins - Brian Donaldson
Docker, Inc.
 
Android Meets Docker
Android Meets DockerAndroid Meets Docker
Android Meets Docker
Docker, Inc.
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
Docker, Inc.
 
Node.js Rocks in Docker for Dev and Ops
Node.js Rocks in Docker for Dev and OpsNode.js Rocks in Docker for Dev and Ops
Node.js Rocks in Docker for Dev and Ops
Bret Fisher
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker ee
Docker, Inc.
 
Docker Meetup 08 03-2016
Docker Meetup 08 03-2016Docker Meetup 08 03-2016
Docker Meetup 08 03-2016
Docker
 
Your Auto-Scaling Bot - Volkan Tufecki
Your Auto-Scaling Bot - Volkan TufeckiYour Auto-Scaling Bot - Volkan Tufecki
Your Auto-Scaling Bot - Volkan Tufecki
Docker, Inc.
 
DCSF19 How To Build Your Containerization Strategy
DCSF19 How To Build Your Containerization Strategy DCSF19 How To Build Your Containerization Strategy
DCSF19 How To Build Your Containerization Strategy
Docker, Inc.
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
Docker, Inc.
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 
DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith
Docker, Inc.
 
DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with Docker
Docker, Inc.
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker, Inc.
 
Proactive ops for container orchestration environments
Proactive ops for container orchestration environmentsProactive ops for container orchestration environments
Proactive ops for container orchestration environments
Docker, Inc.
 
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Docker, Inc.
 
DockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker EngineDockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker Engine
Docker, Inc.
 
DockerCon EU 2015: Stop Being Lazy and Test Your Software!
DockerCon EU 2015: Stop Being Lazy and Test Your Software!DockerCon EU 2015: Stop Being Lazy and Test Your Software!
DockerCon EU 2015: Stop Being Lazy and Test Your Software!
Docker, Inc.
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKit
Docker, Inc.
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker, Inc.
 
Effective Data Pipelines with Docker & Jenkins - Brian Donaldson
Effective Data Pipelines with Docker & Jenkins - Brian DonaldsonEffective Data Pipelines with Docker & Jenkins - Brian Donaldson
Effective Data Pipelines with Docker & Jenkins - Brian Donaldson
Docker, Inc.
 
Android Meets Docker
Android Meets DockerAndroid Meets Docker
Android Meets Docker
Docker, Inc.
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
Docker, Inc.
 
Node.js Rocks in Docker for Dev and Ops
Node.js Rocks in Docker for Dev and OpsNode.js Rocks in Docker for Dev and Ops
Node.js Rocks in Docker for Dev and Ops
Bret Fisher
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker ee
Docker, Inc.
 
Docker Meetup 08 03-2016
Docker Meetup 08 03-2016Docker Meetup 08 03-2016
Docker Meetup 08 03-2016
Docker
 
Your Auto-Scaling Bot - Volkan Tufecki
Your Auto-Scaling Bot - Volkan TufeckiYour Auto-Scaling Bot - Volkan Tufecki
Your Auto-Scaling Bot - Volkan Tufecki
Docker, Inc.
 
DCSF19 How To Build Your Containerization Strategy
DCSF19 How To Build Your Containerization Strategy DCSF19 How To Build Your Containerization Strategy
DCSF19 How To Build Your Containerization Strategy
Docker, Inc.
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
Docker, Inc.
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 
DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith
Docker, Inc.
 
DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with Docker
Docker, Inc.
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker, Inc.
 
Proactive ops for container orchestration environments
Proactive ops for container orchestration environmentsProactive ops for container orchestration environments
Proactive ops for container orchestration environments
Docker, Inc.
 
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Docker, Inc.
 
DockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker EngineDockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker Engine
Docker, Inc.
 
DockerCon EU 2015: Stop Being Lazy and Test Your Software!
DockerCon EU 2015: Stop Being Lazy and Test Your Software!DockerCon EU 2015: Stop Being Lazy and Test Your Software!
DockerCon EU 2015: Stop Being Lazy and Test Your Software!
Docker, Inc.
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKit
Docker, Inc.
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker, Inc.
 

Similar to Docker for Ops - Scott Coulton, Puppet (20)

DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
Docker, Inc.
 
CI_CD_Demo.pptx
CI_CD_Demo.pptxCI_CD_Demo.pptx
CI_CD_Demo.pptx
TheGame26
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Webinar : Docker in Production
Webinar : Docker in ProductionWebinar : Docker in Production
Webinar : Docker in Production
Newt Global Consulting LLC
 
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
Puppet
 
Puppet and docker
Puppet and dockerPuppet and docker
Puppet and docker
Scott Coulton
 
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Lean IT Consulting
 
Docker presentasjon java bin
Docker presentasjon java binDocker presentasjon java bin
Docker presentasjon java bin
Olve Hansen
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
Dockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx CasablancaDockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx Casablanca
Michel Courtine
 
Docker
DockerDocker
Docker
Abhishek Tomar
 
Increase Supply Chain Transparency & Security with Harbor & Anchore
Increase Supply Chain Transparency & Security with Harbor & AnchoreIncrease Supply Chain Transparency & Security with Harbor & Anchore
Increase Supply Chain Transparency & Security with Harbor & Anchore
Anchore
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Docker, Inc.
 
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
devopsdaysaustin
 
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
DynamicInfraDays
 
Container Days
Container DaysContainer Days
Container Days
Patrick Mizer
 
Container on azure
Container on azureContainer on azure
Container on azure
Vishwas N
 
Reactive summit 2020 microsoft orleans the easy way
Reactive summit 2020 microsoft orleans the easy wayReactive summit 2020 microsoft orleans the easy way
Reactive summit 2020 microsoft orleans the easy way
John Azariah
 
DockerCon2017 - Skypilot
DockerCon2017 - SkypilotDockerCon2017 - Skypilot
DockerCon2017 - Skypilot
Thomas Shaw
 
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Patrick Chanezon
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
Docker, Inc.
 
CI_CD_Demo.pptx
CI_CD_Demo.pptxCI_CD_Demo.pptx
CI_CD_Demo.pptx
TheGame26
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Webinar : Docker in Production
Webinar : Docker in ProductionWebinar : Docker in Production
Webinar : Docker in Production
Newt Global Consulting LLC
 
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
Puppet
 
Puppet and docker
Puppet and dockerPuppet and docker
Puppet and docker
Scott Coulton
 
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Lean IT Consulting
 
Docker presentasjon java bin
Docker presentasjon java binDocker presentasjon java bin
Docker presentasjon java bin
Olve Hansen
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
Dockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx CasablancaDockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx Casablanca
Michel Courtine
 
Docker
DockerDocker
Docker
Abhishek Tomar
 
Increase Supply Chain Transparency & Security with Harbor & Anchore
Increase Supply Chain Transparency & Security with Harbor & AnchoreIncrease Supply Chain Transparency & Security with Harbor & Anchore
Increase Supply Chain Transparency & Security with Harbor & Anchore
Anchore
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Docker, Inc.
 
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
devopsdaysaustin
 
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
DynamicInfraDays
 
Container Days
Container DaysContainer Days
Container Days
Patrick Mizer
 
Container on azure
Container on azureContainer on azure
Container on azure
Vishwas N
 
Reactive summit 2020 microsoft orleans the easy way
Reactive summit 2020 microsoft orleans the easy wayReactive summit 2020 microsoft orleans the easy way
Reactive summit 2020 microsoft orleans the easy way
John Azariah
 
DockerCon2017 - Skypilot
DockerCon2017 - SkypilotDockerCon2017 - Skypilot
DockerCon2017 - Skypilot
Thomas Shaw
 
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Patrick Chanezon
 
Ad

More from Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
Docker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
Docker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
Docker, Inc.
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
Docker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
Docker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
Docker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
Docker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
Docker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
Docker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
Docker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
Docker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
Docker, Inc.
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
Docker, Inc.
 
Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
Docker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
Docker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
Docker, Inc.
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
Docker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
Docker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
Docker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
Docker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
Docker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
Docker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
Docker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
Docker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
Docker, Inc.
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
Docker, Inc.
 
Ad

Recently uploaded (20)

AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
Mobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi ArabiaMobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi Arabia
Steve Jonas
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
Alan Dix
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In FranceManifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
chb3
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
Cybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure ADCybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure AD
VICTOR MAESTRE RAMIREZ
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded DevelopersLinux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Toradex
 
AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
Mobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi ArabiaMobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi Arabia
Steve Jonas
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
Alan Dix
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In FranceManifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
chb3
 
Linux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdfLinux Professional Institute LPIC-1 Exam.pdf
Linux Professional Institute LPIC-1 Exam.pdf
RHCSA Guru
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
Cybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure ADCybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure AD
VICTOR MAESTRE RAMIREZ
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded DevelopersLinux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Toradex
 

Docker for Ops - Scott Coulton, Puppet

  • 1. Docker For Ops Scott Coulton Senior Software Engineer, 
 Puppet
  • 2. John Zaccone Scott Coulton “Dev” Cloud Engineer, 
 IBM “Ops” Senior Software Engineer, 
 Puppet
  • 3. Docker for ops 1. What we are going to cover 2. Build for failure 3. Make sure it’s secure 4. Can we log that? 5. Deploy, Deploy, Deploy !!! Agenda
  • 4. Docker Captain Snr Software Engineer @ About me
  • 5. As you saw in Docker for dev we have an awesome application that is going to make us some money taking it from the evil corp Initech. To host the app we will use the following: • Both Docker UCP and Docker Swarm mode and make sure the infrastructure is highly available • We will host our images in a Docker trusted registry • We have to make sure the app is logging, the image is signed and there is no vulnerability in our images What we are going to cover
  • 7. In this day and age an outage is going to cost your business money. Docker have two solutions to help you. • The open source offering is swarm mode • The enterprise offering is universal control plane We don't want our application to go down
  • 8. Swarm mode is the native clustering solution that is included in the Docker engine from v1.12 until present. Enabling swarm mode on your engine gives you the following : • Scheduling of containers across compute nodes • Overlay networking for container communication • Service discovery via DNS • Load balancing • Secure by default, all comms between node for cluster operations are configured to use SSL Swarm mode
  • 9. Swarm mode reference architecture
  • 10. Universal control plane is built on top of Docker swarm mode. In addition to the features you get with swarm mode you also get: • A graphical interface for management • TLS authentication to protect your Docker API • Real time metrics on the cluster via dashboards • LDAP and RBAC Universal control plane
  • 11. UCP reference architecture Docker swarm worker node CS Docker Engine UCP agent UCP worker worker node CS Docker Engine UCP agent UCP worker manager node CS Docker Engine UCP agent UCP manager manager node CS Docker Engine UCP agent UCP manager manager node CS Docker Engine UCP agent UCP manager
  • 13. UCP service discovery architecture
  • 14. How we are building our infrastructure
  • 16. As we already have a base image created from our developers. We should make sure that firstly, the image does not have any vulnerable packages in it. Then we want to make sure our image is trusted and has not been tampered with. To do this we will use • Docker trusted registry security scanning • Docker notary • Protect our container with apparmor Let’s make it secure
  • 17. Security scanning in DTR allows the following to happen at rest: • Images are scanned for vulnerabilities • Scanning is automated on a Docker push • Prebuilt dashboards to display the scan results Security scanning
  • 19. Image signing with notary allows us to make sure our images : • Our images are signed • Sets up a trust model between the registry and the engine Image signing with Notary
  • 21. Notary signer interaction credentials auth X TUF server >_ Upload new metadata 401 - please auth bearer token verify(metadata) get metadata generate( timestamp,snapshot) sign( timestamp, snapshot) private keystimestamp/snapshot signatures Token + Upload new metadata timestamp/snapshot store metadata200 OK Token + Get new metadata get metadata200 OK + Latest metadata 1 2 3 4 5 6 7 (signer) (server DB) (signer DB) (client)
  • 22. Applying apparmor allows us to run only the process we wont to run in our containers : • Wont allow unwanted process to spawn • Locks down file system for unwanted reads or rights Protect our container’s processes
  • 23. docker run --rm -it --security-opt apparmor=docker-default hello-world How do we apply a policy
  • 24. Can we log that ?
  • 25. Applying logging to your container ecosystem is easy using a project called logspout https://github.com/gliderlabs/logspout: • Allows you to capture logs from all your container • Works with most existing logging infrastructure • Allows you to easily encrypt logs on transit Can we log that?
  • 26. Can we log that?
  • 28. Now we have everything set up from our security stack through to our logging we can deploy: • How images get into our Docker trusted registry • The flow of request if the clusters need an image Deploy, Deploy, Deploy
  • 30. The flow of request if the clusters need an image
  • 32. Thank You ! Go containerise your life ! @scottcoulton #dockercon