SlideShare a Scribd company logo

Multi tenancy for docker

Download as PPTX, PDF
Ananth Padmanabhan
Ananth Padmanabhan

Uploading the presentation given at the OpenStack Summit, Austin in April, 2016. The video link is here , https://www.openstack.org/videos/video/multi-tenancy-for-docker-containers-with-keystone-and-adding-quota-limits

Technology
1 of 16
Multi-tenancy for Docker Containers with Keystone Satya Routray, Rahul Upadhyay Anantha Padmanabhan CB, Meenakshi Lakshmanan 27, Apr 2016
Current authorization mechanism  Username / Password based authentication  Allows user to run any docker command  Or view all provisioned containers  No limit on number of containers / resources used
Why multitenancy?  We can use standalone Keystone to provide multitenancy to Docker.  Multitenancy allows users to view/manage only the containers they provisioned  Enables Role Based Access Control (RBAC)  Enables administrator to specify quota – pay as you go model  Can utilize Keystone’s ability to support multiple backend domains  Single sign-on and Hierarchical multitenancy  Not only users-to-container authorization, but also service-to-service authorization that are running across different containers
Keystone services • Identity – Credential validation • Resources – Data about Projects and Domains • Assignment - Roles and Roles-to-Resource assignments • Token – Manages tokens • Catalog – Registry of services and end points • Policy – Rule based authorization
Authentication mechanisms UUID Tokens • UUID • Persistent PKI & PKIZ Tokens (From Grizzly) • Public Key Infrastructure – Certificate based • More informative payload but size is huge • Persistent Fernet Tokens (From Juno) • Non-persistent & Symmetric key encryption • 85% faster than UUID and 89% faster than PKI
UUID tokens Client API Token Token Generation User/Pass Verify/Generate/Store UUID Send User/Pass Cache UUID locally UUID Cache UUID Keystone Backend API Call Validation Request Send API request+UUID Request UUID Extract UUID from Request UUID Check UUID and expiry date Valid? Process Request Reject Request 2xx HTTP 4xx HTTP Update Req. status Display Req. Error Yes No API Call Validation response
PKI Tokens
What is Docker • Enables you to package an application with all its dependencies into a standardized unit • Docker separates applications from infrastructure using container technology Similar to how VMs separate the operating system from bare metal • Runs the same regardless of the environment Build Ship Run
Docker – Key Components • Docker Demon • Docker API • Cli Used to interact with Daemon • Docker Engine, (Constitutes of all the above) • Docker Machine – bring up Docker Swarm • Docker Swarm – Native clustering for Docker
Multitenant Cluster Multi-Tenant Swarm C1 C2 C3 C4 Tenant1 Tenant4Tenant3Tenant2 Keystone C1 C2 C3 C4 H1 H2 User Policy Resource Identity Catalog
Multi-tenancy with keystone User keystoneDocker HostSwarm keystoneDocker HostSwarmUser Authenticate (User, Tenant, Password) Validate and generate token Token Update config.json with token and tenant ID Docker –H swarm url <docker CMD> List tenants List tenant to which token has access Check keystone’s tenant list for user’s tenant Ensure that Tenants are isolated from each other, Each tenant can only manage and link to their own container Docker <Docker cmd>
Timelines and future work • Implementation of keystone support – In progress • Explore fernet tokens and include support for the same • Provide isolated tenant networking capabilities • Provide a framework for dockerized applications to use the multitenancy seamlessly
Connect with us… • Satya Routray (engg.sanj@gmail.com) • Rahul Upadhyay (rahuupad@cisco.com) • Anantha Padmanabhan CB (cbpadman@cisco.com) • Meenakshi Lakshmanan (mlakshma@cisco.com)
References • Identity, Authentication & Access Management in OpenStack – Implementing and Deploying Keystone - Steve Martinelli, Henry Nash & Brad Topol • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/ • http://dolphm.com/the-anatomy-of-openstack-keystone-token-formats/ • https://docs.docker.com/swarm/ • https://docs.docker.com/machine/drivers/openstack/ • https://wiki.openstack.org/wiki/Keystone • http://docs.openstack.org/developer/keystone/ • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/
Q&A
OpenStack Summit Austin, Texas 2016

Recommended

AWSのセキュリティについて
AWSのセキュリティについてAWSのセキュリティについて
AWSのセキュリティについてYasuhiro Horiuchi
 
ストリーム処理を支えるキューイングシステムの選び方
ストリーム処理を支えるキューイングシステムの選び方ストリーム処理を支えるキューイングシステムの選び方
ストリーム処理を支えるキューイングシステムの選び方Yoshiyasu SAEKI
 
いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計Serverworks Co.,Ltd.
 
AWS WAF のマネージドルールって結局どれを選べばいいの?
AWS WAF のマネージドルールって結局どれを選べばいいの?AWS WAF のマネージドルールって結局どれを選べばいいの?
AWS WAF のマネージドルールって結局どれを選べばいいの?YOJI WATANABE
 
20200930 AWS Black Belt Online Seminar Amazon Kinesis Video Streams
20200930 AWS Black Belt Online Seminar Amazon Kinesis Video Streams20200930 AWS Black Belt Online Seminar Amazon Kinesis Video Streams
20200930 AWS Black Belt Online Seminar Amazon Kinesis Video StreamsAmazon Web Services Japan
 
週末趣味のAWS Transit Gatewayでの経路制御
週末趣味のAWS Transit Gatewayでの経路制御週末趣味のAWS Transit Gatewayでの経路制御
週末趣味のAWS Transit Gatewayでの経路制御Namba Kazuo
 
Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018
Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018
Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018Amazon Web Services
 
(NET403) Another Day, Another Billion Packets
(NET403) Another Day, Another Billion Packets(NET403) Another Day, Another Billion Packets
(NET403) Another Day, Another Billion PacketsAmazon Web Services
 

Recommended

AWSのセキュリティについて
AWSのセキュリティについてAWSのセキュリティについて
AWSのセキュリティについてYasuhiro Horiuchi
 
ストリーム処理を支えるキューイングシステムの選び方
ストリーム処理を支えるキューイングシステムの選び方ストリーム処理を支えるキューイングシステムの選び方
ストリーム処理を支えるキューイングシステムの選び方Yoshiyasu SAEKI
 
いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計Serverworks Co.,Ltd.
 
AWS WAF のマネージドルールって結局どれを選べばいいの?
AWS WAF のマネージドルールって結局どれを選べばいいの?AWS WAF のマネージドルールって結局どれを選べばいいの?
AWS WAF のマネージドルールって結局どれを選べばいいの?YOJI WATANABE
 
20200930 AWS Black Belt Online Seminar Amazon Kinesis Video Streams
20200930 AWS Black Belt Online Seminar Amazon Kinesis Video Streams20200930 AWS Black Belt Online Seminar Amazon Kinesis Video Streams
20200930 AWS Black Belt Online Seminar Amazon Kinesis Video StreamsAmazon Web Services Japan
 
週末趣味のAWS Transit Gatewayでの経路制御
週末趣味のAWS Transit Gatewayでの経路制御週末趣味のAWS Transit Gatewayでの経路制御
週末趣味のAWS Transit Gatewayでの経路制御Namba Kazuo
 
Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018
Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018
Under the Hood of Amazon Route 53 (ARC408-R1) - AWS re:Invent 2018Amazon Web Services
 
(NET403) Another Day, Another Billion Packets
(NET403) Another Day, Another Billion Packets(NET403) Another Day, Another Billion Packets
(NET403) Another Day, Another Billion PacketsAmazon Web Services
 
AWSの課金体系
AWSの課金体系AWSの課金体系
AWSの課金体系Amazon Web Services Japan
 
CloudFront最近の事例と間違った使い方
CloudFront最近の事例と間違った使い方CloudFront最近の事例と間違った使い方
CloudFront最近の事例と間違った使い方Hirokazu Ouchi
 
AWS初心者向けWebinar AWSとのネットワーク接続入門
AWS初心者向けWebinar AWSとのネットワーク接続入門AWS初心者向けWebinar AWSとのネットワーク接続入門
AWS初心者向けWebinar AWSとのネットワーク接続入門Amazon Web Services Japan
 
Mobage を支える Ruby の技術 ~ 複数DB編 ~
Mobage を支える Ruby の技術 ~ 複数DB編 ~Mobage を支える Ruby の技術 ~ 複数DB編 ~
Mobage を支える Ruby の技術 ~ 複数DB編 ~Naotoshi Seo
 
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design Pattern
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design PatternAWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design Pattern
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design PatternAmazon Web Services Japan
 
はじめての Gatling
はじめての Gatlingはじめての Gatling
はじめての GatlingNaoya Nakazawa
 
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...MPN Japan
 
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...Amazon Web Services
 
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデート
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデートAmazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデート
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデートAmazon Web Services Japan
 
AWSのログ管理ベストプラクティス
AWSのログ管理ベストプラクティスAWSのログ管理ベストプラクティス
AWSのログ管理ベストプラクティスAkihiro Kuwano
 
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...Amazon Web Services Korea
 
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンスAmazon Web Services Japan
 
AWS Black Belt Techシリーズ Amazon CloudFront
AWS Black Belt Techシリーズ Amazon CloudFrontAWS Black Belt Techシリーズ Amazon CloudFront
AWS Black Belt Techシリーズ Amazon CloudFrontAmazon Web Services Japan
 
DevOps with Database on AWS
DevOps with Database on AWSDevOps with Database on AWS
DevOps with Database on AWSAmazon Web Services Japan
 
SG 09 Patrones de Integración Empresarial Apache Camel
SG 09 Patrones de Integración Empresarial Apache CamelSG 09 Patrones de Integración Empresarial Apache Camel
SG 09 Patrones de Integración Empresarial Apache CamelDomingo Suarez Torres
 
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策Amazon Web Services Japan
 
AWS Black Belt Online Seminar 2017 Amazon Connect
AWS Black Belt Online Seminar 2017 Amazon ConnectAWS Black Belt Online Seminar 2017 Amazon Connect
AWS Black Belt Online Seminar 2017 Amazon ConnectAmazon Web Services Japan
 
VMware Cloud on AWS POC テストケース
VMware Cloud on AWS POC テストケースVMware Cloud on AWS POC テストケース
VMware Cloud on AWS POC テストケースNoritaka Kuroiwa
 
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAmazon Web Services
 
Dockerからcontainerdへの移行
Dockerからcontainerdへの移行Dockerからcontainerdへの移行
Dockerからcontainerdへの移行Akihiro Suda
 
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Felix Gessert
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeAcademy
 

More Related Content

What's hot

CloudFront最近の事例と間違った使い方
CloudFront最近の事例と間違った使い方CloudFront最近の事例と間違った使い方
CloudFront最近の事例と間違った使い方Hirokazu Ouchi
 
AWS初心者向けWebinar AWSとのネットワーク接続入門
AWS初心者向けWebinar AWSとのネットワーク接続入門AWS初心者向けWebinar AWSとのネットワーク接続入門
AWS初心者向けWebinar AWSとのネットワーク接続入門Amazon Web Services Japan
 
Mobage を支える Ruby の技術 ~ 複数DB編 ~
Mobage を支える Ruby の技術 ~ 複数DB編 ~Mobage を支える Ruby の技術 ~ 複数DB編 ~
Mobage を支える Ruby の技術 ~ 複数DB編 ~Naotoshi Seo
 
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design Pattern
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design PatternAWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design Pattern
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design PatternAmazon Web Services Japan
 
はじめての Gatling
はじめての Gatlingはじめての Gatling
はじめての GatlingNaoya Nakazawa
 
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...MPN Japan
 
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...Amazon Web Services
 
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデート
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデートAmazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデート
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデートAmazon Web Services Japan
 
AWSのログ管理ベストプラクティス
AWSのログ管理ベストプラクティスAWSのログ管理ベストプラクティス
AWSのログ管理ベストプラクティスAkihiro Kuwano
 
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...Amazon Web Services Korea
 
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンスAmazon Web Services Japan
 
AWS Black Belt Techシリーズ Amazon CloudFront
AWS Black Belt Techシリーズ Amazon CloudFrontAWS Black Belt Techシリーズ Amazon CloudFront
AWS Black Belt Techシリーズ Amazon CloudFrontAmazon Web Services Japan
 
SG 09 Patrones de Integración Empresarial Apache Camel
SG 09 Patrones de Integración Empresarial Apache CamelSG 09 Patrones de Integración Empresarial Apache Camel
SG 09 Patrones de Integración Empresarial Apache CamelDomingo Suarez Torres
 
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策Amazon Web Services Japan
 
AWS Black Belt Online Seminar 2017 Amazon Connect
AWS Black Belt Online Seminar 2017 Amazon ConnectAWS Black Belt Online Seminar 2017 Amazon Connect
AWS Black Belt Online Seminar 2017 Amazon ConnectAmazon Web Services Japan
 
VMware Cloud on AWS POC テストケース
VMware Cloud on AWS POC テストケースVMware Cloud on AWS POC テストケース
VMware Cloud on AWS POC テストケースNoritaka Kuroiwa
 
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAmazon Web Services
 
Dockerからcontainerdへの移行
Dockerからcontainerdへの移行Dockerからcontainerdへの移行
Dockerからcontainerdへの移行Akihiro Suda
 

What's hot (20)

AWSの課金体系
AWSの課金体系AWSの課金体系
AWSの課金体系
 
CloudFront最近の事例と間違った使い方
CloudFront最近の事例と間違った使い方CloudFront最近の事例と間違った使い方
CloudFront最近の事例と間違った使い方
 
AWS初心者向けWebinar AWSとのネットワーク接続入門
AWS初心者向けWebinar AWSとのネットワーク接続入門AWS初心者向けWebinar AWSとのネットワーク接続入門
AWS初心者向けWebinar AWSとのネットワーク接続入門
 
Mobage を支える Ruby の技術 ~ 複数DB編 ~
Mobage を支える Ruby の技術 ~ 複数DB編 ~Mobage を支える Ruby の技術 ~ 複数DB編 ~
Mobage を支える Ruby の技術 ~ 複数DB編 ~
 
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design Pattern
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design PatternAWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design Pattern
AWS Black Belt Online Seminar 2018 Amazon DynamoDB Advanced Design Pattern
 
はじめての Gatling
はじめての Gatlingはじめての Gatling
はじめての Gatling
 
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...
JPC2018[E4]Microsoft Azure ならこうする、こうできる! ~AWS 技術者向け 最新 Microsoft Azure サービス解説...
 
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...
 
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデート
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデートAmazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデート
Amazon Game Tech Night #25 ゲーム業界向け機械学習最新状況アップデート
 
AWSのログ管理ベストプラクティス
AWSのログ管理ベストプラクティスAWSのログ管理ベストプラクティス
AWSのログ管理ベストプラクティス
 
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...
AWS KMS 에서 제공하는 봉투암호화 방식의 암호화 및 사이닝 기능에 대한 소개와 실습 - 신은수, AWS 솔루션즈 아키텍트 :: AWS...
 
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス
[AWSマイスターシリーズ] リザーブドインスタンス&スポットインスタンス
 
AWS Black Belt Techシリーズ Amazon CloudFront
AWS Black Belt Techシリーズ Amazon CloudFrontAWS Black Belt Techシリーズ Amazon CloudFront
AWS Black Belt Techシリーズ Amazon CloudFront
 
DevOps with Database on AWS
DevOps with Database on AWSDevOps with Database on AWS
DevOps with Database on AWS
 
SG 09 Patrones de Integración Empresarial Apache Camel
SG 09 Patrones de Integración Empresarial Apache CamelSG 09 Patrones de Integración Empresarial Apache Camel
SG 09 Patrones de Integración Empresarial Apache Camel
 
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策
[AWS初心者向けWebinar] 利用者が実施するAWS上でのセキュリティ対策
 
AWS Black Belt Online Seminar 2017 Amazon Connect
AWS Black Belt Online Seminar 2017 Amazon ConnectAWS Black Belt Online Seminar 2017 Amazon Connect
AWS Black Belt Online Seminar 2017 Amazon Connect
 
VMware Cloud on AWS POC テストケース
VMware Cloud on AWS POC テストケースVMware Cloud on AWS POC テストケース
VMware Cloud on AWS POC テストケース
 
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
 
Dockerからcontainerdへの移行
Dockerからcontainerdへの移行Dockerからcontainerdへの移行
Dockerからcontainerdへの移行
 

Viewers also liked

Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Felix Gessert
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeAcademy
 
Building a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containersBuilding a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containersaslomibm
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerAnanth Padmanabhan
 
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeAcademy
 
Monitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsMonitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsAnanth Padmanabhan
 
Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Adrien Blind
 
FOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platformFOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platformAndrew Nagy
 
Making Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and MeteredMaking Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and MeteredPaul Fremantle
 
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible
 
Monitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized ApplicationMonitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized ApplicationRahul Krishna Upadhyaya
 
Pachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with DockerPachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with DockerJoseph Zwicker
 
What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.Rahul Krishna Upadhyaya
 
Federated mesos clusters for global data center designs
Federated mesos clusters for global data center designsFederated mesos clusters for global data center designs
Federated mesos clusters for global data center designsKrishna-Kumar
 
Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)Imesh Gunaratne
 
Dalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PADalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PAMaria Cristina Lavazza
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...festival ICT 2016
 
VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016Andrew Nagy
 

Viewers also liked (20)

Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant Kubernetes
 
Building a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containersBuilding a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containers
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using docker
 
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
 
Monitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsMonitoring docker container and dockerized applications
Monitoring docker container and dockerized applications
 
Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?
 
FOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platformFOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platform
 
Making Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and MeteredMaking Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and Metered
 
Docker. General overview
Docker. General overviewDocker. General overview
Docker. General overview
 
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
 
Monitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized ApplicationMonitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized Application
 
Pachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with DockerPachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with Docker
 
What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.
 
Federated mesos clusters for global data center designs
Federated mesos clusters for global data center designsFederated mesos clusters for global data center designs
Federated mesos clusters for global data center designs
 
Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)
 
Dalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PADalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PA
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
 
Big Data Applications
Big Data ApplicationsBig Data Applications
Big Data Applications
 
VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016
 

Similar to Multi tenancy for docker

Docker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + KubernetesDocker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + KubernetesThomas Barlow
 
Docker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker, Inc.
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in Dockerdocker-athens
 
Getting started with google kubernetes engine
Getting started with google kubernetes engineGetting started with google kubernetes engine
Getting started with google kubernetes engineShreya Pohekar
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaRoman Dembitsky
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Edureka!
 
Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technologyFrank Victory
 
Attacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisAttacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisOWASP Hacker Thursday
 
CONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptxCONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptxSanjuGamesphere
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Docker, Inc.
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 RecapLee Calcote
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionKyunghun Jeon
 
Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018Patrick Chanezon
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsPatrick Chanezon
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHansFarroCastillo1
 
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...Alexey Bokov
 

Similar to Multi tenancy for docker (20)

Docker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + KubernetesDocker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
 
Docker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup Slides
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in Docker
 
Getting started with google kubernetes engine
Getting started with google kubernetes engineGetting started with google kubernetes engine
Getting started with google kubernetes engine
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 Barcelona
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
 
Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technology
 
Attacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisAttacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin Jois
 
CONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptxCONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptx
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker Introduction
 
Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
 
Kubernetes integration with ODL
Kubernetes integration with ODLKubernetes integration with ODL
Kubernetes integration with ODL
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptx
 
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
 
Flocker
FlockerFlocker
Flocker
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Multi tenancy for docker

  • 1. Multi-tenancy for Docker Containers with Keystone Satya Routray, Rahul Upadhyay Anantha Padmanabhan CB, Meenakshi Lakshmanan 27, Apr 2016
  • 2. Current authorization mechanism  Username / Password based authentication  Allows user to run any docker command  Or view all provisioned containers  No limit on number of containers / resources used
  • 3. Why multitenancy?  We can use standalone Keystone to provide multitenancy to Docker.  Multitenancy allows users to view/manage only the containers they provisioned  Enables Role Based Access Control (RBAC)  Enables administrator to specify quota – pay as you go model  Can utilize Keystone’s ability to support multiple backend domains  Single sign-on and Hierarchical multitenancy  Not only users-to-container authorization, but also service-to-service authorization that are running across different containers
  • 4. Keystone services • Identity – Credential validation • Resources – Data about Projects and Domains • Assignment - Roles and Roles-to-Resource assignments • Token – Manages tokens • Catalog – Registry of services and end points • Policy – Rule based authorization
  • 5. Authentication mechanisms UUID Tokens • UUID • Persistent PKI & PKIZ Tokens (From Grizzly) • Public Key Infrastructure – Certificate based • More informative payload but size is huge • Persistent Fernet Tokens (From Juno) • Non-persistent & Symmetric key encryption • 85% faster than UUID and 89% faster than PKI
  • 6. UUID tokens Client API Token Token Generation User/Pass Verify/Generate/Store UUID Send User/Pass Cache UUID locally UUID Cache UUID Keystone Backend API Call Validation Request Send API request+UUID Request UUID Extract UUID from Request UUID Check UUID and expiry date Valid? Process Request Reject Request 2xx HTTP 4xx HTTP Update Req. status Display Req. Error Yes No API Call Validation response
  • 8. What is Docker • Enables you to package an application with all its dependencies into a standardized unit • Docker separates applications from infrastructure using container technology Similar to how VMs separate the operating system from bare metal • Runs the same regardless of the environment Build Ship Run
  • 9. Docker – Key Components • Docker Demon • Docker API • Cli Used to interact with Daemon • Docker Engine, (Constitutes of all the above) • Docker Machine – bring up Docker Swarm • Docker Swarm – Native clustering for Docker
  • 10. Multitenant Cluster Multi-Tenant Swarm C1 C2 C3 C4 Tenant1 Tenant4Tenant3Tenant2 Keystone C1 C2 C3 C4 H1 H2 User Policy Resource Identity Catalog
  • 11. Multi-tenancy with keystone User keystoneDocker HostSwarm keystoneDocker HostSwarmUser Authenticate (User, Tenant, Password) Validate and generate token Token Update config.json with token and tenant ID Docker –H swarm url <docker CMD> List tenants List tenant to which token has access Check keystone’s tenant list for user’s tenant Ensure that Tenants are isolated from each other, Each tenant can only manage and link to their own container Docker <Docker cmd>
  • 12. Timelines and future work • Implementation of keystone support – In progress • Explore fernet tokens and include support for the same • Provide isolated tenant networking capabilities • Provide a framework for dockerized applications to use the multitenancy seamlessly
  • 13. Connect with us… • Satya Routray (engg.sanj@gmail.com) • Rahul Upadhyay (rahuupad@cisco.com) • Anantha Padmanabhan CB (cbpadman@cisco.com) • Meenakshi Lakshmanan (mlakshma@cisco.com)
  • 14. References • Identity, Authentication & Access Management in OpenStack – Implementing and Deploying Keystone - Steve Martinelli, Henry Nash & Brad Topol • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/ • http://dolphm.com/the-anatomy-of-openstack-keystone-token-formats/ • https://docs.docker.com/swarm/ • https://docs.docker.com/machine/drivers/openstack/ • https://wiki.openstack.org/wiki/Keystone • http://docs.openstack.org/developer/keystone/ • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/
  • 15. Q&A