Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

What's New in Docker - February 2017

1,201 views

Published on

Docker CaaS, what's new in february 2017: Docker 1.13, DDC

Published in: Software
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... ,DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

What's New in Docker - February 2017

  1. 1. Patrick Chanezon, Docker Inc. @chanezon Container as a Service with Docker February 2017
  2. 2. French Polyglot Platforms Software Plumber San Francisco Developer Relations @chanezon
  3. 3. 1995 2015
  4. 4. PublicHybridPrivate Ops Devops Developers
  5. 5. Linux Container Ecosystem flockerglusterfs weavecalicomidokuracisconuage Cloud OS Plugins Orchestration
  6. 6. Agility
  7. 7. Agile methodologies (circa 1999)
  8. 8. Low MTBIAMSH MTBIAMSH (Mean Time Between Idea And Making Stuff Happen)
  9. 9. Agility == $$
  10. 10. Devops
  11. 11. 25 Mainframe
  12. 12. Client-Server 26
  13. 13. 27 Web
  14. 14. 28 Cloud - Devops
  15. 15. Devops • Cultural movement • Inspired by agile methods • People, Processes & Tools • Continuous delivery • Infrastructure as code • Cross silo collaboration • Small iterations • Feedback loop, measurement Image from Patrick Debois http://www.slideshare.net/jedi4ever/devops-the-war-is-over-if-you-want-it http://www.slideshare.net/jedi4ever/devopsdays-downundervfinal
  16. 16. Devops: singing Kumbaya?
  17. 17. 28 http://highscalability.com/blog/2013/11/19/we-finally-cracked-the-10k-problem-this-time-for-managing-se.html Server/Sysadmin 1999: 5(Windows) - 50 (Linux) 2015: 10k-20k x2000
  18. 18. 28 https://blog.docker.com/2014/12/dockercon-europe-keynote-continuous-delivery-in-the-enterprise-by-henk-kolk-ing/ Henk Kolk, ING, DockerCon EU 2014 People, Processes, Products deployment time: 9 months -> 15 min 1500 deployments/week
  19. 19. Docker
  20. 20. The world needs tools of mass innovation
  21. 21. A programmable Internet would be the ultimate tool of mass innovation
  22. 22. A commercial product, built on a development platform, built on infrastructure, built on standards. Docker is building a stack to program the Internet
  23. 23. Isolation using Linux kernel features namespaces  pid  mnt  net  uts  ipc  user cgroups  memory  cpu  blkio  devices
  24. 24. Image layers
  25. 25. Dockerfile FROM java:8 MAINTAINER Patrick Chanezon <patrick@chanezon.com> EXPOSE 8080 COPY spring-doge/target/*.jar /usr/src/spring-doge/spring- doge.jar WORKDIR /usr/src/spring-doge CMD java -Dserver.port=8080 - Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar HEALTHCHECK --interval=5m --timeout=3s --retries=3 CMD curl -f http://localhost:8080/ || exit 1
  26. 26. Using Docker to compile your jar/war https://registry.hub.docker.com/_/maven/ docker run -it --rm -v $PWD:/usr/src/spring-doge -v maven:/root/.m2 -w /usr/src/spring-doge maven:3.3-jdk-8 mvn package
  27. 27. Build an image docker build -t chanezon/spring-doge . FROM java:8 MAINTAINER Patrick Chanezon <patrick@chanezon.com> EXPOSE 8080 COPY spring-doge/target/*.jar /usr/src/spring-doge/spring- doge.jar WORKDIR /usr/src/spring-doge CMD java -Dserver.port=8080 - Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar HEALTHCHECK --interval=5m --timeout=3s --retries=3 CMD curl -f http://localhost:8080/ || exit 1
  28. 28. Analyzing images docker images java docker history java:8
  29. 29. Run a container docker run —env MONGODB_URI=mongodb://mongo:27017/test -p 8090:8080 chanezon/spring-doge
  30. 30. docker-compose: running multiple containers  Run your stack with one command: docker-compose up  Describe your stack with one file: docker-compose.yml version: '2' services: web: image: chanezon/spring-doge ports: - "8080:8080" links: ["mongo"] environment: - MONGODB_URI=mongodb://mongo:27017/test mongo: image: mongo
  31. 31. docker stack deploy  Deploy your stack with one command: docker stack deploy  Describe your stack with one file: docker-compose.yml version: '3' services: web: image: chanezon/spring-doge ports: - "8004:8080" environment: - MONGODB_URI=mongodb://mongo:27017/test depends_on: - mongo deploy: replicas: 2 update_config: parallelism: 2 delay: 10s restart_policy: condition: on-failure mongo: image: mongo
  32. 32. Demo
  33. 33. • Spring Boot, Spring Data • AngularJS front-end • docker 1.12 • compose 1.8.1 Spring Boot App using MongoDB https://github.com/joshlong/spring-doge https://github.com/chanezon/docker-tips/ https://github.com/chanezon/spring-doge
  34. 34. Docker Java Labs https://github.com/docker/labs/tree/master/developer-tools/ • Wildfly and Couchbase J2EE App • Debugging a Java app in Docker using Eclipse
  35. 35. What’s New?
  36. 36. 1. Developer experience
  37. 37. 1. Get out of the way The best tools… 2. Adapt to you 3. Make the powerful simple
  38. 38. Docker for Mac Docker for Windows
  39. 39. 2. Orchestration
  40. 40. ng the best way to orchestrate Docke Docker 1.12: now with orchestration built-in.
  41. 41. Swarm mode Service API Cryptographic node identity Built-in routing mesh Docker 1.12: now with orchestration built-in.
  42. 42. Using the beta? You already have 1.12 installed. > docker swarm init > docker service create
  43. 43. 3. Ops experience
  44. 44. Deep integration with native load-balancers, templates, SSH keys, ACLs, scaling groups, firewall rules…
  45. 45. Docker & Microsoft • Build • Docker Toolbox & Kitematic for Windows • Docker for Windows beta • Docker engine on Windows Server 2016 TP4 • yo-docker to dockerize existing projects • Visual Studio Docker Tools • Ship • VSTS extension for Docker beta • Run • Azure Docker agent • ACS • Docker datacenter on Azure ARM template
  46. 46. Docker Store
  47. 47. What’s New in Docker 1.13 • Compose file support for Swarm mode service deployment • docker stack deploy --compose-file=docker-compose.yml my_stack • System commands • docker system df • docker system prune • Monitoring • docker service logs • Prometheus experiment endpoint • Build • docker build —squash • CPU management —cpus 2.5 • Docker for AWS & Azure GA
  48. 48. Docker CaaS
  49. 49. XaaS Pyramid Platform As A Service Infrastructure As A Service Software As A Service
  50. 50. 5 Goldilocks and the 3 XaaS Just rightToo highToo low IaaS PaaS CaaS
  51. 51. 5 Goldilocks and the 3 XaaS Platform As A Service Infrastructure As A Service Software As A Service Too high Too low Just right Container As A Service
  52. 52. Example “- When do you guys support FORT - Sorry it’s not supported by Cloud F
  53. 53. Goals + + Agility Portability Control
  54. 54. BUILD Development Environments SHIP Registry: Secure Content & Collaboration RUN Control Plane: Deploy, Orchestrate, Manage, Scale Networking Volumes MonitoringLoggingConfig MgtCI/CD IT Operations Developers IT Operations Docker CaaS Workflow
  55. 55. Docker Universal Control Plane Integrated Security Docker Engine Container runtime, orchestration, networking, volumes, plugins Docker Trusted Registry Operating Systems Config Mgt Monitoring LoggingCI/CD ..more..Images Networking Volumes VirtualizationPublic Cloud Physical Docker Datacenter Docker Datacenter platform
  56. 56. Usable Security Secure defaults with tooling that is native to both dev and ops The Key Components of Container Security 63 Infrastructure Independent Trusted Delivery Safer Apps Everything needed for a full functioning app is delivered safely and guaranteed to not be tampered with All of these things in your system are in the app platform and can move across infrastructure without disrupting the app + + =
  57. 57. Usable Security Integrated Security with Docker Datacenter 64 Infrastructure Independent Trusted Delivery Safer Apps Image Scanning TLS Encryption Encryption at Rest App Secrets Image Signing & Verification Public CloudVirtualizationPhysical Users & RBAC Dev/Ops Workflow + + = Secure by default runtime
  58. 58. Docker Universal Control Plane
  59. 59. UCP Permission Model
  60. 60. What’s New in Docker Datacenter
  61. 61. What’s New in Docker Datacenter on Docker 1.13 Application Services Content Trust and Distribution Platform Enhancements • Secrets Management • HTTP Routing Mesh (GA) • Docker Compose for Services • Access control for Secrets and Volumes • Image Content Cache • On premises image security scanning and vulnerability monitoring • Registry Webhooks • DTR install command from UI • UI Enhancements • Additional LDAP configs • Templates for AWS, Azure
  62. 62. Integrated Secrets Management 69 WorkerWorker Manager Internal Distributed Store Raft Consensus Group ManagerManager Worker External App Web UI • Management – Admins can add/remove/list/update secrets in the cluster – Exposed to a container via a ”/secrets” tmpfs volume • Authorization – Tag secrets to a specific service – Admins can authorize secrets access to users/teams via RBAC • Rotation – Use GUI to update a secret to all containers in a service • Auditing – Each user request for secret access logged in cluster for auditing
  63. 63. Security Scanning: Get a full BOM for a Docker Image
  64. 64. 71 Security Scanning: Vulnerabilities and Licensing for Each Component
  65. 65. Security Scanning: Set Automated Policy for Scanning
  66. 66. Security Scanning: Online and Offline Updates
  67. 67. Compose for Services • Deploy stacks (services, volumes, networks, secrets) using new Compose file v3.1 format • Manage and monitor stacks directly from UCP UI
  68. 68. Built in HTTP Routing Mesh (Now GA!) • Extend TCP routing mesh to HTTP hostname routing for services • HTTPS support via SNI protocol • Support for multiple HRM networks for enhanced app isolation • External LB routes hostnames to nodes • Can add hostname routing via UI • Non-service containers continue to use Interlock ref arch WorkerWorkerWorker External Load Balancer Traffic via DNS (http to port 80 or other) Foo.com Bar.com Qux.com R RR
  69. 69. Docker Use Cases
  70. 70. Docker users already running in production 60% Docker in Production Docker Survey: State of Applications Q1 2016 Cluster HQ: State of Container Usage June 2016 Companies running container technology in production (500+ employees)
  71. 71. Across the Enterprise HealthcareMedia Financial Services …And More E-commerce / Consumer Services TechGovernment
  72. 72. Docker Enabling Critical Transformations 80% Docker is central to cloud strategy Docker Survey: State of App development : Q1 - 2016 3 out 4 Top initiatives revolve around applications 44% Looking to adopt DevOps App Modernization DevOpsCloud
  73. 73. The Data Shows Hybrid Infrastructure and Applications 2016 Docker Use Cases Docker Survey: State of App development : Q1 - 2016 Docker Workloads
  74. 74. • Spring Boot, MongoDB, compose, swarm, networking • https://github.com/joshlong/spring-doge • https://github.com/chanezon/docker-tips/orchestration-networking • Java EE 7 / Angular App with Docker Swarm by @mgreau Compose for build and deploy, Wildfly, Apache, Angular, Mysql, Redis, batch and API apps • https://github.com/mgreau/docker4dev-tennistour-app • Java EE Docker & Kubernetes by @arun-gupta • https://github.com/javaee-samples/docker-java Java Examples
  75. 75. THANK YOU

×