SlideShare una empresa de Scribd logo

Dockercon 2015 Recap

E
ehazlett

Dockercon 2015 Recap from Docker Indianapolis Meetup

Tecnología
1 de 20
Descargar para leer sin conexión
Dockercon Recap Evan Hazlett @ehazlett
Dockercon: Announcements • Docker in Production • Security • Networking and Plugins • RunC • Docker Release 1.7 • OpenContainer Project
Docker in Production • Tremendous Community & Partner Ecosystem • Extensible and Pluggable • Roadmap • Security • Orchestration • Networking and Storage • Deployment and Management Workflows
Security • Least Privilege Microservices • Service Profiles: access to only resources needed (API, etc) • Process Monitoring • Fine-grained Access Control • Namespaces • Cgroups • Linux Security Modules (AppArmor, SELinux) • Per container ulimit • User namespaces (remap root coming in 1.8) • Seccomp: syscall filtering (coming)
Security (cont.) • DockerBench: Security Benchmark Tool • https://github.com/docker/docker-bench-security • Notary: Secure Content Distribution • https://github.com/docker/notary
Networking and Plugins
Networking • Multi-host networking out of the box • Builtin Micro Segmentation • Create Virtual Networks of any Topology • Enforce Security Policies • Probes and Firewalls • Built on industry standards • Standardized Service Discovery • API (coming)
Plugins • Initial Extension Points • Network • Volume • Scheduler • Service Discovery • ...more to come
RunC
RunC • Universal Container Runtime • Docker’s Container Management; nothing else • Lightweight • Battle Tested and Production Ready • Supports selinux, apparmor, cgroups, seccomp, namespaces • User namespaces • Live Migration • Microsoft contributing Windows support • Arm support coming • https://runc.io
Docker Release 1.7
Docker Engine 1.7 • Experimental Binary • Built and distributed nightly • Bleeding edge features • Initial Experimental Features • New networking • Network Plugins • Volume Plugins
Docker Engine 1.7 (cont.) • Network Stack • libnetwork: new API for container networking • https://github.com/docker/libnetwork • Disable userland proxy • Huge performance for port publishing • ZFS driver • Build Quota: docker build --cpu-quota • Build Branch: docker build https://github.com/user/repo#branch
Docker Machine 0.3 • Generic Driver • Provision any host with SSH • Exoscale Driver • Specify custom Engine and Swarm options • Swarm Provisioning out of experimental • Specify custom Engine and Swarm Versions
Docker Swarm 0.3 • Multi-tenancy • Leader Election and Replication (experimental); requires external service discovery • Node Removal • Mesos Integration • Improved Builtin Scheduler • Better Docker Remote API Parity • docker load • docker build • docker save
Docker Compose 1.3.0 • Performance and stability • More config option support for Engine • New feature (experimental): Smart Recreate • Only recreate containers whose configuration has changed • docker-compose up -x-smart-recreate • Will become default
OpenContainer Project
OpenContainer Project • OCF: universal intermediary format for OS containers • Docker dontated RunC to Open Container Project • RunC is the OCF reference implementation • Founding Members:
Thank You! ● Notary: https://github.com/docker/notary ● DockerBench: http://dockerbench.com ● Engine: https://github.com/docker/docker ● Machine: https://github.com/docker/machine ● Swarm: https://github.com/docker/swarm ● Compose: https://github.com/docker/compose ● RunC: https://github.com/opencontainers/runc ● Network: https://github.com/docker/libnetwork ● OpenContainer Project: http://opencontainers.org
Thank you! Evan Hazlett @ehazlett

Recomendados

Introduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore MeetupIntroduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore Meetup
Ajeet Singh Raina
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Michelle Antebi
 
Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0
Anshul Patel
 
Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker Online Meetup #30: Docker Trusted Registry 1.4.1Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker, Inc.
 
Docker Security and Content Trust
Docker Security and Content TrustDocker Security and Content Trust
Docker Security and Content Trust
ehazlett
 
Unikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOSUnikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOS
Docker, Inc.
 
DockerCon 2016 Recap
DockerCon 2016 RecapDockerCon 2016 Recap
DockerCon 2016 Recap
ehazlett
 
Docker
DockerDocker
Docker
Anil Wadghule
 

Recomendados

Introduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore MeetupIntroduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore Meetup
Ajeet Singh Raina
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Michelle Antebi
 
Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0
Anshul Patel
 
Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker Online Meetup #30: Docker Trusted Registry 1.4.1Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker, Inc.
 
Docker Security and Content Trust
Docker Security and Content TrustDocker Security and Content Trust
Docker Security and Content Trust
ehazlett
 
Unikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOSUnikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOS
Docker, Inc.
 
DockerCon 2016 Recap
DockerCon 2016 RecapDockerCon 2016 Recap
DockerCon 2016 Recap
ehazlett
 
Docker
DockerDocker
Docker
Anil Wadghule
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
Rohman Muhamad
 
DockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developersDockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developers
Docker-Hanoi
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notes
Sreenivas Makam
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 
DockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring DockerDockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring Docker
Docker, Inc.
 
DockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep DiveDockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep Dive
Docker, Inc.
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKit
Docker, Inc.
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
Sreenivas Makam
 
Swarm docker bangalore_meetup
Swarm docker bangalore_meetupSwarm docker bangalore_meetup
Swarm docker bangalore_meetup
Arunan Rabindran
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
Docker, Inc.
 
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache StratosContainers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Lakmal Warusawithana
 
K8s security best practices
K8s security best practicesK8s security best practices
K8s security best practices
Sharon Vendrov
 
DockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker Security
Docker, Inc.
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and Docker
Docker, Inc.
 
DockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life ObservationsDockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life Observations
Docker, Inc.
 
Fluentd and docker monitoring
Fluentd and docker monitoringFluentd and docker monitoring
Fluentd and docker monitoring
Vinay Krishna
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
Docker practical solutions
Docker practical solutionsDocker practical solutions
Docker practical solutions
Kesav Kumar Kolla
 
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
Docker, Inc.
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and PluginsDockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
Arnaud Porterie
 
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM France Lab
 
DockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout Session
Docker, Inc.
 

Más contenido relacionado

La actualidad más candente

DockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep DiveDockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep Dive
Docker, Inc.
 
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache StratosContainers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Lakmal Warusawithana
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and Docker
Docker, Inc.
 

La actualidad más candente (20)

An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
 
DockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developersDockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developers
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notes
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
 
DockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring DockerDockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring Docker
 
DockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep DiveDockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep Dive
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKit
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
 
Swarm docker bangalore_meetup
Swarm docker bangalore_meetupSwarm docker bangalore_meetup
Swarm docker bangalore_meetup
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
 
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache StratosContainers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
 
K8s security best practices
K8s security best practicesK8s security best practices
K8s security best practices
 
DockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker Security
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and Docker
 
DockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life ObservationsDockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life Observations
 
Fluentd and docker monitoring
Fluentd and docker monitoringFluentd and docker monitoring
Fluentd and docker monitoring
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKit
 
Docker practical solutions
Docker practical solutionsDocker practical solutions
Docker practical solutions
 
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and PluginsDockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
 

Similar a Dockercon 2015 Recap

IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM France Lab
 
Docker
DockerDocker
Docker
Codeister Technolgoies
 
Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA
Docker, Inc.
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond
Black Duck by Synopsys
 

Similar a Dockercon 2015 Recap (20)

IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
 
DockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout Session
 
DockerCon US 2015 - Engine Breakout Session
DockerCon US 2015 - Engine Breakout SessionDockerCon US 2015 - Engine Breakout Session
DockerCon US 2015 - Engine Breakout Session
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container Security
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 Barcelona
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Adf with docker
Adf with dockerAdf with docker
Adf with docker
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introduction
 
Best Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBest Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker Containers
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
 
Docker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSDocker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCS
 
Docker Basics
Docker BasicsDocker Basics
Docker Basics
 
Docker
DockerDocker
Docker
 
Containers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesContainers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to Kubernetes
 
Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond
 
A Tail of Two Containers: How docker made ci great again
A Tail of Two Containers: How docker made ci great againA Tail of Two Containers: How docker made ci great again
A Tail of Two Containers: How docker made ci great again
 

Último

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 

Dockercon 2015 Recap

  • 2. Dockercon: Announcements • Docker in Production • Security • Networking and Plugins • RunC • Docker Release 1.7 • OpenContainer Project
  • 3. Docker in Production • Tremendous Community & Partner Ecosystem • Extensible and Pluggable • Roadmap • Security • Orchestration • Networking and Storage • Deployment and Management Workflows
  • 4. Security • Least Privilege Microservices • Service Profiles: access to only resources needed (API, etc) • Process Monitoring • Fine-grained Access Control • Namespaces • Cgroups • Linux Security Modules (AppArmor, SELinux) • Per container ulimit • User namespaces (remap root coming in 1.8) • Seccomp: syscall filtering (coming)
  • 5. Security (cont.) • DockerBench: Security Benchmark Tool • https://github.com/docker/docker-bench-security • Notary: Secure Content Distribution • https://github.com/docker/notary
  • 7. Networking • Multi-host networking out of the box • Builtin Micro Segmentation • Create Virtual Networks of any Topology • Enforce Security Policies • Probes and Firewalls • Built on industry standards • Standardized Service Discovery • API (coming)
  • 8. Plugins • Initial Extension Points • Network • Volume • Scheduler • Service Discovery • ...more to come
  • 10. RunC • Universal Container Runtime • Docker’s Container Management; nothing else • Lightweight • Battle Tested and Production Ready • Supports selinux, apparmor, cgroups, seccomp, namespaces • User namespaces • Live Migration • Microsoft contributing Windows support • Arm support coming • https://runc.io
  • 12. Docker Engine 1.7 • Experimental Binary • Built and distributed nightly • Bleeding edge features • Initial Experimental Features • New networking • Network Plugins • Volume Plugins
  • 13. Docker Engine 1.7 (cont.) • Network Stack • libnetwork: new API for container networking • https://github.com/docker/libnetwork • Disable userland proxy • Huge performance for port publishing • ZFS driver • Build Quota: docker build --cpu-quota • Build Branch: docker build https://github.com/user/repo#branch
  • 14. Docker Machine 0.3 • Generic Driver • Provision any host with SSH • Exoscale Driver • Specify custom Engine and Swarm options • Swarm Provisioning out of experimental • Specify custom Engine and Swarm Versions
  • 15. Docker Swarm 0.3 • Multi-tenancy • Leader Election and Replication (experimental); requires external service discovery • Node Removal • Mesos Integration • Improved Builtin Scheduler • Better Docker Remote API Parity • docker load • docker build • docker save
  • 16. Docker Compose 1.3.0 • Performance and stability • More config option support for Engine • New feature (experimental): Smart Recreate • Only recreate containers whose configuration has changed • docker-compose up -x-smart-recreate • Will become default
  • 18. OpenContainer Project • OCF: universal intermediary format for OS containers • Docker dontated RunC to Open Container Project • RunC is the OCF reference implementation • Founding Members:
  • 19. Thank You! ● Notary: https://github.com/docker/notary ● DockerBench: http://dockerbench.com ● Engine: https://github.com/docker/docker ● Machine: https://github.com/docker/machine ● Swarm: https://github.com/docker/swarm ● Compose: https://github.com/docker/compose ● RunC: https://github.com/opencontainers/runc ● Network: https://github.com/docker/libnetwork ● OpenContainer Project: http://opencontainers.org