Containers for Non-Developers

•

2 recomendaciones•862 vistas

Containers are a developer's new best friend. For all the non-developers, what does this mean? This session will demystify this abstraction called containers, and dive deep on how it changes the way we provision, deliver, deploy and manage applications. Speaker: Shiva Narayanaswamy, Solutions Architect, Amazon Web Services

Tecnología

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Shiva Narayanaswamy, Solutions Architect
September 2016
Containers for Non-Developers

Containerised Microservices
Dom 0
Instance Instance Instance
OS OS OS
Container Runtime Container Runtime Container Runtime
App App
Service Service
App App
Service Service
App App
Service Service

Container Orchestration
Dom 0
Instance Instance Instance
OS OS OS
Container Runtime Container Runtime Container Runtime
App Service App App Service Service
Container Orchestration

Container Orchestration
Dom 0
Instance/OS Instance/OS Instance/OS
App Service App App Service Service
Service Management
Scheduling
Resource Management
Orchestration
Service Management
§Labels
§Groups/Namespaces
§Dependencies
§Load Balancing
§Health Check
§Service Discovery

Non Functional Capabilities
Scalability
Performance, Responsiveness, Efficiency
Availability
Fault Tolerance, Reliability, DR
Flexibility
Extensibility, Portability, Interoperability
Usability
Familiarity, Debuggability, Maintainability
Portability
Container Runtime, Host OS, Cloud Provider, On-prem
Security
Isolation, Encryption, Secrets Management, Auditability

In NO Particular Order
[ ] Schedulers and Orchestration
[ ] Networking
[ ] Security
[ ] Operating Systems
[ ] Storage
[ ] Monitoring

Schedulers – General Blurb
Cluster
Machines
Cluster State
Information
Monolothic Two-Level Shared State
No Concurrency Pessimistic
Concurrency
(offers)
Optimistic
Concurrency
(transactions)
Scheduling Logic

Docker
Task
Container Instance
Amazon
ECS
Container
ECS Agent
ELB
Internet
ELB
User /
Scheduler
API
Cluster Management Engine
Task
Container
Docker
Task
Container Instance
Container
ECS Agent
Task
Container
Docker
Task
Container Instance
Container
ECS Agent
Task
Container
AZ 1 AZ 2
Key/Value Store
Agent Communication Service
ECS

Container Networking
Dom 0
Instance Instance Instance
OS OS OS
Container Runtime Container Runtime Container Runtime
Container Container Container Container Container Container

Overlay all of the Thingz
• Flannel
• Calico
• WeaveNet
• Swarm Mode

Security Pro-Tips
§ Host Security
§ Lock it down
§ Namespaces and cgroups are your friends
§ Select few belong to docker UNIX group
§ SELinux is also your friend
§ Docker daemon runs as root!
§ Docker Daemon Security
§ Do not run in privileged mode
§ Lock down inter container comms –icc=false
§ Secure APIs with TLS certificates

Whale-Say
"Only trusted users should be allowed to control your Docker daemon"
“If you run Docker on a server, it is recommended to run exclusively Docker
in the server, and move all other services within containers controlled by
Docker”

IMAGE REGISTRY
CI/CD
DEPLOYMENT SYSTEM
SOURCE
CODE REPO
SECURITY
SCANNING
CONTINUOUS
ASSURANCE
Pull latest
signed image
Commit Code
Trigger Build
Push signed
image
Pull latest
stable signed
image
DEVELOPER
Workflow

More Prescriptive Advice Here…
https://benchmarks.cisecurity.org/tools2/docker/CIS_
Docker_1.11.0_Benchmark_v1.0.0.pdf

Micro OS
CoreOS
RancherOS
Ubuntu Snappy
RedHat Atom
VmWare Photon
ECS Optimized Amazon Linux
RedHat
Atomic
VmWare
Photon
Ubuntu
Snappy
CoreOS RancherOS
395 MB
317 MB
215 MB
20 MB
150 MB

Persistent Storage
§ POSIX is legacy filesystem. So don’t!
§ Named volumes
§ Data only container
§ Flocker
§ Shared file system (EFS, GlusterFS etc.)

Monitoring and Operating
Monitoring systems need to be more available and scalable than the systems (and services) being monitored
~ Adrian Cockroft

Más contenido relacionado

La actualidad más candente

As software teams transition to cloud-based architectures and adopt more agile processes, the tools they need to support their development cycles will change. In this session, we'll take you through the transition that Amazon made to a service-oriented architecture over a decade ago. We will share the lessons we learned, the processes we adopted, and the tools we built to increase both our agility and reliability. We will also introduce you to AWS CodeCommit, AWS CodePipeline, and AWS CodeDeploy, three new services born out of Amazon's internal DevOps.

DevOps in Amazon.com

Amazon Web Services

Continuous Delivery with Docker and Amazon ECS

Amazon Web Services

Introduction to Docker on AWS

Amazon Web Services

Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances for fault tolerance and load distribution. In this session, we go into detail about Elastic Load Balancing's configuration and day-to-day management, as well as its use in conjunction with Auto Scaling. We explain how to make decisions about the service and share best practices and useful tips for success.

Deep Dive on Elastic Load Balancing

Amazon Web Services

Containers have had an incredibly large adoption rate since Docker was launched, especially from the developer community, as it provides an easy way to package, ship, and run applications. Securing your container-based application is now becoming a critical issue as applications move from development into production. In this session, you learn ways to implement storing secrets, distributing AWS privileges using IAM roles, protecting your container-based applications with vulnerability scans of container images, and incorporating automated checks into your continuous delivery workflow.

AWS re:Invent 2016: Securing Container-Based Applications (CON402)

Amazon Web Services

At Capital One, we are using Docker and container technologies to advance microservices adoption, increase efficiencies of cloud resources, and decouple the application layer from the underlying infrastructure. Capital One is a federated organization with a “you build it, you own it” culture that provides autonomy and speed for delivery teams. Each federated team runs and operates their container management stack. In order for the federated teams to accelerate their cloud and container-based apps adoption, we created self-service automation tools for creation and operations management of container management stack. In this session, we explore our push-button automation tool that includes capabilities such as the creation and management of Amazon ECS clusters, an Application Load Balancer for dynamic and context-based routing and provides a user interface via a Jenkins Job or a AWS Lambda function. Our tooling also includes a home-grown dynamic service discovery and routing for applications requiring two-way mutual SSL authentication. We talk through how Capital One regularly updates AMIs with the latest patches and software versions using an automated solution that leverages AWS Lambda to rehydrate the Amazon ECS compute cluster with the latest AMI without causing any downtime. We also discuss how we created a sophisticated canary deployment automation using AWS Lambda and application services, where users can specify how to migrate to a new version of containerized apps and manage the deployment. AWS empowers enterprise Docker deployment with Amazon ECS and an ecosystem of cloud services and serverless architectures, making containerization in mission-critical environments easier than ever.

AWS re:Invent 2016: Operations Automation and Infrastructure Management with ...

Amazon Web Services

AWS is an elastic, secure, flexible, and developer-centric ecosystem that serves as an ideal platform for Docker deployments. AWS offers the scalable infrastructure, APIs, and SDKs that integrate tightly into a development lifecycle and accentuate the benefits of the lightweight and portable containers that Docker offers to its users. This session familiarizes you with the benefits of containers, introduce Amazon EC2 Container Service, and demonstrates how to use Amazon ECS to run containerized applications at scale in production.

Getting Started with Docker on AWS

Amazon Web Services

Amazon AppStream 2.0 is an application streaming service that provides users with instant access to their applications from anywhere, on any connected device. Delivering desktop apps from the cloud allows enterprises to manage user access easily and keep apps current; ISVs can reach more users across more devices. In this session, we cover best practices for streaming desktop applications from the AWS Cloud with Amazon AppStream 2.0, and show you how you can address advanced topics such as user authentication, security, and managing an application catalog.

AWS re:Invent 2016: Building SaaS Offerings for Desktop Apps with Amazon AppS...

Amazon Web Services

The days of manually managing infrastructure tasks are quickly coming to an end; businesses increasingly need their infrastructure teams to react with the same agility of their development teams. In this session, we discuss various approaches to infrastructure-as-code utilizing AWS solutions across the areas of templated infrastructure provisioning, configuration management, and policy as code. We invite you to bring your questions and join AWS Solutions Architects as we dive deeper into the concepts and best practices behind infrastructure-as-code.

AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)

Amazon Web Services

Continuous delivery and deployment on AWS

Shiva Narayanaswamy

Based on your specific needs and the nature of your application, AWS offers a variety of services for getting your application up and running. You may want to launch and scale a web application or you may want to host a microservices application using Docker containers. How do you decide which service to use and when? In this webinar, we will provide an overview of the AWS services that help simplify launching and running your application in the cloud. We will discuss the strengths of each service and provide a framework for understanding when to use them. Learning Objectives: Understand the primary services for deploying your application on AWS Learn the basics of AWS Elastic Beanstalk, AWS CodeDeploy, and Amazon EC2 Container Service Gain an understanding of the strengths of each service and when to use them Who Should Attend: Developers, DevOps Engineers, IT Professionals

AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS

Amazon Web Services

Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.

DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools

Amazon Web Services

Cloud adoption is driving digital business growth and enabling companies to shift to processes and practices that make innovation continual. As with any paradigm shift, cloud computing requires different rules and a different way of thinking. This presentation will highlight best practices to build and secure scalable systems in the cloud and capitalize on the cloud with confidence and clarity. In this session we will cover: Key market drivers and advantages for leveraging cloud architectures. Foundational design principles to guide strategy for securely leveraging the cloud. The “Defense in Depth” approach to building secure services in the cloud, whether it’s private, public, or hybrid. Real-world customer insights from organizations who have successfully adopted the ""Defense in Depth"" approach. Session sponsored by Sumo Logic.

(SEC202) Best Practices for Securely Leveraging the Cloud

Amazon Web Services

Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as the ECS CLI and Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for building and workflow orchestration; Amazon EC2 Container Registry to store your container images; and Amazon EC2 Container Service to manage and scale containers. In this session, you will learn how to build containers into your development workflow and orchestrate container deployments using Amazon ECS. You will hear how Okta runs 30,000 tests per developer commit and releases 10,000 new lines of code each week to production with a CI system based on 100% AWS services. We'll also discuss how Okta uses ECS for parallelized testing in CI and for production microservices in a multi-region, always on cloud service.

AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)

Amazon Web Services

Serverless Stream Processing with Bill Bejeck

confluent

AWS Serverless concepts and solutions

ElenaIvannikova3

在無伺服器架構下，各位不需管理基礎架構資源，即可製作及佈建應用程式與服務，以往得預留伺服器空間與規模，才能運作應用程式碼、安裝與操作分散式資料庫、製作與運作處理API 需求的客製化軟體，如今AWS提供具備規模彈性及充分管理的服務堆疊，省去各種營運複雜事項。本場次將說明無伺服器架構的優點，以及AWS提供的無伺服器堆疊基本內容，並介紹如何將無伺服器架構用於各種需求，如資料處理及行動與網路後端。

無伺服器架構和Containers on AWS入門

Amazon Web Services

AWS Innovate: Moving Microsoft .Net applications one container at a time - Da...

Amazon Web Services Korea

by Madhuri Peri, DevOps Consultant, AWS Professional Services Different containerized services have different needs. You may want to deploy containers to ensure availability, maximize resource utilization, or ensure data security. As you build and run production microservices based on containers, having powerful tools to manage the placement and scheduling of these workloads is critical. In this talk, we will focus on the capabilities of the Amazon EC2 Container Service task placement engine, options for task scheduling, and explore the use cases and construction of custom task schedulers. Level 300

Advanced Container Management and Scheduling

Amazon Web Services

Application Deployment on AWS - Startup Talks June 2015

Amazon Web Services

La actualidad más candente (20)

DevOps in Amazon.com

Continuous Delivery with Docker and Amazon ECS

Introduction to Docker on AWS

Deep Dive on Elastic Load Balancing

AWS re:Invent 2016: Securing Container-Based Applications (CON402)

AWS re:Invent 2016: Operations Automation and Infrastructure Management with ...

Getting Started with Docker on AWS

AWS re:Invent 2016: Building SaaS Offerings for Desktop Apps with Amazon AppS...

AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)

Continuous delivery and deployment on AWS

AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS

DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools

(SEC202) Best Practices for Securely Leveraging the Cloud

AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)

Serverless Stream Processing with Bill Bejeck

AWS Serverless concepts and solutions

無伺服器架構和Containers on AWS入門

AWS Innovate: Moving Microsoft .Net applications one container at a time - Da...

Advanced Container Management and Scheduling

Application Deployment on AWS - Startup Talks June 2015

Destacado

Docker is a runtime for Linux Containers. It enables "separation of concern" between devs and ops, and solves the "matrix from hell" of software deployment. This presentation explains it all! It also explains the role of the storage backend and compares the various backends available. It gives multiple recipes to build Docker images, including integration with configuration management software like Chef, Puppet, Salt, Ansible. If you already watched other Docker presentations, this is an actualized version (as of mid-November 2013) of the thing!

A Gentle Introduction To Docker And All Things Containers

Jérôme Petazzoni

Batch Applications for the Java Platform

Sivakumar Thyagarajan

Do We Need Containers Anyway?

Dmitry Buzdin

Container Orchestration @Docker Meetup Hamburg

Timo Derstappen

Java EE 01-Servlets and Containers

Fernando Gil

As enterprises seek to fully realize the scalability, availability, security, and agility of cloud computing, many are learning that they must migrate core business applications, such finance and human resource systems, not just public-facing websites. The University of Arizona shares how they addressed the challenge of creating a more efficient and agile IT operation. After initial success in migrating their Research Administration system, UA became the first major university to migrate their PeopleSoft application environments—Learning (EL), Human Resources (HR), and Student (SA)—to AWS. Learn about the university's enterprise migration roadmap, lessons learned, plans and budgets, and the tools available to support major enterprise migrations. See how to create a roadmap to cloud computing, transform application development, deploy mission-critical workloads at scale, and retrain staff.

AWS re:Invent 2016: The Cloud Is Enterprise Ready: How the University of Ariz...

Amazon Web Services

Machine learning advanced applications

Kaniska Mandal

The OS kernel is critical to the security of a computer system. Many systems have been proposed to improve its security. A fundamental weakness of those systems is that page tables, the data structures that control the memory protection, are not isolated from the vulnerable kernel, and thus subject to tampering. To address that, researchers have relied on virtualization for reliable kernel memory protection. Unfortunately, such memory protection requires to monitor every update to the guest’s page tables. This fundamentally conflicts with the recent advances in the hardware virtualization support. In this paper, we propose SecPod, an extensible framework for virtualization-based security systems that can provide both strong isolation and the compatibility with modern hardware. SecPod has two key techniques: paging delegation delegates and audits the kernel’s paging operations to a secure space; execution trapping intercepts the (compromised) kernel’s attempts to subvert SecPod by misusing privileged instructions. We have implemented a prototype of SecPod based on KVM. Our experiments show that SecPod is both effective and efficient.

SecPod: A Framework for Virtualization-based Security Systems

Yue Chen

Integrating Spark and Solr-(Timothy Potter, Lucidworks)

Spark Summit

These innovative technologies are at the heart of the microservices and DevOps revolution currently sweeping through the IT industry. They are fuelling digital transformation and accelerating cloud adoption. They're helping organisations develop infrastructure agnostic applications that can be deployed anywhere i.e. Bare Metal, Virtualised Data Centres, Private and Public Cloud. They’re helping organisations to significantly reduce infrastructure costs and accelerating agile application delivery by automating application deployments and operational management. After this talk you’ll know what these open source technologies and open standards are, what they mean to you and your organisation and where you can go to try them out.

Containers - Transforming the data centre as we know it 2016

Keith Lynch

NFV management and orchestration framework architecture

sidneel

Pattern Recognition

Maaz Hasan

Container orchestration

Timo Derstappen

Cyber physical systems and robotics

trinhanhtuan247

Video: https://youtu.be/C_u4_l84ED8 Karl Isenberg reviews the history of distributed computing, clarifies terminology for layers in the container stack, and does a head to head comparison of several tools in the space, including Kubernetes, Marathon, and Docker Swarm. Learn which features and qualities are critical for container orchestration and how you can apply this knowledge when evaluating platforms.

Container Orchestration Wars

Karl Isenberg

Computer forensics

deaneal

NFV for beginners

Dave Neary

Introduction to HTTP protocol

Aviran Mordo

Virtualization and cloud Computing

Rishikese MR

Computer forensics powerpoint presentation

Somya Johri

Destacado (20)

A Gentle Introduction To Docker And All Things Containers

Batch Applications for the Java Platform

Do We Need Containers Anyway?

Container Orchestration @Docker Meetup Hamburg

Java EE 01-Servlets and Containers

AWS re:Invent 2016: The Cloud Is Enterprise Ready: How the University of Ariz...

Machine learning advanced applications

SecPod: A Framework for Virtualization-based Security Systems

Integrating Spark and Solr-(Timothy Potter, Lucidworks)

Containers - Transforming the data centre as we know it 2016

NFV management and orchestration framework architecture

Pattern Recognition

Container orchestration

Cyber physical systems and robotics

Container Orchestration Wars

Computer forensics

NFV for beginners

Introduction to HTTP protocol

Virtualization and cloud Computing

Computer forensics powerpoint presentation

Similar a Containers for Non-Developers

State of Union - Containerz

Shiva Narayanaswamy

Introduction to Container Management on AWS

Amazon Web Services

If you've ever considered moving part of your application stack to containers, don’t miss this session. Amazon ECS Software Engineer Uttara Sridhar will cover best practices for containerizing your code, implementing automated service scaling and monitoring, and setting up automated CI/CD pipelines with fail-safe deployments. Manjeeva Silva and Thilina Gunasinghe will show how McDonalds implemented their home delivery platform in four months using Docker containers and Amazon ECS to serve tens of thousands of customers.

Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...

Amazon Web Services

Omar Lari, Partner Solutions Architect at AWS, presents the Container ecosystem on AWS and how to manage containers. He starts with an overview of the container ecosystem and the various management tools available. Container orchestration concepts are explained, and finally he introduces Amazon EC2 Container Services (ECS). The Expedia success story is presented, illustrating the concepts and solutions adopted.

Introduction to Container Management on AWS

Amazon Web Services

In recent years, Docker containers have become a key component of modern application design. Increasingly, developers are breaking their applications apart into smaller components and distributing them across a pool of compute resources. Using Docker on your local development machine is simple, but running Docker applications at scale in production can be difficult. In this session, we will discuss the difficulties of running Docker in production and how Amazon EC2 Container Service (ECS) can be used to reduce the operational burdens. We will give an overview of the core architectural principles underlying Amazon ECS., and we will walk through a number of patterns used by our customers to run their microservices platforms, to run batch jobs, and for deployments and continuous integration. We will also demonstrate how to define multi-container applications, deploy and scale them seamlessly on a cluster with Amazon ECS.

Containers and the Evolution of Computing

Amazon Web Services

Through a combination of Amazon ECS and open source technologies, customers are able to build portable CI/CD pipelines on AWS. As container based deployments become more complex, they require additional rigging for integration. In this session, we show how popular Apache products like Kakfa, Storm, and Zookeeper are being deployed on top of Amazon ECS. We hear from HERE, a provider of mapping data, technologies, and services to the automotive, consumer, and enterprise sectors about an approach that leverages Consul from Hashicorp and Amazon ECS clusters for short-cycle deployments and tag-based environment promotion.

AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...

Amazon Web Services

Amazon ECS with Docker | AWS Public Sector Summit 2016

Amazon Web Services

Managing and scaling hundreds of containers is a challenging task. A container management solution takes care of these challenges for you, allowing you to focus on developing your application. In this session, we cover the role and tasks of a container management solution and we analyze how four common container management solutions - Amazon EC2 Container Service, Docker for AWS, Kubernetes, and Apache Mesos - stack against each other. We also see how you can easily get started with each of these solutions on AWS.

AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)

Amazon Web Services

Pipelining DevOps with Jenkins and AWS

Jimmy Ray

Cloud Best Practices

Eric Bottard

Docker is a key player in the microservices movement and is arguably the leader in containerization technology. That said, there are many ways to “do Docker”. Between the leading cloud providers AWS, Azure, and Google; plus other platform stacks like Docker/Swarm, Apache Mesos – DC/OS, and Kubernetes; it can get confusing.In this session, Michele will bring her customer experiences building solutions across most of these platforms – to provide you with the highlights, the architecture topologies, and some perspective on the way she helps her customers choose the right platform for their cloud, on premise or hybrid solutions.

.NET Developer Days - So many Docker platforms, so little time...

Michele Leroux Bustamante

AWS Summit 2014 Perth - Breakout 6 With AWS companies now have the ability to develop and run their applications with speed and flexibility like never before. Working with an infrastructure that can be 100% API driven enables businesses to use lean methodologies and realize these benefits. This in turn leads to greater success for those who make use of these practices. In this session we'll talk about some key concepts and design patterns for Continuous Deployment and Continuous Integration, two elements of lean development of applications and infrastructures. Presenter: Adrian White, Solutions Architect, Amazon Web Services

Continuous Integration and Deployment Best Practices on AWS

Amazon Web Services

A new movement is taking cloud by storm; Docker is evolving the way services are deployed by organizations so that they can operate more efficiently at scale — both in the cloud and on bare metal. In the same way shipping containers revolutionized the cargo industry, cheap, zero-penalty Linux Containers (LXC) are like shrink-wrapped VMs but without the fat. What’s not obvious, however, is how to roll your own Docker deployments and all tools you’ll need to leverage along the way. This discussion will cover: • Principles of Immutable Infrastructure • Docker Basics • Docker for Dev & QA • Docker in Production • Business Drivers • Answering the Question: Is Docker Ready for Prime Time?

Docker Demystified for SB JUG

Erik Osterman

Getting Started with Docker on AWS - DevDay Los Angeles 2017

Amazon Web Services

Getting Started with Docker on AWS: AWS is an elastic, secure, flexible, and developer-centric ecosystem that serves as an ideal platform for Docker deployments. AWS offers the scalable infrastructure, APIs, and SDKs that integrate tightly into a development lifecycle and accentuate the benefits of the lightweight and portable containers that Docker offers to its users. This session will cover the benefits of containers, introduce Amazon EC2 Container Service, and demonstrates how to use Amazon ECS to run containerized applications at scale in production.

Getting Started with Docker On AWS

Amazon Web Services

Getting Started with Docker on AWS - DevDay Austin 2017

Amazon Web Services

Containers have become key in modern application design. It is relatively easy to run a few containers on your laptop, but building and maintaining an entire infrastructure to run and manage containerized apps is hard and requires a lot of undifferentiated heavy lifting. In this session, we will discuss some of the core architectural principles underlying Amazon ECS, a highly scalable, high performance service to run and manage distributed applications using the Docker container engine. We will explore the advanced scheduling capabilities of Amazon ECS and dive deep into the Amazon ECS Service Scheduler, which optimizes for long-running applications by monitoring container health, restarting failed containers, and load balancing.

Amazon ECS – Production Docker at Scale

Amazon Web Services

Docker on AWS

Amazon Web Services

Gaming across multiple devices

Patric Boscolo

Containers and Nutanix - Acropolis Container Services

NEXTtour

Similar a Containers for Non-Developers (20)

State of Union - Containerz

Introduction to Container Management on AWS

Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...

Introduction to Container Management on AWS

Containers and the Evolution of Computing

AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...

Amazon ECS with Docker | AWS Public Sector Summit 2016

AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)

Pipelining DevOps with Jenkins and AWS

Cloud Best Practices

.NET Developer Days - So many Docker platforms, so little time...

Continuous Integration and Deployment Best Practices on AWS

Docker Demystified for SB JUG

Getting Started with Docker on AWS - DevDay Los Angeles 2017

Getting Started with Docker On AWS

Getting Started with Docker on AWS - DevDay Austin 2017

Amazon ECS – Production Docker at Scale

Docker on AWS

Gaming across multiple devices

Containers and Nutanix - Acropolis Container Services

Más de Amazon Web Services

Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS. In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Amazon Web Services

La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup. Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti. Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Amazon Web Services

Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi

Esegui pod serverless con Amazon EKS e AWS Fargate

Amazon Web Services

Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.

Costruire Applicazioni Moderne con AWS

Amazon Web Services

L’utilizzo dei container è in continua crescita. Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili. I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!

Come spendere fino al 90% in meno con i container e le istanze spot

Amazon Web Services

In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th. Event Agenda : Open banking so far (short recap) • PSD2, OB UK, OB Australia, OB LATAM, OB Israel Intro to Open Finance marketplace • Scope • Features • Tech overview and Demo The role of the Cloud The Future of APIs • Complying with regulation • Monetizing data / APIs • Business models • Time to market One platform for all: a Strategic approach Q&A

Open banking as a service

Amazon Web Services

Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc. AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta. Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

Amazon Web Services

Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity. AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet. Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Amazon Web Services

Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Amazon Web Services

Computer Vision con AWS

Amazon Web Services

Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti. Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.

Database Oracle e VMware Cloud on AWS i miti da sfatare

Amazon Web Services

Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti. Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire. Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito. In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

Amazon Web Services

Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline. Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.

API moderne real-time per applicazioni mobili e web

Amazon Web Services

Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali. In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Amazon Web Services

Tools for building your MVP on AWS

Amazon Web Services

How to Build a Winning Pitch Deck

Amazon Web Services

Building a web application without servers

Amazon Web Services

Fundraising Essentials

Amazon Web Services

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Amazon Web Services

Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.

Introduzione a Amazon Elastic Container Service

Amazon Web Services

Más de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Esegui pod serverless con Amazon EKS e AWS Fargate

Costruire Applicazioni Moderne con AWS

Come spendere fino al 90% in meno con i container e le istanze spot

Open banking as a service

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Computer Vision con AWS

Database Oracle e VMware Cloud on AWS i miti da sfatare

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

API moderne real-time per applicazioni mobili e web

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Tools for building your MVP on AWS

How to Build a Winning Pitch Deck

Building a web application without servers

Fundraising Essentials

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Introduzione a Amazon Elastic Container Service

Último

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Manulife - Insurer Innovation Award 2024

The Digital Insurer

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

A Principled Technologies deployment guide Conclusion Deploying VMware Cloud Foundation 5.1 on next gen Dell PowerEdge servers brings together critical virtualization capabilities and high-performing hardware infrastructure. Relying on our hands-on experience, this deployment guide offers a comprehensive roadmap that can guide your organization through the seamless integration of advanced VMware cloud solutions with the performance and reliability of Dell PowerEdge servers. In addition to the deployment efficiency, the Cloud Foundation 5.1 and PowerEdge solution delivered strong performance while running a MySQL database workload. By leveraging VMware Cloud Foundation 5.1 and PowerEdge servers, you could help your organization embrace cloud computing with confidence, potentially unlocking a new level of agility, scalability, and efficiency in your data center operations.

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...

Principled Technologies

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

This presentation explores the impact of HTML injection attacks on web applications, detailing how attackers exploit vulnerabilities to inject malicious code into web pages. Learn about the potential consequences of such attacks and discover effective mitigation strategies to protect your web applications from HTML injection vulnerabilities. for more information visit https://bostoninstituteofanalytics.org/category/cyber-security-ethical-hacking/

HTML Injection Attacks: Impact and Mitigation Strategies

Boston Institute of Analytics

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Neo4j

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Rafal Los

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Top 10 Most Downloaded Games on Play Store in 2024

SynarionITSolutions

Containers for Non-Developers

2. Containerised Microservices Dom 0 Instance Instance Instance OS OS OS Container Runtime Container Runtime Container Runtime App App Service Service App App Service Service App App Service Service

3. Container Orchestration Dom 0 Instance Instance Instance OS OS OS Container Runtime Container Runtime Container Runtime App Service App App Service Service Container Orchestration

4. Container Orchestration Dom 0 Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Service Management §Labels §Groups/Namespaces §Dependencies §Load Balancing §Health Check §Service Discovery

5. Container Orchestration Dom 0 Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Scheduling §Placement §Replication/Scaling §Resurrection §Rescheduling §Rolling deploys §Upgrades §Downgrades §Colocation

6. Container Orchestration Dom 0 Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Resource Management § Memory § CPU § GPU § Volumes § Ports § IPs

7. Non Functional Capabilities Scalability Performance, Responsiveness, Efficiency Availability Fault Tolerance, Reliability, DR Flexibility Extensibility, Portability, Interoperability Usability Familiarity, Debuggability, Maintainability Portability Container Runtime, Host OS, Cloud Provider, On-prem Security Isolation, Encryption, Secrets Management, Auditability

8. In NO Particular Order [ ] Schedulers and Orchestration [ ] Networking [ ] Security [ ] Operating Systems [ ] Storage [ ] Monitoring

9. Schedulers and Orchestration

10. Schedulers – General Blurb Cluster Machines Cluster State Information Monolothic Two-Level Shared State No Concurrency Pessimistic Concurrency (offers) Optimistic Concurrency (transactions) Scheduling Logic

11. Customers Like Options

12. Docker Task Container Instance Amazon ECS Container ECS Agent ELB Internet ELB User / Scheduler API Cluster Management Engine Task Container Docker Task Container Instance Container ECS Agent Task Container Docker Task Container Instance Container ECS Agent Task Container AZ 1 AZ 2 Key/Value Store Agent Communication Service ECS

13. Networking

14. Container Networking Dom 0 Instance Instance Instance OS OS OS Container Runtime Container Runtime Container Runtime Container Container Container Container Container Container

15. Overlay all of the Thingz • Flannel • Calico • WeaveNet • Swarm Mode

16. Security

17. Security Pro-Tips § Host Security § Lock it down § Namespaces and cgroups are your friends § Select few belong to docker UNIX group § SELinux is also your friend § Docker daemon runs as root! § Docker Daemon Security § Do not run in privileged mode § Lock down inter container comms –icc=false § Secure APIs with TLS certificates

18. Whale-Say "Only trusted users should be allowed to control your Docker daemon" “If you run Docker on a server, it is recommended to run exclusively Docker in the server, and move all other services within containers controlled by Docker”

19. IMAGE REGISTRY CI/CD DEPLOYMENT SYSTEM SOURCE CODE REPO SECURITY SCANNING CONTINUOUS ASSURANCE Pull latest signed image Commit Code Trigger Build Push signed image Pull latest stable signed image DEVELOPER Workflow

20. More Prescriptive Advice Here… https://benchmarks.cisecurity.org/tools2/docker/CIS_ Docker_1.11.0_Benchmark_v1.0.0.pdf

21. Operating System

22. Micro OS CoreOS RancherOS Ubuntu Snappy RedHat Atom VmWare Photon ECS Optimized Amazon Linux RedHat Atomic VmWare Photon Ubuntu Snappy CoreOS RancherOS 395 MB 317 MB 215 MB 20 MB 150 MB

23. Storage

24. Persistent Storage § POSIX is legacy filesystem. So don’t! § Named volumes § Data only container § Flocker § Shared file system (EFS, GlusterFS etc.)

25. Monitoring and Operations

26. Monitoring and Operating Monitoring systems need to be more available and scalable than the systems (and services) being monitored ~ Adrian Cockroft

27. Demo ApacheDogs and NginxCats

28. Thank You!

Containers for Non-Developers

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Destacado

Destacado (20)

Similar a Containers for Non-Developers

Similar a Containers for Non-Developers (20)

Más de Amazon Web Services

Más de Amazon Web Services (20)

Último

Último (20)

Containers for Non-Developers