Upload
lee-calcote
View
124
Download
0
Embed Size (px)
Citation preview
DockerCon16 Recap
Lee CalcoteClouds, containers and their management
@lcalcote
leecalcote
blog.gingergeek.com
Community Announcements
July 11-13th
July 23rd
July 8-9th
Sep 7-9th
July 19th
● Companies Hiring?
● People Looking?
● Other Events?
● Interesting News?
Docker Birthday #3 Training + Celebration
• 125 Docker Birthday celebrations• 8000+ RSVPS• 600+ mentors• 1000+ attendees completed the
training!
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Let’s eliminate friction in the development cycle
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
1. Get out of the way
The best tools…
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
1. Get out of the way
The best tools…
2. Adapt to you
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
1. Get out of the way
The best tools…
2. Adapt to you
3. Make thepowerful simple
Hypervisor Framework
vmnet Framework
Docker Container Engine
HyperKit
Linux
VPNKit
DataKit
Client Libraries
Admin GUI
CLI
Security Sandbox
Making things easy is really hard.
Hypervisor Framework
vmnet Framework
Docker Container Engine
HyperKit
Linux
VPNKit
DataKit
Client Libraries
Admin GUI
CLI
Security Sandbox
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Docker for Mac & Windows Public Beta
docker.com/getdocker
Moby - the Docker VM
Alpine was designed to boot from init ramdisk
So, restart the VM should you run into trouble
3 ways to get to Moby’s console
1. screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty 9600
2. docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
3. docker run --net host --pid host --privileged -v /:/hostfs chroot /hostfs
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Introducing the best way to orchestrate Docker:
Docker.
Docker 1.12: now with orchestration built-in.
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Swarm mode
Service API
Cryptographic node identity
Built-in routing mesh
Docker 1.12: now with orchestration built-in.
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Combine your engines in swarms of any scaleSelf-organizing, self-healingNo external data store requiredNo single points of failureInfrastructure-agnostic topology
Swarm mode
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Cryptographic node identity
Government-grade security by defaultEnd-to-end TLSBuilt-in government-grade PKIAutomated key rotationRevoke any node at any time
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Section 2 - Docker daemon configuration
2.14 Enable live restore
2.15 Set the auto-accept mode for the swarm to none
2.16 Set a secret value when initializing swarm mode
2.17 Do not enable swarm node, if not needed
2.18 Control the number of manager nodes in a swarm
Section 4 - Container Images and Build File
4.6 Add HEALTHCHECK to the container image
Section 5 - Container Runtime
5.26 Check container health at runtime
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Desired state reconciliationScalingRolling updatesAdvanced schedulingApplication-specified health checksRescheduling on node failure
Docker Service API
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Built-in Routing Mesh
Swarm-wide overlay networkingContainer-native load-balancingDNS-based service discoveryNo separate cluster to setupWorks with your existing load-balancersRock-solid kernel-only data path with IPVS
Built-in Routing Mesh
Deep-dive article on Docker 1.12 networking coming...
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
A walk-through
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Swarm mode
Service API
Cryptographic node identity
Built-in routing mesh
Docker 1.12: now with orchestration built-in.
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Docker-native experienceNo external dependencies No single point of failureSecure by defaultWorks with your infrastructureReverse compatible
Docker 1.12: now with orchestration built-in.
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
A walk-through
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
beta.docker.comDocker for AWS Docker for Azure
Deep integration with native load-balancers, templates,SSH keys, ACLs, scaling groups, firewall rules…
beta.docker.com
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
It’s the application that matters!
Nobody cares about containers
(NOTE: PASTE IN PHOTO AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Distributed Application Bundle
experime
ntal
www.docker.com/dab
A portable format for multi-container applications