19. History of containerization 1960s mainframe 1990s hardware
virtualization 1990s OS virt precursors: BSD Jails, Solaris zones
2006 Cloud IaaS 2009 platform virtualization (PaaS) 2013 Docker See
@bcantrills deck
http://www.slideshare.net/bcantrill/docker-and-the-future-of-containers-in-production
26. Isolation using Linux kernel features namespaces pid mnt
net uts ipc user cgroups memory cpu blkio devices
27. Image layers
28. Docker now
29. Docker for developers
https://registry.hub.docker.com/_/java/
30. docker-compose: running multiple containers Run your stack
with one command: docker-compose up Describe your stack with one
file: docker-compose.yml web: build: . command: python app.py
ports: - "5000:5000" volumes: - .:/code links: - redis:redis redis:
image: redis
31. Whats new in 1.3.0? Performance and stability improvements
Lots more config option support New feature (experimental!): Smart
Recreate Only recreate containers whose configuration has been
changed $ docker-compose up --x-smart-recreate Will eventually be
the default behaviour
33. What is new in 0.3.0? Generic Driver -Provision any host
with SSH Engine and Swarm Options -Specify any swarm or engine
option Swarm Provisioning out of experimental Custom Engine and
Swarm Versions -Specify stable/test for engine -Specify image for
Swarm
38. Docker Hub Dashboard: 2.0x Speedup Search: 1.6x Speedup
Current New 0 3,000 6,000 9,000 12,000 Current New 0 2,250 4,500
6,750 9,000
39. Docker Hub More Reliable
40. Docker Trusted Registry
41. On-premise registry server LDAP/Active Directory
integration Role-based access control Audit & events logging
Easy deploy, upgrade, & rollback
42. Kitematic
43. Deploy almost anywhere
44. Its all about Devops
45. 28 Dev / Ops
46. Separation of concerns: Sylvester the Developer Inside my
container: my code my libraries my package manager my app my
data
47. Separation of concerns: Robert the Ops guy Outside the
container: logging remote access network configuration
monitoring
48. Networking
49. Container Network Model
50. M 1 M 2 M 3 C 2 C 1 C 3 C 4 C 6 C 5 Network 1 Network
2
51. Plugins
52. Docker Plugins Developed with the community. Mesosphere,
WeaveWorks, ClusterHQ, Glider Labs, 4 new extension points:
Networking Service discovery Storage volumes Scheduling More
extension points coming soon.
53. Docker Plugins Batteries included but removable: default
implementation is a plugin too! Dynamically loaded: extend Docker
without patching or restarting it Multi-tenant: different apps can
use different plugins No lock-in: if your application works in
Docker, it already supports every plugin.
54. Swarm Scheduler pluginsScheduler plugins Engine Volumes
pluginsVolumes plugins Network pluginsNetwork plugins Service
discovery plugins Service discovery plugins Engine Volumes
pluginsVolumes plugins Network pluginsNetwork plugins Service
discovery plugins Service discovery plugins mesos flockerglusterfs
weavecalico consuletcdzookeeper
midokuraciscoazurenuagenetworks
61. Swarm beta integrations Fully integrated with Machine
Partially integrated with Compose Mesos integration has started in
collaboration with Mesosphere.
64. Orchestration summary Docker Swarm: Docker-style, provision
with docker- machine Mesos: Twitter-style, aligned with Swarm
Fleet: CoreOS-style, simple Kubernetes: Google-style, heavy-duty,
many concepts AWS EC2 Container Service: simple, aligned with Swarm
Cloud Foundry Diego, IBM BlueMix: PaaS -> orchestration Also:
Joyent, Tutum, Flynn
65. Plumbing
66. The Docker toolbox is built on plumbing. Lots of it. Linux
LXC selinux apparmor aufs lvm zfs btrfs virtualbox iptables openssl
tar git raft serf xenkvm openvz paxos ssh Go
67. The Docker community created its own plumbing... Lots of
it. 50% of Dockers source code is plumbing.
68. Service discovery networking os containers authentication
storage logging build content distribution code signature master
election code signatureload balancing scheduling testing code
review The Docker community created its own plumbing... Lots of
it.
69. Thou shalt... 1. re-use and improve existing plumbing 2.
make new plumbing easy to re-use and improve 3. Follow the unix
principles: make small simple tools, not big complicated ones 4.
define standard interfaces for assembling larger systems The
principles of software plumbing
70. Docker is spinning out its plumbing All of it.
71. We need your help!
72. Plumbing for SECURITY
73. Secure content distribution on the Internet is an unsolved
problem.
74. Introducing Notary Lets stop using curl|sh Trusted
collections for any content Transport-agnostic Reliable updates,
proof of origin, resistant to untrusted transport, survivable key
compromise Build on industry-leading standards and research
75. OS CONTAINERS Plumbing for...
76. Its just plumbing... but its popular plumbing! Containers
are 5% of Dockers code
77. Introducing RunC The universal container runtime All of
Dockers container management plumbing and nothing else Super
lightweight Battle-tested and production-ready Supports all
security features of Linux: selinux, apparmor, cgroups, seccomp,
namespaces, cap-drop.. Supports user namespaces Supports live
migration Microsof is contributing Windows support Arm support
underway Intel is contributing DPDK, Secure enclave Defines a
standard, portable runnable format Usable from the command-line
https://runc.io
78. Open Standards
79. You are the de facto standard. Make it a proper
standard!
80. (logo slide)
81. Fire up your first container today! Ride the Whale!