Docker AWS TechCONNECT Boston, 28-July-2015

Embed Size (px)

Citation preview

  1. 1. Our mission is to build tools of mass innovation
  2. 2. Billions of creative people
  3. 3. Incredible new technology Billions of creative people
  4. 4. Incredible new technology Billions of creative people
  5. 5. Incredible new technology Billions of creative people
  6. 6. Incredible new technology Billions of creative people Mass innovation
  7. 7. What is the biggest innovation multiplier today?
  8. 8. What is the biggest innovation multiplier today? Programming.
  9. 9. New hardware can do incredible things Millions of programmers Mass innovation Make it programmable
  10. 10. What new hardware could do incredible things if made programmable?
  11. 11. THE INTERNET Millions of programmers Mass innovation Make it programmable
  12. 12. Internet Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system
  13. 13. Internet Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system Programmers Must program!!!!
  14. 14. Internet Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system Androi d iOS AWS Raspberry pi Cloudfoundr y Openstack Microsoft Web Heroku ... App App App App App App App App App App App App App App App App App Programmers
  15. 15. Internet (hardware layer) Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system Programmers Internet (software layer) App App App App App App App App App App App App App App App App App App App App App App App App App App App App
  16. 16. Internet (hardware layer) Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instrumen ts Financial system Programmers App App App App App App App App App App App App App App App App App App App App App App App App App App App App a software layer to program the internet
  17. 17. Docker in the Cloud Market
  18. 18. Cloud Market PublicHybridPrivate Devops DevelopersArchitects
  19. 19. History of containerization 1960s mainframe 1990s hardware virtualization 1990s OS virt precursors: BSD Jails, Solaris zones 2006 Cloud IaaS 2009 platform virtualization (PaaS) 2013 Docker See @bcantrills deck http://www.slideshare.net/bcantrill/docker-and-the-future-of-containers-in-production
  20. 20. 7
  21. 21. Why Docker success now? Cloud adoption Portability Hybrid Devops
  22. 22. Its an ecosystem
  23. 23. Linux Container Ecosystem
  24. 24. RancherOS
  25. 25. Docker
  26. 26. Isolation using Linux kernel features namespaces pid mnt net uts ipc user cgroups memory cpu blkio devices
  27. 27. Image layers
  28. 28. Docker now
  29. 29. Docker for developers https://registry.hub.docker.com/_/java/
  30. 30. docker-compose: running multiple containers Run your stack with one command: docker-compose up Describe your stack with one file: docker-compose.yml web: build: . command: python app.py ports: - "5000:5000" volumes: - .:/code links: - redis:redis redis: image: redis
  31. 31. Whats new in 1.3.0? Performance and stability improvements Lots more config option support New feature (experimental!): Smart Recreate Only recreate containers whose configuration has been changed $ docker-compose up --x-smart-recreate Will eventually be the default behaviour
  32. 32. docker-machine docker-machine create -d azureazure-subscription-id="c4f51be3-784c-xxx-7c50ad9e1b7c"--azure-subscription-cert="/Users/pat/.ssh/docker-azure- cert.pem"--azure-location="East US"--azure-size=Small--azure-username="pat"pat-docker-machine-n
  33. 33. What is new in 0.3.0? Generic Driver -Provision any host with SSH Engine and Swarm Options -Specify any swarm or engine option Swarm Provisioning out of experimental Custom Engine and Swarm Versions -Specify stable/test for engine -Specify image for Swarm
  34. 34. Docker Hub
  35. 35. 150,000 repos 500+ million pulls 240,000 users 3/23/13 7/15/13 11/4/13 2/24/14 6/16/14 10/6/14 1/26/15 5/18/15 - 75,000 150,000 225,000 300,000 4/29/13 8/19/13 12/9/13 3/31/14 7/21/1411/10/14 3/2/15 - 40,000 80,000 120,000 160,000 5/6/13 8/5/1311/4/132/3/14 5/5/14 8/4/1411/3/142/2/15 5/4/15 - 125,000,000 250,000,000 375,000,000 500,000,000 2014 2015 2014 2015 2014 2015
  36. 36. Docker Hub Dev & QA ColleaguesDevelopers QA Build & Ship
  37. 37. Docker Hub Faster Pulls 60% Less Bandwidth v1 v2 0% 25% 50% 75% 100% v1 v2 0% 25% 50% 75% 100% 80% Fewer Requests
  38. 38. Docker Hub Dashboard: 2.0x Speedup Search: 1.6x Speedup Current New 0 3,000 6,000 9,000 12,000 Current New 0 2,250 4,500 6,750 9,000
  39. 39. Docker Hub More Reliable
  40. 40. Docker Trusted Registry
  41. 41. On-premise registry server LDAP/Active Directory integration Role-based access control Audit & events logging Easy deploy, upgrade, & rollback
  42. 42. Kitematic
  43. 43. Deploy almost anywhere
  44. 44. Its all about Devops
  45. 45. 28 Dev / Ops
  46. 46. Separation of concerns: Sylvester the Developer Inside my container: my code my libraries my package manager my app my data
  47. 47. Separation of concerns: Robert the Ops guy Outside the container: logging remote access network configuration monitoring
  48. 48. Networking
  49. 49. Container Network Model
  50. 50. M 1 M 2 M 3 C 2 C 1 C 3 C 4 C 6 C 5 Network 1 Network 2
  51. 51. Plugins
  52. 52. Docker Plugins Developed with the community. Mesosphere, WeaveWorks, ClusterHQ, Glider Labs, 4 new extension points: Networking Service discovery Storage volumes Scheduling More extension points coming soon.
  53. 53. Docker Plugins Batteries included but removable: default implementation is a plugin too! Dynamically loaded: extend Docker without patching or restarting it Multi-tenant: different apps can use different plugins No lock-in: if your application works in Docker, it already supports every plugin.
  54. 54. Swarm Scheduler pluginsScheduler plugins Engine Volumes pluginsVolumes plugins Network pluginsNetwork plugins Service discovery plugins Service discovery plugins Engine Volumes pluginsVolumes plugins Network pluginsNetwork plugins Service discovery plugins Service discovery plugins mesos flockerglusterfs weavecalico consuletcdzookeeper midokuraciscoazurenuagenetworks
  55. 55. Weave
  56. 56. Flocker
  57. 57. Orchestration
  58. 58. Docker Swarm
  59. 59. Docker CLI Docker CLI Docker CLI Docker Engine
  60. 60. us-west us-east Docker CLI Docker CLI Docker Swarm Swarm
  61. 61. Swarm beta integrations Fully integrated with Machine Partially integrated with Compose Mesos integration has started in collaboration with Mesosphere.
  62. 62. Swarm load balancing: interlock https://github.com/ehazlett/interlock/tree/master/plugins/haproxy
  63. 63. New in Swarm
  64. 64. Orchestration summary Docker Swarm: Docker-style, provision with docker- machine Mesos: Twitter-style, aligned with Swarm Fleet: CoreOS-style, simple Kubernetes: Google-style, heavy-duty, many concepts AWS EC2 Container Service: simple, aligned with Swarm Cloud Foundry Diego, IBM BlueMix: PaaS -> orchestration Also: Joyent, Tutum, Flynn
  65. 65. Plumbing
  66. 66. The Docker toolbox is built on plumbing. Lots of it. Linux LXC selinux apparmor aufs lvm zfs btrfs virtualbox iptables openssl tar git raft serf xenkvm openvz paxos ssh Go
  67. 67. The Docker community created its own plumbing... Lots of it. 50% of Dockers source code is plumbing.
  68. 68. Service discovery networking os containers authentication storage logging build content distribution code signature master election code signatureload balancing scheduling testing code review The Docker community created its own plumbing... Lots of it.
  69. 69. Thou shalt... 1. re-use and improve existing plumbing 2. make new plumbing easy to re-use and improve 3. Follow the unix principles: make small simple tools, not big complicated ones 4. define standard interfaces for assembling larger systems The principles of software plumbing
  70. 70. Docker is spinning out its plumbing All of it.
  71. 71. We need your help!
  72. 72. Plumbing for SECURITY
  73. 73. Secure content distribution on the Internet is an unsolved problem.
  74. 74. Introducing Notary Lets stop using curl|sh Trusted collections for any content Transport-agnostic Reliable updates, proof of origin, resistant to untrusted transport, survivable key compromise Build on industry-leading standards and research
  75. 75. OS CONTAINERS Plumbing for...
  76. 76. Its just plumbing... but its popular plumbing! Containers are 5% of Dockers code
  77. 77. Introducing RunC The universal container runtime All of Dockers container management plumbing and nothing else Super lightweight Battle-tested and production-ready Supports all security features of Linux: selinux, apparmor, cgroups, seccomp, namespaces, cap-drop.. Supports user namespaces Supports live migration Microsof is contributing Windows support Arm support underway Intel is contributing DPDK, Secure enclave Defines a standard, portable runnable format Usable from the command-line https://runc.io
  78. 78. Open Standards
  79. 79. You are the de facto standard. Make it a proper standard!
  80. 80. (logo slide)
  81. 81. Fire up your first container today! Ride the Whale!
  82. 82. Learning http://docs.docker.com/ http://slideshare.net/chanezon https://github.com/chanezon/azure-linux
  83. 83. Were hiring! https://www.docker.com/company/careers/
  84. 84. Q&A