SlideShare une entreprise Scribd logo

Progscon 2017 Operation Considerations for Containers

Chris Swan
Chris Swan

This document discusses operational considerations for using containers in an enterprise setting. It covers topics like images, registries, security, operations, development, and infrastructure. Specifically, it highlights challenges around image scanning, integrity and secrets, security issues with 'docker == root', and operational concerns like provisioning, configuration management, monitoring, and logging. It also reviews how tools like Docker Trusted Registry, Docker Cloud, and the CIS Docker Security Benchmark can help address some of these challenges.

Technologie
1  sur  13
Télécharger pour lire hors ligne
May 3, 2017 Operational Considerations for Containers Chris Swan VP, CTO Global Delivery Organisation
May 3, 2017 With thanks to Ian Miell ‘A Checklist for Docker in the Enterprise’ was the inspiration for this talk https://zwischenzugs.wordpress.com/2016/07/08/a-checklist-for-docker-in-the-enterprise/ Shortlink: is.gd/IMDoCL Ian Miell Docker Check List
May 3, 2017 Why me? Using Docker since v0.53 (summer of 2013). Built Docker in to a commercial networking platform as its plugin mechanism in early 2014 (with customers in production before v1.0 launch at first DockerCon). Now using containers to help reskill a 120,000 strong delivery organisation for a world of Infrastructure as Code.
May 3, 2017 ‘Installation is a software hate crime’ Pat Kerpan (then Borland CTO) c. 2004
May 3, 2017 The Containers Learning Cliff Credit: Michael Ducy @mfdii https://twitter.com/mfdii/status/697532387240996864
May 3, 2017 Images Registry Scanning Image Building Image Integrity Base Images Third Party Images SDLC Secrets Some (but not all) of this can be handled by Docker Trusted Registry (DTR) or Docker Cloud
May 3, 2017 Operations Provisioning (Orchestration) Config Management (Inside and Out) Monitoring Logging Or use a PaaS?
May 3, 2017 Security and Audit docker == root Security Monitoring Forensics The CIS Docker Security Benchmark has guidance for host config, container config etc. Many aspects can be checked with the DockerBench tool
May 3, 2017 Development Dev Environments CI/CD
May 3, 2017 Infrastructure Shared Storage Networking PaaS Cloud Providers
May 3, 2017 Images Registry Scanning Image Building Image Integrity Base Images Third Party Images SDLC Secrets Security & Audit docker == root Monitoring Forensics Operations Provisioning Config Management Monitoring Logging Development Dev Environments CI/CD Infrastructure Shared Storage Networking PaaS Cloud Providers Review
May 3, 2017 ImagesLibraries Registry Scanning Image Building Image Integrity Base Images Third Party Images SDLC Secrets Security & Audit docker == root Monitoring Forensics Operations Provisioning Config Management Monitoring Logging Development Dev Environments CI/CD Infrastructure Shared Storage Networking PaaS Cloud Providers Coda - what does ServerLess take away?
May 3, 2017 Questions?

Recommandé

サイボウズの開発を支える GitHub × CircleCI
サイボウズの開発を支える GitHub × CircleCIサイボウズの開発を支える GitHub × CircleCI
サイボウズの開発を支える GitHub × CircleCIJumpei Miyata
 
デジタルトランスフォーメーションにおけるOSSの活用
デジタルトランスフォーメーションにおけるOSSの活用デジタルトランスフォーメーションにおけるOSSの活用
デジタルトランスフォーメーションにおけるOSSの活用Ryo Fujita
 
サイボウズを支えるCircleCI
サイボウズを支えるCircleCIサイボウズを支えるCircleCI
サイボウズを支えるCircleCIJumpei Miyata
 
Everything I know about Kubernetes I learned from a Raspberry Pi cluster
Everything I know about Kubernetes I learned from a Raspberry Pi clusterEverything I know about Kubernetes I learned from a Raspberry Pi cluster
Everything I know about Kubernetes I learned from a Raspberry Pi clusterJeff Geerling
 
Being cloud native with IBM cloud
Being cloud native with IBM cloudBeing cloud native with IBM cloud
Being cloud native with IBM cloudVidyasagar Machupalli
 
Kubernetes: istruzioni per l'uso
Kubernetes: istruzioni per l'usoKubernetes: istruzioni per l'uso
Kubernetes: istruzioni per l'usoCommit University
 
K8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortK8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortGabriel Bechara
 
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroom
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroomKubeCon EU 2016: Kubernetes in Production in The New York Times newsroom
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroomKubeAcademy
 

Recommandé

サイボウズの開発を支える GitHub × CircleCI
サイボウズの開発を支える GitHub × CircleCIサイボウズの開発を支える GitHub × CircleCI
サイボウズの開発を支える GitHub × CircleCIJumpei Miyata
 
デジタルトランスフォーメーションにおけるOSSの活用
デジタルトランスフォーメーションにおけるOSSの活用デジタルトランスフォーメーションにおけるOSSの活用
デジタルトランスフォーメーションにおけるOSSの活用Ryo Fujita
 
サイボウズを支えるCircleCI
サイボウズを支えるCircleCIサイボウズを支えるCircleCI
サイボウズを支えるCircleCIJumpei Miyata
 
Everything I know about Kubernetes I learned from a Raspberry Pi cluster
Everything I know about Kubernetes I learned from a Raspberry Pi clusterEverything I know about Kubernetes I learned from a Raspberry Pi cluster
Everything I know about Kubernetes I learned from a Raspberry Pi clusterJeff Geerling
 
Being cloud native with IBM cloud
Being cloud native with IBM cloudBeing cloud native with IBM cloud
Being cloud native with IBM cloudVidyasagar Machupalli
 
Kubernetes: istruzioni per l'uso
Kubernetes: istruzioni per l'usoKubernetes: istruzioni per l'uso
Kubernetes: istruzioni per l'usoCommit University
 
K8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortK8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortGabriel Bechara
 
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroom
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroomKubeCon EU 2016: Kubernetes in Production in The New York Times newsroom
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroomKubeAcademy
 
Google Cloud Functions + Express
Google Cloud Functions + ExpressGoogle Cloud Functions + Express
Google Cloud Functions + ExpressSimon Dittlmann
 
Microsoft Azure and Couchbase
Microsoft Azure and CouchbaseMicrosoft Azure and Couchbase
Microsoft Azure and CouchbaseIdan Tohami
 
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam BiradarIntroducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradarsangam biradar
 
Kubernetes ist der Hammer?!
Kubernetes ist der Hammer?!Kubernetes ist der Hammer?!
Kubernetes ist der Hammer?!Andreas Siegel
 
Microservices in Your Datacenter
Microservices in Your DatacenterMicroservices in Your Datacenter
Microservices in Your DatacenterAmbassador Labs
 
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017Deploying and scaling kubernetes using Rancher CNCF meetup June 2017
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017Sebastiaan van Steenis
 
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...Nilesh Gule
 
CI CD with Docker and Kubernetes
CI CD with Docker and Kubernetes CI CD with Docker and Kubernetes
CI CD with Docker and Kubernetes Nilesh Gule
 
Beyond OpenStack | OpenStack in Real Life
Beyond OpenStack | OpenStack in Real LifeBeyond OpenStack | OpenStack in Real Life
Beyond OpenStack | OpenStack in Real LifeOpsta
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsMitchell Pronschinske
 
Deep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureDeep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureJorge Arteiro
 
Rilasci senza paura (o panico) con Azure DevOps
Rilasci senza paura (o panico) con Azure DevOpsRilasci senza paura (o panico) con Azure DevOps
Rilasci senza paura (o panico) con Azure DevOpsCommit University
 
Debug and Monitor Multi-container Apps on AKS
Debug and Monitor Multi-container Apps on AKSDebug and Monitor Multi-container Apps on AKS
Debug and Monitor Multi-container Apps on AKSNilesh Gule
 
Microsoft Azure News - September 2019
Microsoft Azure News - September 2019Microsoft Azure News - September 2019
Microsoft Azure News - September 2019Daniel Toomey
 
Deploy Elasticsearch Cluster on Kubernetes
Deploy Elasticsearch Cluster on KubernetesDeploy Elasticsearch Cluster on Kubernetes
Deploy Elasticsearch Cluster on KubernetesIsmaeel Enjreny
 
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOne
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOneMongoDB Days Silicon Valley: MongoDB and IBM LinuxOne
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOneMongoDB
 
Container Day - Seattle
Container Day - SeattleContainer Day - Seattle
Container Day - SeattleBoyd Hemphill
 
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...Arif A.
 
56K.cloud Docker Training
56K.cloud Docker Training56K.cloud Docker Training
56K.cloud Docker TrainingBrian Christner
 
Google Cloud Platform and Kubernetes
Google Cloud Platform and KubernetesGoogle Cloud Platform and Kubernetes
Google Cloud Platform and KubernetesKasper Nissen
 
Security Patterns for Microservice Architectures - ADTMag Microservices & API...
Security Patterns for Microservice Architectures - ADTMag Microservices & API...Security Patterns for Microservice Architectures - ADTMag Microservices & API...
Security Patterns for Microservice Architectures - ADTMag Microservices & API...Matt Raible
 
Docker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker, Inc.
 

Contenu connexe

Tendances

Google Cloud Functions + Express
Google Cloud Functions + ExpressGoogle Cloud Functions + Express
Google Cloud Functions + ExpressSimon Dittlmann
 
Microsoft Azure and Couchbase
Microsoft Azure and CouchbaseMicrosoft Azure and Couchbase
Microsoft Azure and CouchbaseIdan Tohami
 
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam BiradarIntroducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradarsangam biradar
 
Kubernetes ist der Hammer?!
Kubernetes ist der Hammer?!Kubernetes ist der Hammer?!
Kubernetes ist der Hammer?!Andreas Siegel
 
Microservices in Your Datacenter
Microservices in Your DatacenterMicroservices in Your Datacenter
Microservices in Your DatacenterAmbassador Labs
 
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017Deploying and scaling kubernetes using Rancher CNCF meetup June 2017
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017Sebastiaan van Steenis
 
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...Nilesh Gule
 
CI CD with Docker and Kubernetes
CI CD with Docker and Kubernetes CI CD with Docker and Kubernetes
CI CD with Docker and Kubernetes Nilesh Gule
 
Beyond OpenStack | OpenStack in Real Life
Beyond OpenStack | OpenStack in Real LifeBeyond OpenStack | OpenStack in Real Life
Beyond OpenStack | OpenStack in Real LifeOpsta
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsMitchell Pronschinske
 
Deep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureDeep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureJorge Arteiro
 
Rilasci senza paura (o panico) con Azure DevOps
Rilasci senza paura (o panico) con Azure DevOpsRilasci senza paura (o panico) con Azure DevOps
Rilasci senza paura (o panico) con Azure DevOpsCommit University
 
Debug and Monitor Multi-container Apps on AKS
Debug and Monitor Multi-container Apps on AKSDebug and Monitor Multi-container Apps on AKS
Debug and Monitor Multi-container Apps on AKSNilesh Gule
 
Microsoft Azure News - September 2019
Microsoft Azure News - September 2019Microsoft Azure News - September 2019
Microsoft Azure News - September 2019Daniel Toomey
 
Deploy Elasticsearch Cluster on Kubernetes
Deploy Elasticsearch Cluster on KubernetesDeploy Elasticsearch Cluster on Kubernetes
Deploy Elasticsearch Cluster on KubernetesIsmaeel Enjreny
 
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOne
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOneMongoDB Days Silicon Valley: MongoDB and IBM LinuxOne
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOneMongoDB
 
Container Day - Seattle
Container Day - SeattleContainer Day - Seattle
Container Day - SeattleBoyd Hemphill
 

Tendances (17)

Google Cloud Functions + Express
Google Cloud Functions + ExpressGoogle Cloud Functions + Express
Google Cloud Functions + Express
 
Microsoft Azure and Couchbase
Microsoft Azure and CouchbaseMicrosoft Azure and Couchbase
Microsoft Azure and Couchbase
 
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam BiradarIntroducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
 
Kubernetes ist der Hammer?!
Kubernetes ist der Hammer?!Kubernetes ist der Hammer?!
Kubernetes ist der Hammer?!
 
Microservices in Your Datacenter
Microservices in Your DatacenterMicroservices in Your Datacenter
Microservices in Your Datacenter
 
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017Deploying and scaling kubernetes using Rancher CNCF meetup June 2017
Deploying and scaling kubernetes using Rancher CNCF meetup June 2017
 
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...
Azure kubernetes service (aks) part 4 - Deploy multi-container app to AKS c...
 
CI CD with Docker and Kubernetes
CI CD with Docker and Kubernetes CI CD with Docker and Kubernetes
CI CD with Docker and Kubernetes
 
Beyond OpenStack | OpenStack in Real Life
Beyond OpenStack | OpenStack in Real LifeBeyond OpenStack | OpenStack in Real Life
Beyond OpenStack | OpenStack in Real Life
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub Actions
 
Deep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureDeep dive into Kubernetes on Azure
Deep dive into Kubernetes on Azure
 
Rilasci senza paura (o panico) con Azure DevOps
Rilasci senza paura (o panico) con Azure DevOpsRilasci senza paura (o panico) con Azure DevOps
Rilasci senza paura (o panico) con Azure DevOps
 
Debug and Monitor Multi-container Apps on AKS
Debug and Monitor Multi-container Apps on AKSDebug and Monitor Multi-container Apps on AKS
Debug and Monitor Multi-container Apps on AKS
 
Microsoft Azure News - September 2019
Microsoft Azure News - September 2019Microsoft Azure News - September 2019
Microsoft Azure News - September 2019
 
Deploy Elasticsearch Cluster on Kubernetes
Deploy Elasticsearch Cluster on KubernetesDeploy Elasticsearch Cluster on Kubernetes
Deploy Elasticsearch Cluster on Kubernetes
 
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOne
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOneMongoDB Days Silicon Valley: MongoDB and IBM LinuxOne
MongoDB Days Silicon Valley: MongoDB and IBM LinuxOne
 
Container Day - Seattle
Container Day - SeattleContainer Day - Seattle
Container Day - Seattle
 

Similaire à Progscon 2017 Operation Considerations for Containers

Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...Arif A.
 
56K.cloud Docker Training
56K.cloud Docker Training56K.cloud Docker Training
56K.cloud Docker TrainingBrian Christner
 
Google Cloud Platform and Kubernetes
Google Cloud Platform and KubernetesGoogle Cloud Platform and Kubernetes
Google Cloud Platform and KubernetesKasper Nissen
 
Security Patterns for Microservice Architectures - ADTMag Microservices & API...
Security Patterns for Microservice Architectures - ADTMag Microservices & API...Security Patterns for Microservice Architectures - ADTMag Microservices & API...
Security Patterns for Microservice Architectures - ADTMag Microservices & API...Matt Raible
 
Docker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker, Inc.
 
Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday Walid Shaari
 
Managing Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServiceManaging Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServicePedro Sousa
 
Containerd Donation to CNCF Cloud Native Conference Berlin 2017
Containerd Donation to CNCF Cloud Native Conference Berlin 2017Containerd Donation to CNCF Cloud Native Conference Berlin 2017
Containerd Donation to CNCF Cloud Native Conference Berlin 2017Patrick Chanezon
 
Microsoft Azure News - June 2017
Microsoft Azure News - June 2017Microsoft Azure News - June 2017
Microsoft Azure News - June 2017Daniel Toomey
 
The container ecosystem @ Microsoft A story of developer productivity
The container ecosystem @ Microsoft A story of developer productivityThe container ecosystem @ Microsoft A story of developer productivity
The container ecosystem @ Microsoft A story of developer productivityNills Franssens
 
Security Patterns for Microservice Architectures - SpringOne 2020
Security Patterns for Microservice Architectures - SpringOne 2020Security Patterns for Microservice Architectures - SpringOne 2020
Security Patterns for Microservice Architectures - SpringOne 2020Matt Raible
 
Security Patterns for Microservice Architectures
Security Patterns for Microservice ArchitecturesSecurity Patterns for Microservice Architectures
Security Patterns for Microservice ArchitecturesVMware Tanzu
 
StackEngine Problem Space Demo
StackEngine Problem Space DemoStackEngine Problem Space Demo
StackEngine Problem Space DemoBoyd Hemphill
 
Pulumi iac on gcp
Pulumi iac on gcpPulumi iac on gcp
Pulumi iac on gcpVishwas N
 
Dockercon 2015 - Faster Cheaper Safer
Dockercon 2015 - Faster Cheaper SaferDockercon 2015 - Faster Cheaper Safer
Dockercon 2015 - Faster Cheaper SaferAdrian Cockcroft
 
DockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, SaferDockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, SaferDocker, Inc.
 
Spring ing apps on amazon web services
Spring ing apps on amazon web servicesSpring ing apps on amazon web services
Spring ing apps on amazon web servicesVinay Shivaswamy
 

Similaire à Progscon 2017 Operation Considerations for Containers (20)

Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...
 
56K.cloud Docker Training
56K.cloud Docker Training56K.cloud Docker Training
56K.cloud Docker Training
 
Google Cloud Platform and Kubernetes
Google Cloud Platform and KubernetesGoogle Cloud Platform and Kubernetes
Google Cloud Platform and Kubernetes
 
Security Patterns for Microservice Architectures - ADTMag Microservices & API...
Security Patterns for Microservice Architectures - ADTMag Microservices & API...Security Patterns for Microservice Architectures - ADTMag Microservices & API...
Security Patterns for Microservice Architectures - ADTMag Microservices & API...
 
Docker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker Federal Summit 2017 General Session
Docker Federal Summit 2017 General Session
 
Microxchg Microservices
Microxchg MicroservicesMicroxchg Microservices
Microxchg Microservices
 
Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday
 
Managing Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServiceManaging Micro Services with Windows Container Service
Managing Micro Services with Windows Container Service
 
Containerd Donation to CNCF Cloud Native Conference Berlin 2017
Containerd Donation to CNCF Cloud Native Conference Berlin 2017Containerd Donation to CNCF Cloud Native Conference Berlin 2017
Containerd Donation to CNCF Cloud Native Conference Berlin 2017
 
Microsoft Azure News - June 2017
Microsoft Azure News - June 2017Microsoft Azure News - June 2017
Microsoft Azure News - June 2017
 
The container ecosystem @ Microsoft A story of developer productivity
The container ecosystem @ Microsoft A story of developer productivityThe container ecosystem @ Microsoft A story of developer productivity
The container ecosystem @ Microsoft A story of developer productivity
 
Security Patterns for Microservice Architectures - SpringOne 2020
Security Patterns for Microservice Architectures - SpringOne 2020Security Patterns for Microservice Architectures - SpringOne 2020
Security Patterns for Microservice Architectures - SpringOne 2020
 
Security Patterns for Microservice Architectures
Security Patterns for Microservice ArchitecturesSecurity Patterns for Microservice Architectures
Security Patterns for Microservice Architectures
 
The Future of Cloud Innovation, featuring Adrian Cockcroft
The Future of Cloud Innovation, featuring Adrian CockcroftThe Future of Cloud Innovation, featuring Adrian Cockcroft
The Future of Cloud Innovation, featuring Adrian Cockcroft
 
StackEngine Problem Space Demo
StackEngine Problem Space DemoStackEngine Problem Space Demo
StackEngine Problem Space Demo
 
Pulumi iac on gcp
Pulumi iac on gcpPulumi iac on gcp
Pulumi iac on gcp
 
Dockercon 2015 - Faster Cheaper Safer
Dockercon 2015 - Faster Cheaper SaferDockercon 2015 - Faster Cheaper Safer
Dockercon 2015 - Faster Cheaper Safer
 
IBM Containers- Bluemix
IBM Containers- BluemixIBM Containers- Bluemix
IBM Containers- Bluemix
 
DockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, SaferDockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, Safer
 
Spring ing apps on amazon web services
Spring ing apps on amazon web servicesSpring ing apps on amazon web services
Spring ing apps on amazon web services
 

Plus de Chris Swan

SOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF ScorecardsSOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF ScorecardsChris Swan
 
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdfAll Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdfChris Swan
 
Fluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-VFluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-VChris Swan
 
QConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an OrganisationQConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an OrganisationChris Swan
 
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and FlutterFlutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and FlutterChris Swan
 
QConSF 2022 - Backends in Dart
QConSF 2022 - Backends in DartQConSF 2022 - Backends in Dart
QConSF 2022 - Backends in DartChris Swan
 
London IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoTLondon IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoTChris Swan
 
Flutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and FlutterFlutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and FlutterChris Swan
 
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?Chris Swan
 
Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...Chris Swan
 
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and FlutterFlutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and FlutterChris Swan
 
Full Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open SourceFull Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open SourceChris Swan
 
Flutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack DartFlutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack DartChris Swan
 
Droidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack DartDroidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack DartChris Swan
 
Keeping a project going
Keeping a project goingKeeping a project going
Keeping a project goingChris Swan
 
Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021Chris Swan
 
TMS9995 on RC2014
TMS9995 on RC2014TMS9995 on RC2014
TMS9995 on RC2014Chris Swan
 
CloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 IntroCloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 IntroChris Swan
 
DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'Chris Swan
 
Cooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineeringCooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineeringChris Swan
 

Plus de Chris Swan (20)

SOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF ScorecardsSOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF Scorecards
 
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdfAll Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
 
Fluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-VFluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-V
 
QConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an OrganisationQConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an Organisation
 
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and FlutterFlutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
 
QConSF 2022 - Backends in Dart
QConSF 2022 - Backends in DartQConSF 2022 - Backends in Dart
QConSF 2022 - Backends in Dart
 
London IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoTLondon IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoT
 
Flutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and FlutterFlutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and Flutter
 
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
 
Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...
 
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and FlutterFlutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
 
Full Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open SourceFull Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open Source
 
Flutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack DartFlutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack Dart
 
Droidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack DartDroidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack Dart
 
Keeping a project going
Keeping a project goingKeeping a project going
Keeping a project going
 
Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021
 
TMS9995 on RC2014
TMS9995 on RC2014TMS9995 on RC2014
TMS9995 on RC2014
 
CloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 IntroCloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 Intro
 
DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'
 
Cooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineeringCooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineering
 

Dernier

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Dernier (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

Progscon 2017 Operation Considerations for Containers

  • 1. May 3, 2017 Operational Considerations for Containers Chris Swan VP, CTO Global Delivery Organisation
  • 2. May 3, 2017 With thanks to Ian Miell ‘A Checklist for Docker in the Enterprise’ was the inspiration for this talk https://zwischenzugs.wordpress.com/2016/07/08/a-checklist-for-docker-in-the-enterprise/ Shortlink: is.gd/IMDoCL Ian Miell Docker Check List
  • 3. May 3, 2017 Why me? Using Docker since v0.53 (summer of 2013). Built Docker in to a commercial networking platform as its plugin mechanism in early 2014 (with customers in production before v1.0 launch at first DockerCon). Now using containers to help reskill a 120,000 strong delivery organisation for a world of Infrastructure as Code.
  • 4. May 3, 2017 ‘Installation is a software hate crime’ Pat Kerpan (then Borland CTO) c. 2004
  • 5. May 3, 2017 The Containers Learning Cliff Credit: Michael Ducy @mfdii https://twitter.com/mfdii/status/697532387240996864
  • 6. May 3, 2017 Images Registry Scanning Image Building Image Integrity Base Images Third Party Images SDLC Secrets Some (but not all) of this can be handled by Docker Trusted Registry (DTR) or Docker Cloud
  • 7. May 3, 2017 Operations Provisioning (Orchestration) Config Management (Inside and Out) Monitoring Logging Or use a PaaS?
  • 8. May 3, 2017 Security and Audit docker == root Security Monitoring Forensics The CIS Docker Security Benchmark has guidance for host config, container config etc. Many aspects can be checked with the DockerBench tool
  • 9. May 3, 2017 Development Dev Environments CI/CD
  • 10. May 3, 2017 Infrastructure Shared Storage Networking PaaS Cloud Providers
  • 11. May 3, 2017 Images Registry Scanning Image Building Image Integrity Base Images Third Party Images SDLC Secrets Security & Audit docker == root Monitoring Forensics Operations Provisioning Config Management Monitoring Logging Development Dev Environments CI/CD Infrastructure Shared Storage Networking PaaS Cloud Providers Review
  • 12. May 3, 2017 ImagesLibraries Registry Scanning Image Building Image Integrity Base Images Third Party Images SDLC Secrets Security & Audit docker == root Monitoring Forensics Operations Provisioning Config Management Monitoring Logging Development Dev Environments CI/CD Infrastructure Shared Storage Networking PaaS Cloud Providers Coda - what does ServerLess take away?