SlideShare une entreprise Scribd logo
1  sur  20
Télécharger pour lire hors ligne
Dockercon Recap
Evan Hazlett
@ehazlett
Dockercon: Announcements
• Docker in Production
• Security
• Networking and Plugins
• RunC
• Docker Release 1.7
• OpenContainer Project
Docker in Production
• Tremendous Community & Partner Ecosystem
• Extensible and Pluggable
• Roadmap
• Security
• Orchestration
• Networking and Storage
• Deployment and Management Workflows
Security
• Least Privilege Microservices
• Service Profiles: access to only resources needed (API, etc)
• Process Monitoring
• Fine-grained Access Control
• Namespaces
• Cgroups
• Linux Security Modules (AppArmor, SELinux)
• Per container ulimit
• User namespaces (remap root coming in 1.8)
• Seccomp: syscall filtering (coming)
Security (cont.)
• DockerBench: Security Benchmark Tool
• https://github.com/docker/docker-bench-security
• Notary: Secure Content Distribution
• https://github.com/docker/notary
Networking and Plugins
Networking
• Multi-host networking out of the box
• Builtin Micro Segmentation
• Create Virtual Networks of any Topology
• Enforce Security Policies
• Probes and Firewalls
• Built on industry standards
• Standardized Service Discovery
• API (coming)
Plugins
• Initial Extension Points
• Network
• Volume
• Scheduler
• Service Discovery
• ...more to come
RunC
RunC
• Universal Container Runtime
• Docker’s Container Management; nothing else
• Lightweight
• Battle Tested and Production Ready
• Supports selinux, apparmor, cgroups, seccomp,
namespaces
• User namespaces
• Live Migration
• Microsoft contributing Windows support
• Arm support coming
• https://runc.io
Docker Release 1.7
Docker Engine 1.7
• Experimental Binary
• Built and distributed nightly
• Bleeding edge features
• Initial Experimental Features
• New networking
• Network Plugins
• Volume Plugins
Docker Engine 1.7 (cont.)
• Network Stack
• libnetwork: new API for container networking
• https://github.com/docker/libnetwork
• Disable userland proxy
• Huge performance for port publishing
• ZFS driver
• Build Quota: docker build --cpu-quota
• Build Branch: docker build https://github.com/user/repo#branch
Docker Machine 0.3
• Generic Driver
• Provision any host with SSH
• Exoscale Driver
• Specify custom Engine and Swarm options
• Swarm Provisioning out of experimental
• Specify custom Engine and Swarm Versions
Docker Swarm 0.3
• Multi-tenancy
• Leader Election and Replication (experimental); requires external service
discovery
• Node Removal
• Mesos Integration
• Improved Builtin Scheduler
• Better Docker Remote API Parity
• docker load
• docker build
• docker save
Docker Compose 1.3.0
• Performance and stability
• More config option support for Engine
• New feature (experimental): Smart Recreate
• Only recreate containers whose configuration has changed
• docker-compose up -x-smart-recreate
• Will become default
OpenContainer Project
OpenContainer Project
• OCF: universal intermediary format for OS containers
• Docker dontated RunC to Open Container Project
• RunC is the OCF reference implementation
• Founding Members:
Thank You!
● Notary: https://github.com/docker/notary
● DockerBench: http://dockerbench.com
● Engine: https://github.com/docker/docker
● Machine: https://github.com/docker/machine
● Swarm: https://github.com/docker/swarm
● Compose: https://github.com/docker/compose
● RunC: https://github.com/opencontainers/runc
● Network: https://github.com/docker/libnetwork
● OpenContainer Project: http://opencontainers.org
Thank you!
Evan Hazlett
@ehazlett

Contenu connexe

Tendances

An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to KubernetesRohman Muhamad
 
DockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developersDockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developersDocker-Hanoi
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesAjeet Singh Raina
 
DockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring DockerDockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring DockerDocker, Inc.
 
DockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep DiveDockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep DiveDocker, Inc.
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKitDocker, Inc.
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature OverviewSreenivas Makam
 
Swarm docker bangalore_meetup
Swarm docker bangalore_meetupSwarm docker bangalore_meetup
Swarm docker bangalore_meetupArunan Rabindran
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker, Inc.
 
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache StratosContainers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache StratosLakmal Warusawithana
 
K8s security best practices
K8s security best practicesK8s security best practices
K8s security best practicesSharon Vendrov
 
DockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDocker, Inc.
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerDocker, Inc.
 
DockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life ObservationsDockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life ObservationsDocker, Inc.
 
Fluentd and docker monitoring
Fluentd and docker monitoringFluentd and docker monitoring
Fluentd and docker monitoringVinay Krishna
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitDocker, Inc.
 
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)Docker, Inc.
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and PluginsDockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and PluginsArnaud Porterie
 

Tendances (20)

An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
 
DockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developersDockerDay2015: Docker orchestration for developers
DockerDay2015: Docker orchestration for developers
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notes
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
 
DockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring DockerDockerCon EU 2015: Monitoring Docker
DockerCon EU 2015: Monitoring Docker
 
DockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep DiveDockerCon EU 2015: Docker Networking Deep Dive
DockerCon EU 2015: Docker Networking Deep Dive
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKit
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
 
Swarm docker bangalore_meetup
Swarm docker bangalore_meetupSwarm docker bangalore_meetup
Swarm docker bangalore_meetup
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
 
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache StratosContainers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
 
K8s security best practices
K8s security best practicesK8s security best practices
K8s security best practices
 
DockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker Security
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and Docker
 
DockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life ObservationsDockerCon EU 2015: Nesting Containers: Real Life Observations
DockerCon EU 2015: Nesting Containers: Real Life Observations
 
Fluentd and docker monitoring
Fluentd and docker monitoringFluentd and docker monitoring
Fluentd and docker monitoring
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKit
 
Docker practical solutions
Docker practical solutionsDocker practical solutions
Docker practical solutions
 
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and PluginsDockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
 

Similaire à Dockercon 2015 Recap

IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM France Lab
 
DockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDocker, Inc.
 
DockerCon US 2015 - Engine Breakout Session
DockerCon US 2015 - Engine Breakout SessionDockerCon US 2015 - Engine Breakout Session
DockerCon US 2015 - Engine Breakout SessionArnaud Porterie
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Patrick Chanezon
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container SecuritySuraj Khetani
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaRoman Dembitsky
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker IntroductionPeng Xiao
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetesDongwon Kim
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerInstruqt
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introductionJason Hu
 
Best Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBest Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBlueData, Inc.
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016Patrick Chanezon
 
Docker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSDocker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSFrank Munz
 
Containers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesContainers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesShreyas MM
 
Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA Docker, Inc.
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and BeyondBlack Duck by Synopsys
 
A Tail of Two Containers: How docker made ci great again
A Tail of Two Containers: How docker made ci great againA Tail of Two Containers: How docker made ci great again
A Tail of Two Containers: How docker made ci great againKyle Rames
 

Similaire à Dockercon 2015 Recap (20)

IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
 
DockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout Session
 
DockerCon US 2015 - Engine Breakout Session
DockerCon US 2015 - Engine Breakout SessionDockerCon US 2015 - Engine Breakout Session
DockerCon US 2015 - Engine Breakout Session
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container Security
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 Barcelona
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Adf with docker
Adf with dockerAdf with docker
Adf with docker
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introduction
 
Best Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBest Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker Containers
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
 
Docker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSDocker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCS
 
Docker Basics
Docker BasicsDocker Basics
Docker Basics
 
Docker
DockerDocker
Docker
 
Containers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesContainers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to Kubernetes
 
Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA Docker Online Meetup #29: Docker Networking is Now GA
Docker Online Meetup #29: Docker Networking is Now GA
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond
 
A Tail of Two Containers: How docker made ci great again
A Tail of Two Containers: How docker made ci great againA Tail of Two Containers: How docker made ci great again
A Tail of Two Containers: How docker made ci great again
 

Dernier

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 

Dernier (20)

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 

Dockercon 2015 Recap

  • 2. Dockercon: Announcements • Docker in Production • Security • Networking and Plugins • RunC • Docker Release 1.7 • OpenContainer Project
  • 3. Docker in Production • Tremendous Community & Partner Ecosystem • Extensible and Pluggable • Roadmap • Security • Orchestration • Networking and Storage • Deployment and Management Workflows
  • 4. Security • Least Privilege Microservices • Service Profiles: access to only resources needed (API, etc) • Process Monitoring • Fine-grained Access Control • Namespaces • Cgroups • Linux Security Modules (AppArmor, SELinux) • Per container ulimit • User namespaces (remap root coming in 1.8) • Seccomp: syscall filtering (coming)
  • 5. Security (cont.) • DockerBench: Security Benchmark Tool • https://github.com/docker/docker-bench-security • Notary: Secure Content Distribution • https://github.com/docker/notary
  • 7. Networking • Multi-host networking out of the box • Builtin Micro Segmentation • Create Virtual Networks of any Topology • Enforce Security Policies • Probes and Firewalls • Built on industry standards • Standardized Service Discovery • API (coming)
  • 8. Plugins • Initial Extension Points • Network • Volume • Scheduler • Service Discovery • ...more to come
  • 10. RunC • Universal Container Runtime • Docker’s Container Management; nothing else • Lightweight • Battle Tested and Production Ready • Supports selinux, apparmor, cgroups, seccomp, namespaces • User namespaces • Live Migration • Microsoft contributing Windows support • Arm support coming • https://runc.io
  • 12. Docker Engine 1.7 • Experimental Binary • Built and distributed nightly • Bleeding edge features • Initial Experimental Features • New networking • Network Plugins • Volume Plugins
  • 13. Docker Engine 1.7 (cont.) • Network Stack • libnetwork: new API for container networking • https://github.com/docker/libnetwork • Disable userland proxy • Huge performance for port publishing • ZFS driver • Build Quota: docker build --cpu-quota • Build Branch: docker build https://github.com/user/repo#branch
  • 14. Docker Machine 0.3 • Generic Driver • Provision any host with SSH • Exoscale Driver • Specify custom Engine and Swarm options • Swarm Provisioning out of experimental • Specify custom Engine and Swarm Versions
  • 15. Docker Swarm 0.3 • Multi-tenancy • Leader Election and Replication (experimental); requires external service discovery • Node Removal • Mesos Integration • Improved Builtin Scheduler • Better Docker Remote API Parity • docker load • docker build • docker save
  • 16. Docker Compose 1.3.0 • Performance and stability • More config option support for Engine • New feature (experimental): Smart Recreate • Only recreate containers whose configuration has changed • docker-compose up -x-smart-recreate • Will become default
  • 18. OpenContainer Project • OCF: universal intermediary format for OS containers • Docker dontated RunC to Open Container Project • RunC is the OCF reference implementation • Founding Members:
  • 19. Thank You! ● Notary: https://github.com/docker/notary ● DockerBench: http://dockerbench.com ● Engine: https://github.com/docker/docker ● Machine: https://github.com/docker/machine ● Swarm: https://github.com/docker/swarm ● Compose: https://github.com/docker/compose ● RunC: https://github.com/opencontainers/runc ● Network: https://github.com/docker/libnetwork ● OpenContainer Project: http://opencontainers.org