SlideShare a Scribd company logo

Docker for the enterprise

Download as PPTX, PDF
Bert Poller, profile picture
Bert Poller

The document discusses the challenges and strategic needs faced by enterprises in adopting modern development practices, particularly regarding agility, delivery speed, and data management. It emphasizes the importance of aligning development and operations objectives while advocating for the adoption of Docker as a tool to create an agile and efficient infrastructure. The document outlines how Docker offers benefits such as rapid deployment, portability, and improved resource utilization, encouraging enterprises to adopt a container-based approach to modernize their operations.

Technology
Related topics:
Cloud Computing Insights
1 of 51
Downloaded 32 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
Docker for the Enterprise @bertpoller ekito
Your Enterprise
Today’s strategic challenges Business Agility, Increased pace of delivery, Customer satisfaction • Low MTBIAMSH (Mean Time Between Idea and making Stuff happen)
Today’s strategic challenges Multiplication of smaller bespoke applications • WOA, SOA, Micro Services • Multiplication of front ends • Products are SaaS newly instantiated for each new customer
Today’s strategic challenges Ever increasing volumes of data and processing • Limited data center capacity • Ops efforts scale at best linearly with increased volume • Push for cloud deployments: private + public
Obstacles to overcome WaterScrumFall • Dev teams adopt iterative methodologies • The organization as a whole cannot keep up with Dev Team pace • Symptoms • Delivery to production still takes weeks • Upfront IT resource provisioning at the beginning of a project • Ticket based IT services deemed too slow for Dev teams • Difficulties in maintaining IT services catalogues with ever changing demands http://bit.ly/waterscrumfall
Obstacles to overcome Unaligned objectives and incentives between Devs and Ops • Devs seek implementing new features and hence introduce change • Ops seek stability, robustness, availability of systems they manage
Obstacles to overcome Hybrid clouds are complex • Different operating models between public cloud providers and private clouds • No real private cloud infrastructure • A Virtualized server infrastructure is not a private cloud
Keys to solve these challenges Break up organizational silos • Think in terms of products not projects • Construct multidisciplinary teams around products • Make Devs and Ops cooperate in these teams • But also other business stake holders
Keys to solve these challenges Align Dev and Ops objectives; increase customer satisfaction • Error Budget = 100% Availability – Service Level Objective • Use budget for • Feature changes and functional regressions (Dev) • Service Reliability Engineering (Ops) • When the error budget is consumed • New features must wait until the budget is recharged • Only bug fixes go into production
Keys to solve these challenges Construct an agile self-service infrastructure platform
Docker to the rescue
The challenge Source : https://github.com/mfilotto/docker-presentation/
Containers… Source : https://github.com/mfilotto/docker-presentation/
A Container System for Code Source : https://github.com/mfilotto/docker-presentation/
But we’ve got virtualization already like in…VMWare
Virtualization vs. Containers Virtualization Containers Containers are isolated but share OS and bins/ libraries, where appropriate
Isolation using Linux Features namespaces • pid, • mnt, • net, • uts, • Ipc, • user cgroups • memory • cpu • blkio • devices
Docker appeals for its… • Deployment Speed / Agility – minimal requirements for running the application, enabling quick and lightweight deployment • Portability – Independent self-sufficient application bundles Run across machines without compatibility issues • Reuse – Versioning, archiving, sharing, roll backs to previous versions of an application. Platform configurations as code • Efficiency - compared to classical virtualization, workloads can be run at higher densities thanks to avoided OS overhead Source: https://www.upguard.com/articles/docker-vs.-vmware-how-do-they-stack-up
Trade off … Speed vs. Isolation • Shared kernel between containers • OS-based isolation vs. hardware-based isolation in classical virtualization • Detractors often use this as argument for saying : “Docker is not safe”
Docker is not safe - well, Really ? Are all your VMs 100% up to date? Really? • VMs present a larger attack surface than Linux containers • Contaminated containers can be quickly destroyed and restarted • Docker tools allow for end to end security policy enforcement – for all containers (layered build approach, build automation, security scanning, trusted registries, container scheduling)
Trade off… Ephemeral vs. Stateful workloads • Docker works best with stateless applications • Every application must eventually persist its state (Databases) • Additional efforts and planning is required when setting up a multi-node production level Docker cluster
Isn’t this a bit like Java EE or OSGI ?
Isn’t this a bit like Java EE or OSGI ? EARs, WARs, JARs package applications in deployment artifacts • Middleware centric – you need an application server • Limited to Java eco system • Programming language lock-in • Programming model lock-in (Java EE / OSGI) • Also applies to more recent packaging formats, such as WebPacks
Ok but I’m already using Heroku… • PaaS • Build packs : Java, Node, Ruby,… • Intuitive UI / UX … nice ! • Source code is held in the repository - no built artifact • Docker • Is a shipping format • Can be used with Docker tool chain to build a more generic PaaS / CaaS
XaaS – Pyramid Software as a Service Platform as a Service Infrastructure as a Service Container as a Service Too high Too low Product Teams IT Ops Team
Docker Mission
Image Layers
Service Composition
Docker Mission
Docker Trusted Registry
Example CI / CD pipeline
Circle CI
Security Governance Its like a virus scanner for built containers • Can be integrated in your CI/CD pipeline • Scans for threads in defined policy files and CVC databases • Docker Security Scanning • CoreOS Clair • OpenSCAP container compliance • Redhat Atomic Scan • …
Docker Mission
Running a CaaS infrastructure
Linux Container Ecosystem
Docker Cluster Orchestration
Services, Routing and Load Balancing S_1 S_2 LB Overlay network App Scale Docker Host Docker Host Docker Host Service The scalable service pattern
Services, Routing and Load Balancing The scalable service pattern • Services scale instances of a container across the cluster • Comprises a load balancer and an overlay network to connect containers • Allows things like rolling updates and rollbacks • Exists in many schedulers: Kubernetes, Mesos… • Was introduced in Docker V1.12 Swarm mode • Not compatible with Docker Compose • Requires new Distributed Application Bundle – still experimental
Services, Routing and Load Balancing • Workaround prior to Docker 1.12 compatible with Compose V2
Services, Routing and Load Balancing Domain based routing
Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network Local storage local local local
Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB ??? Local storage local local
Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB Data Sync Volume plugin Volume plugin Volume plugin Volume plugin, distributed or externalized storage
Persistent workloads • Usage of volume plugins is encouraged • Decouples Product Teams from underlying storage solution • Connect to external block storage (SAN, NAS, Cloud Provider Block Storage) • Network based file systems between Docker Hosts • GlusterFS, Flocker, Infinit.sh, PortWorx, CEPH
PaaS style self service access • For Product Teams • Intuitive UI / UX experience • Role based access (RBAC) integration with Enterprise IAM • Groups, virtual environments • Integrates with private repositories, CI/CD • OpenShift, Rancher, Docker Datacenter…
Conclusion
Conclusion • Docker = Linux Containers + a Complete toolset • Large eco system (Kubernetes, MesoSphere, CoreOS, Rancher…) • Orchestration engine choice depends on your use cases • Limited risk on vendor lock-in: Docker Containers are de facto standard • Instead of growing your own cluster, see what the ecosystem can provide • Start small, grow steadily
Docker for the enterprise
Ils nous font confiance

More Related Content

PDF
Alibaba Cloud Conference 2016 - Docker Enterprise
John Willis
 
PDF
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
PDF
Containers, microservices and serverless for realists
Karthik Gaekwad
 
PDF
Cloud Native Patterns with Bluemix Developer Console
Matthew Perrins
 
PDF
Containers and microservices for realists
Karthik Gaekwad
 
PPTX
Delivering Developer Tools at Scale
Oracle Developers
 
PDF
JavaOne Latin America - DevOps with Containers for Java
Jelastic Multi-Cloud PaaS
 
PPTX
Oracle Code Keynote with Thomas Kurian
Oracle Developers
 
Alibaba Cloud Conference 2016 - Docker Enterprise
John Willis
 
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
Containers, microservices and serverless for realists
Karthik Gaekwad
 
Cloud Native Patterns with Bluemix Developer Console
Matthew Perrins
 
Containers and microservices for realists
Karthik Gaekwad
 
Delivering Developer Tools at Scale
Oracle Developers
 
JavaOne Latin America - DevOps with Containers for Java
Jelastic Multi-Cloud PaaS
 
Oracle Code Keynote with Thomas Kurian
Oracle Developers
 

What's hot (20)

PPTX
Hypervisor "versus" Linux Containers with Docker !
Francisco Gonçalves
 
PDF
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
Mario-Leander Reimer
 
PDF
As a Service: Cloud Foundry on OpenStack - Lessons Learnt
Animesh Singh
 
PDF
DockerCon SF 2015: Ben Golub's Keynote Day 1
Docker, Inc.
 
PPTX
Introduction to Microservices and Cloud Native Application Architecture
David Currie
 
PDF
Getting Started with Docker - Nick Stinemates
Atlassian
 
PDF
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Docker, Inc.
 
PDF
DockerPenang Meetup#1
Sujay Pillai
 
PPTX
Cloud Foundry Vancouver Meetup July 2016
Stuart Charlton
 
PPTX
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Lucas Jellema
 
PDF
introduction to micro services
Spyros Lambrinidis
 
PDF
Platform Clouds, Containers, Immutable Infrastructure Oh My!
Stuart Charlton
 
PDF
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Animesh Singh
 
PDF
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Derek Ashmore
 
PDF
Docker Datacenter - CaaS
Harish Jayakumar
 
PPTX
Webinar Docker Tri Series
Newt Global Consulting LLC
 
PPTX
DockerCon 15 Keynote - Day 2
Docker, Inc.
 
PDF
Cloud Foundry BOSH CPI for OpenStack
Animesh Singh
 
PDF
Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic Multi-Cloud PaaS
 
PDF
Cloud foundry Docker Openstack - Leading Open Source Triumvirate
Animesh Singh
 
Hypervisor "versus" Linux Containers with Docker !
Francisco Gonçalves
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
Mario-Leander Reimer
 
As a Service: Cloud Foundry on OpenStack - Lessons Learnt
Animesh Singh
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
Docker, Inc.
 
Introduction to Microservices and Cloud Native Application Architecture
David Currie
 
Getting Started with Docker - Nick Stinemates
Atlassian
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Docker, Inc.
 
DockerPenang Meetup#1
Sujay Pillai
 
Cloud Foundry Vancouver Meetup July 2016
Stuart Charlton
 
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Lucas Jellema
 
introduction to micro services
Spyros Lambrinidis
 
Platform Clouds, Containers, Immutable Infrastructure Oh My!
Stuart Charlton
 
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Animesh Singh
 
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Derek Ashmore
 
Docker Datacenter - CaaS
Harish Jayakumar
 
Webinar Docker Tri Series
Newt Global Consulting LLC
 
DockerCon 15 Keynote - Day 2
Docker, Inc.
 
Cloud Foundry BOSH CPI for OpenStack
Animesh Singh
 
Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic Multi-Cloud PaaS
 
Cloud foundry Docker Openstack - Leading Open Source Triumvirate
Animesh Singh
 
Ad

Viewers also liked (11)

PPTX
Addressing security concerns through BPM
Alexander SAMARIN
 
PDF
Presentation websockets
Bert Poller
 
PPTX
Corba model ppt
Saransh Garg
 
PPTX
Docker & aPaaS: Enterprise Innovation and Trends for 2015
WaveMaker, Inc.
 
PPTX
The missing piece : when Docker networking and services finally unleashes so...
Adrien Blind
 
PPTX
Docker Meetup Paris: enterprise Docker
Arnaud MAZIN
 
PPTX
Better application architecture with #microservices and #BPM (as APaaS)
Alexander SAMARIN
 
PDF
Common Object Request Broker Architecture - CORBA
Peter R. Egli
 
PPTX
Corba concepts & corba architecture
nupurmakhija1211
 
PPTX
La mediación escolar_rosa_garcia_mendive
rosagarciamendive
 
PPTX
Docker Online Meetup: Announcing Docker CE + EE
Docker, Inc.
 
Addressing security concerns through BPM
Alexander SAMARIN
 
Presentation websockets
Bert Poller
 
Corba model ppt
Saransh Garg
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
WaveMaker, Inc.
 
The missing piece : when Docker networking and services finally unleashes so...
Adrien Blind
 
Docker Meetup Paris: enterprise Docker
Arnaud MAZIN
 
Better application architecture with #microservices and #BPM (as APaaS)
Alexander SAMARIN
 
Common Object Request Broker Architecture - CORBA
Peter R. Egli
 
Corba concepts & corba architecture
nupurmakhija1211
 
La mediación escolar_rosa_garcia_mendive
rosagarciamendive
 
Docker Online Meetup: Announcing Docker CE + EE
Docker, Inc.
 
Ad

Similar to Docker for the enterprise (20)

PDF
Docker in Production at the Aurora Team
Haufe-Lexware GmbH & Co KG
 
PPTX
Docker Enterprise Workshop - Intro
Patrick Chanezon
 
PPTX
Docker-N-Beyond
santosh007
 
PDF
Docker in Production: How RightScale Delivers Cloud Applications
RightScale
 
PPTX
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
PDF
“Containerizing” applications with Docker: Ecosystem and Tools
Francisco Javier Ramírez Urea
 
PDF
Docker in the Enterprise
Saul Caganoff
 
PDF
DCEU 18: How To Build Your Containerization Strategy
Docker, Inc.
 
PDF
Microservices Docker @Bonn Agile
Timo Derstappen
 
PPTX
Understanding docker ecosystem and vulnerabilities points
Abdul Khan
 
PDF
Rami Sayar - Node microservices with Docker
Web à Québec
 
PDF
Powering Microservices with Docker
Cognizant
 
PDF
Microservices. Microservices everywhere! (At OSCON 2015)
Jérôme Petazzoni
 
ODP
The journey to container adoption in enterprise
Igor Moochnick
 
PPTX
The Enterprise IT Checklist for Docker Operations
Nicola Kabar
 
PDF
Docker-v3.pdf
Bruno Cornec
 
PDF
'Dockerizing' within enterprises
Harish Jayakumar
 
PDF
Docker dev ops for cd meetup 12-14
Simon Storm
 
PPTX
State of the Container Ecosystem
Vinay Rao
 
PDF
Containers and Microservices for Realists
Oracle Developers
 
Docker in Production at the Aurora Team
Haufe-Lexware GmbH & Co KG
 
Docker Enterprise Workshop - Intro
Patrick Chanezon
 
Docker-N-Beyond
santosh007
 
Docker in Production: How RightScale Delivers Cloud Applications
RightScale
 
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
“Containerizing” applications with Docker: Ecosystem and Tools
Francisco Javier Ramírez Urea
 
Docker in the Enterprise
Saul Caganoff
 
DCEU 18: How To Build Your Containerization Strategy
Docker, Inc.
 
Microservices Docker @Bonn Agile
Timo Derstappen
 
Understanding docker ecosystem and vulnerabilities points
Abdul Khan
 
Rami Sayar - Node microservices with Docker
Web à Québec
 
Powering Microservices with Docker
Cognizant
 
Microservices. Microservices everywhere! (At OSCON 2015)
Jérôme Petazzoni
 
The journey to container adoption in enterprise
Igor Moochnick
 
The Enterprise IT Checklist for Docker Operations
Nicola Kabar
 
Docker-v3.pdf
Bruno Cornec
 
'Dockerizing' within enterprises
Harish Jayakumar
 
Docker dev ops for cd meetup 12-14
Simon Storm
 
State of the Container Ecosystem
Vinay Rao
 
Containers and Microservices for Realists
Oracle Developers
 

Recently uploaded (20)

PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Encapsulation theory and applications.pdf
gurumoop
 
A Presentation on Artificial Intelligence
memembruh336
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Teaching material agriculture food technology
LiaRayya
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 

Docker for the enterprise

  • 1. Docker for the Enterprise @bertpoller ekito
  • 3. Today’s strategic challenges Business Agility, Increased pace of delivery, Customer satisfaction • Low MTBIAMSH (Mean Time Between Idea and making Stuff happen)
  • 4. Today’s strategic challenges Multiplication of smaller bespoke applications • WOA, SOA, Micro Services • Multiplication of front ends • Products are SaaS newly instantiated for each new customer
  • 5. Today’s strategic challenges Ever increasing volumes of data and processing • Limited data center capacity • Ops efforts scale at best linearly with increased volume • Push for cloud deployments: private + public
  • 6. Obstacles to overcome WaterScrumFall • Dev teams adopt iterative methodologies • The organization as a whole cannot keep up with Dev Team pace • Symptoms • Delivery to production still takes weeks • Upfront IT resource provisioning at the beginning of a project • Ticket based IT services deemed too slow for Dev teams • Difficulties in maintaining IT services catalogues with ever changing demands http://bit.ly/waterscrumfall
  • 7. Obstacles to overcome Unaligned objectives and incentives between Devs and Ops • Devs seek implementing new features and hence introduce change • Ops seek stability, robustness, availability of systems they manage
  • 8. Obstacles to overcome Hybrid clouds are complex • Different operating models between public cloud providers and private clouds • No real private cloud infrastructure • A Virtualized server infrastructure is not a private cloud
  • 9. Keys to solve these challenges Break up organizational silos • Think in terms of products not projects • Construct multidisciplinary teams around products • Make Devs and Ops cooperate in these teams • But also other business stake holders
  • 10. Keys to solve these challenges Align Dev and Ops objectives; increase customer satisfaction • Error Budget = 100% Availability – Service Level Objective • Use budget for • Feature changes and functional regressions (Dev) • Service Reliability Engineering (Ops) • When the error budget is consumed • New features must wait until the budget is recharged • Only bug fixes go into production
  • 11. Keys to solve these challenges Construct an agile self-service infrastructure platform
  • 12. Docker to the rescue
  • 13. The challenge Source : https://github.com/mfilotto/docker-presentation/
  • 15. A Container System for Code Source : https://github.com/mfilotto/docker-presentation/
  • 16. But we’ve got virtualization already like in…VMWare
  • 17. Virtualization vs. Containers Virtualization Containers Containers are isolated but share OS and bins/ libraries, where appropriate
  • 18. Isolation using Linux Features namespaces • pid, • mnt, • net, • uts, • Ipc, • user cgroups • memory • cpu • blkio • devices
  • 19. Docker appeals for its… • Deployment Speed / Agility – minimal requirements for running the application, enabling quick and lightweight deployment • Portability – Independent self-sufficient application bundles Run across machines without compatibility issues • Reuse – Versioning, archiving, sharing, roll backs to previous versions of an application. Platform configurations as code • Efficiency - compared to classical virtualization, workloads can be run at higher densities thanks to avoided OS overhead Source: https://www.upguard.com/articles/docker-vs.-vmware-how-do-they-stack-up
  • 20. Trade off … Speed vs. Isolation • Shared kernel between containers • OS-based isolation vs. hardware-based isolation in classical virtualization • Detractors often use this as argument for saying : “Docker is not safe”
  • 21. Docker is not safe - well, Really ? Are all your VMs 100% up to date? Really? • VMs present a larger attack surface than Linux containers • Contaminated containers can be quickly destroyed and restarted • Docker tools allow for end to end security policy enforcement – for all containers (layered build approach, build automation, security scanning, trusted registries, container scheduling)
  • 22. Trade off… Ephemeral vs. Stateful workloads • Docker works best with stateless applications • Every application must eventually persist its state (Databases) • Additional efforts and planning is required when setting up a multi-node production level Docker cluster
  • 23. Isn’t this a bit like Java EE or OSGI ?
  • 24. Isn’t this a bit like Java EE or OSGI ? EARs, WARs, JARs package applications in deployment artifacts • Middleware centric – you need an application server • Limited to Java eco system • Programming language lock-in • Programming model lock-in (Java EE / OSGI) • Also applies to more recent packaging formats, such as WebPacks
  • 25. Ok but I’m already using Heroku… • PaaS • Build packs : Java, Node, Ruby,… • Intuitive UI / UX … nice ! • Source code is held in the repository - no built artifact • Docker • Is a shipping format • Can be used with Docker tool chain to build a more generic PaaS / CaaS
  • 26. XaaS – Pyramid Software as a Service Platform as a Service Infrastructure as a Service Container as a Service Too high Too low Product Teams IT Ops Team
  • 32. Example CI / CD pipeline
  • 34. Security Governance Its like a virus scanner for built containers • Can be integrated in your CI/CD pipeline • Scans for threads in defined policy files and CVC databases • Docker Security Scanning • CoreOS Clair • OpenSCAP container compliance • Redhat Atomic Scan • …
  • 36. Running a CaaS infrastructure
  • 39. Services, Routing and Load Balancing S_1 S_2 LB Overlay network App Scale Docker Host Docker Host Docker Host Service The scalable service pattern
  • 40. Services, Routing and Load Balancing The scalable service pattern • Services scale instances of a container across the cluster • Comprises a load balancer and an overlay network to connect containers • Allows things like rolling updates and rollbacks • Exists in many schedulers: Kubernetes, Mesos… • Was introduced in Docker V1.12 Swarm mode • Not compatible with Docker Compose • Requires new Distributed Application Bundle – still experimental
  • 41. Services, Routing and Load Balancing • Workaround prior to Docker 1.12 compatible with Compose V2
  • 42. Services, Routing and Load Balancing Domain based routing
  • 43. Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network Local storage local local local
  • 44. Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB ??? Local storage local local
  • 45. Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB Data Sync Volume plugin Volume plugin Volume plugin Volume plugin, distributed or externalized storage
  • 46. Persistent workloads • Usage of volume plugins is encouraged • Decouples Product Teams from underlying storage solution • Connect to external block storage (SAN, NAS, Cloud Provider Block Storage) • Network based file systems between Docker Hosts • GlusterFS, Flocker, Infinit.sh, PortWorx, CEPH
  • 47. PaaS style self service access • For Product Teams • Intuitive UI / UX experience • Role based access (RBAC) integration with Enterprise IAM • Groups, virtual environments • Integrates with private repositories, CI/CD • OpenShift, Rancher, Docker Datacenter…
  • 49. Conclusion • Docker = Linux Containers + a Complete toolset • Large eco system (Kubernetes, MesoSphere, CoreOS, Rancher…) • Orchestration engine choice depends on your use cases • Limited risk on vendor lock-in: Docker Containers are de facto standard • Instead of growing your own cluster, see what the ecosystem can provide • Start small, grow steadily
  • 51. Ils nous font confiance