Docker Enterprise Edition Overview

Steven Thwaites - Technical Solutions Engineer

Modern Application Initiatives

Cloud

App Modernization

80%Have a hybrid cloud

strategy

3 out 4 Top initiatives revolve around applications

44%Looking to adopt

DevOpsDevOps

Docker is the only Containers-as-a-Service platform for IT that manages and secures diverse applications across disparate infrastructure, both on-premises and in the cloud

Multi-Architecture Operations

Infrastructure Independence

Secure Software Supply Chain

COST SAVINGS

Linux Mainframe AWS Azure Other Public Clouds

Windows

ENGINE FOR INNOVATION

DOCKER ENTERPRISE EDITION

Evolution of the Docker Platform

A project spun out of a PaaS

2013

Developer Community

Need to experiment and innovate with leading edge tech

Evolution of the Docker Platform

Many purposes, users and infrastructure

Today

Developer Community

Need to experiment and innovate with leading edge tech

Ops Community

Need a predictable system to deploy

and run apps

Enterprise

Run business critical apps at

scale anywhere

Partner Ecosystem

Extend and add value to a platform with a shared path

to monetization

The Docker Ecosystem

Linux Mainframe AWS Azure GCPWindowsLaptop

1 Platform, 1 Toolset, All Platforms

VMs vs Containers

They’re Different, not mutually exclusive

INFRASTRUCTURE

HOST OS

DOCKERENGINE

STACK A

APP A

STACK A

APP B

STACK C

APP C

LIKE VMs

UNLIKE VMs

• Offer isolation between software

• A layer of abstraction between the app and the metal

• Can be software defined

• Do not start an entire OS for each instance

○ Lighter-weight (often MBs)

○ Start in miliseconds

• Separate the app from everything else

• Explicit, least-privilege security

• Immutable, verifyable content

• Built-in orchestration operations

Building a Docker Image

Using a Dockerfile to build a container’s Read-Only Filesystem Layers

FROM ubuntu:15.04

RUN apt-get install

COPY . /app

RUN make /app

Dockerfile Running Container

1

2

3

4

Shipping your Docker Image - manually

Building locally, and pushing to a registry for reuse

$ docker build -t reg.corp.com/appteam/corpapp:1.4 .$ docker push reg.corp.com/appteam/corpapp:1.4

New layerspushed

Registrystores

images

New layerspulled

Other Devs/Admins

Engines

FROM ubuntu:15.04

RUN apt-get install

COPY . /app

RUN make /app

1

2

3

4

Dev/Admin

Dockerfiles in VCS

Base layerspulled

Shipping your Docker Image - automatically

Using a pipeline to automate app build, test and deployment

$ git commit -am “FIX #504 fix that thing”$ git push origin master

Build Cluster Production

- Dockerfiles

- Stack files

- Application code

- Configuration

1

2

3

4

Dev/Admin

Registry

CI

Build Apps Build Images

Dev/UAT

Integration Staging

Push

Pull

Building a Docker Service

Using a Compose / Stack File to define Services

services:web:

image: nginxport:

- 80:80network:

- frontenddeploy:

replicas: 5database:

image: postgresport:

- 5000network:

- backendvolume:

- db_store

nginxervicetcp/80

postgresservicetcp/5000

www.example.com

db_storevolume

stack.yml Deployment

backend network

The Docker Editions

Advancing the container industry with new open source projects

LinuxKitToolkit for building secure, lean and portable Linux subsystems

Moby ProjectLibrary of components and framework for container ecosystem

Open Source

Small DIY teams to started with Docker

Free to use and available for desktop, cloud and community Linux distros

Includes swarm mode orchestration, security and networking.

Community Edition (CE)

Enterprise IT teams that build and run critical apps at scale in production

Subscription (software, support and certification) for cloud, enterprise x86, mainframe Linux and Windows Server 2016

Includes integrated orchestration, management, security and access control.

Enterprise Edition (EE)

Image Registry Security scan& sign

Traditional

Third Party

Microservices

docker store

DEVELOPERS IT OPERATIONS

Control Plane

Docker EE WorkflowMulti-platform for existing and new apps

UNIFORMLY OPERATE, MANAGE, AND SECURE WINDOWS AND LINUX CONTAINERS

Node

Manager

Node

Worker

Node

Manager

Node

Manager

Node

Worker

Node

Worker

Node

Worker

Worker Nodes

docker universal control planetrusted registry

KEY FEATURES

BENEFITS

• Extend enterprise security features like image signing, image scanning, and secrets management to both Windows and Linux worker nodes

• Leverage the same LDAP/AD integration and RBAC rules across Windows and Linux nodes

• Visualize all apps in the same environment

• Improve resource utilization and incur less management overhead with centralized management across Windows and Linux apps

• Reduce risk with consistent processes and policies across Windows and Linux apps

Mixed Windows and Linux Clusters

Docker Enterprise Edition

Validated Configurations and

Interoperability

Docker Universal Control Plane(Embedded Docker Swarm)

Docker Trusted Registry(Integrated Docker Content Trust)

Docker EE Engine

Integrations and API Support

Enterprise Class Support with SLAs and customer hotfixes

Unique Advantages with Docker EE

Secure Hybrid Orchestration

Infrastructure Independence

Unified Software Supply Chain

• Define application-centric policies and boundaries

• Manage diverse applications across mixed infrastructure with secure segmentation

• Improve SDLC across hybrid apps and infrastructure through app-centric policies

• Consistently manage all apps and infrastructure

• Easily “lift and shift” apps onto new infrastructure

• Support both traditional and microservice apps on any infrastructure

Methodology: Docker EE Modernizes Apps and Infrastructure

ExistingApplication

Modern Methodologies

Integrate to CI/CD and automation

system

Convert to a container

with Docker EE

The quickest way to cut into that 80%

Modern Infrastructure

Built on premise, in the cloud, or as part of a hybrid environment.

Modern Microservices

Add new services or start peeling off

services from monolith code base

App

Get StartedToday

ExistingApplication

Convert to a container

with Docker EE

The quickest way to cut into that 80%

Modern Infrastructure

Built on premise, in the cloud, or as part of a hybrid environment.

App

What’s Included• 1 week onsite support /3 weeks remote

• Deploy Docker EE to cloud or on prem

infrastructure

• Containerize one application

• End-to-end app deploy using Docker EE

• App operations using Docker EE

In the first week • Containerize App Components

• Compose App Components

• Deploy App Stack to Docker EE

• Docker EE platform and tools showcase

• Performance testing and tuning

THANK YOU :)

steven.thwaites@docker.com@stevethwaites

The small-scale setup we’ll be showing you today

Node

Manager

Node

Node

Manager

Node

Manager

Node Node W Node W

Worker Nodes

docker universal control planetrusted registry

DEMO ENVIRONMENT

• Running in AWS• Ubuntu Linux workers and managers• DTR and UCP deployed• Jenkins CI deployed as containers

Demo Environment

WW

Docker Glossary

Docker EngineCreates & Runs

containers

Docker RegistryPackage & Distribution of

Images

Docker ComposeDefines a Service

Docker SwarmNative Host Clustering

ImageSeries of Read-OnlyFile System Layers

ContainerEfficient, Lightweight,

Self-Contained Systems