docker enterprise edition overview by steven thwaites, technical solutions engineer at docker
TRANSCRIPT
Docker Enterprise Edition Overview
Steven Thwaites - Technical Solutions Engineer
Modern Application Initiatives
Cloud
App Modernization
80%Have a hybrid cloud
strategy
3 out 4 Top initiatives revolve around applications
44%Looking to adopt
DevOpsDevOps
Docker is the only Containers-as-a-Service platform for IT that manages and secures diverse applications across disparate infrastructure, both on-premises and in the cloud
Multi-Architecture Operations
Infrastructure Independence
Secure Software Supply Chain
COST SAVINGS
Linux Mainframe AWS Azure Other Public Clouds
Windows
ENGINE FOR INNOVATION
DOCKER ENTERPRISE EDITION
Evolution of the Docker Platform
A project spun out of a PaaS
2013
Developer Community
Need to experiment and innovate with leading edge tech
Evolution of the Docker Platform
Many purposes, users and infrastructure
Today
Developer Community
Need to experiment and innovate with leading edge tech
Ops Community
Need a predictable system to deploy
and run apps
Enterprise
Run business critical apps at
scale anywhere
Partner Ecosystem
Extend and add value to a platform with a shared path
to monetization
The Docker Ecosystem
Linux Mainframe AWS Azure GCPWindowsLaptop
1 Platform, 1 Toolset, All Platforms
VMs vs Containers
They’re Different, not mutually exclusive
INFRASTRUCTURE
HOST OS
DOCKERENGINE
STACK A
APP A
STACK A
APP B
STACK C
APP C
LIKE VMs
UNLIKE VMs
• Offer isolation between software
• A layer of abstraction between the app and the metal
• Can be software defined
• Do not start an entire OS for each instance
○ Lighter-weight (often MBs)
○ Start in miliseconds
• Separate the app from everything else
• Explicit, least-privilege security
• Immutable, verifyable content
• Built-in orchestration operations
Building a Docker Image
Using a Dockerfile to build a container’s Read-Only Filesystem Layers
FROM ubuntu:15.04
RUN apt-get install
COPY . /app
RUN make /app
Dockerfile Running Container
1
2
3
4
Shipping your Docker Image - manually
Building locally, and pushing to a registry for reuse
$ docker build -t reg.corp.com/appteam/corpapp:1.4 .$ docker push reg.corp.com/appteam/corpapp:1.4
New layerspushed
Registrystores
images
New layerspulled
Other Devs/Admins
Engines
FROM ubuntu:15.04
RUN apt-get install
COPY . /app
RUN make /app
1
2
3
4
Dev/Admin
Dockerfiles in VCS
Base layerspulled
Shipping your Docker Image - automatically
Using a pipeline to automate app build, test and deployment
$ git commit -am “FIX #504 fix that thing”$ git push origin master
Build Cluster Production
- Dockerfiles
- Stack files
- Application code
- Configuration
1
2
3
4
Dev/Admin
Registry
CI
Build Apps Build Images
Dev/UAT
Integration Staging
Push
Pull
Building a Docker Service
Using a Compose / Stack File to define Services
services:web:
image: nginxport:
- 80:80network:
- frontenddeploy:
replicas: 5database:
image: postgresport:
- 5000network:
- backendvolume:
- db_store
nginxervicetcp/80
postgresservicetcp/5000
www.example.com
db_storevolume
stack.yml Deployment
backend network
The Docker Editions
Advancing the container industry with new open source projects
LinuxKitToolkit for building secure, lean and portable Linux subsystems
Moby ProjectLibrary of components and framework for container ecosystem
Open Source
Small DIY teams to started with Docker
Free to use and available for desktop, cloud and community Linux distros
Includes swarm mode orchestration, security and networking.
Community Edition (CE)
Enterprise IT teams that build and run critical apps at scale in production
Subscription (software, support and certification) for cloud, enterprise x86, mainframe Linux and Windows Server 2016
Includes integrated orchestration, management, security and access control.
Enterprise Edition (EE)
Image Registry Security scan& sign
Traditional
Third Party
Microservices
docker store
DEVELOPERS IT OPERATIONS
Control Plane
Docker EE WorkflowMulti-platform for existing and new apps
UNIFORMLY OPERATE, MANAGE, AND SECURE WINDOWS AND LINUX CONTAINERS
Node
Manager
Node
Worker
Node
Manager
Node
Manager
Node
Worker
Node
Worker
Node
Worker
Worker Nodes
docker universal control planetrusted registry
KEY FEATURES
BENEFITS
• Extend enterprise security features like image signing, image scanning, and secrets management to both Windows and Linux worker nodes
• Leverage the same LDAP/AD integration and RBAC rules across Windows and Linux nodes
• Visualize all apps in the same environment
• Improve resource utilization and incur less management overhead with centralized management across Windows and Linux apps
• Reduce risk with consistent processes and policies across Windows and Linux apps
Mixed Windows and Linux Clusters
Docker Enterprise Edition
Validated Configurations and
Interoperability
Docker Universal Control Plane(Embedded Docker Swarm)
Docker Trusted Registry(Integrated Docker Content Trust)
Docker EE Engine
Integrations and API Support
Enterprise Class Support with SLAs and customer hotfixes
Unique Advantages with Docker EE
Secure Hybrid Orchestration
Infrastructure Independence
Unified Software Supply Chain
• Define application-centric policies and boundaries
• Manage diverse applications across mixed infrastructure with secure segmentation
• Improve SDLC across hybrid apps and infrastructure through app-centric policies
• Consistently manage all apps and infrastructure
• Easily “lift and shift” apps onto new infrastructure
• Support both traditional and microservice apps on any infrastructure
Methodology: Docker EE Modernizes Apps and Infrastructure
ExistingApplication
Modern Methodologies
Integrate to CI/CD and automation
system
Convert to a container
with Docker EE
The quickest way to cut into that 80%
Modern Infrastructure
Built on premise, in the cloud, or as part of a hybrid environment.
Modern Microservices
Add new services or start peeling off
services from monolith code base
App
Get StartedToday
ExistingApplication
Convert to a container
with Docker EE
The quickest way to cut into that 80%
Modern Infrastructure
Built on premise, in the cloud, or as part of a hybrid environment.
App
What’s Included• 1 week onsite support /3 weeks remote
• Deploy Docker EE to cloud or on prem
infrastructure
• Containerize one application
• End-to-end app deploy using Docker EE
• App operations using Docker EE
In the first week • Containerize App Components
• Compose App Components
• Deploy App Stack to Docker EE
• Docker EE platform and tools showcase
• Performance testing and tuning
THANK YOU :)
[email protected]@stevethwaites
The small-scale setup we’ll be showing you today
Node
Manager
Node
Node
Manager
Node
Manager
Node Node W Node W
Worker Nodes
docker universal control planetrusted registry
DEMO ENVIRONMENT
• Running in AWS• Ubuntu Linux workers and managers• DTR and UCP deployed• Jenkins CI deployed as containers
Demo Environment
WW
Docker Glossary
Docker EngineCreates & Runs
containers
Docker RegistryPackage & Distribution of
Images
Docker ComposeDefines a Service
Docker SwarmNative Host Clustering
ImageSeries of Read-OnlyFile System Layers
ContainerEfficient, Lightweight,
Self-Contained Systems