SlideShare a Scribd company logo

Docker EE Deep Dive

Docker, Inc.
Docker, Inc.

Docker Enterprise Edition (EE) is a secure, scalable, and supported container platform for building and orchestrating applications across multi-tenant Linux and Windows environments. Join Docker product managers as they dive into how Docker EE addresses challenges faced by enterprise customers, as well as the technical architecture of the solution. They will also walk through demos for the latest and upcoming features around application runtime and image management.

Technology
1 of 41
Download to read offline
Product Deep Dive Docker Enterprise Edition Patrick Devine Product Manager, Docker @pdev110
A little about me...
Enterprise Edition (EE) • Paid Docker subscription • Includes support from Docker • Predictable biannual releases • Certified partner ecosystem • Enterprise-grade features (security, management, automation) Recommended for production use Enterprise & Community Editions • Free for “do it yourself” dev & ops • Does not include support • Quarterly Stable release for ops • Monthly Edge release for developers Community Edition (CE)
Docker Enterprise Edition (EE) CaaS enabled platform for the modern software supply chain • Integrated orchestration, security and management • Stable releases with 1 year of support and maintenance • Security patches and hotfixes backported to all supported versions • Enterprise class support (9am-6pm or 24x7x365) • Certified Infrastructure, Containers and Plugins docker enterprise edition
Docker EE Components Public Cloud Virtual Physical docker enterprise edition ADVANCED INTEGRATED SECURITY docker trusted registry image management docker universal control plane app & cluster management docker engine container runtime, orchestration, networking, volumes, plugins CI/CD Images Operating Systems Volumes Monitoring Logging more...
Docker EE Architecture Node UCP manager Raft consensus group Internal distributed store Node UCP manager Node UCP manager
Docker EE Architecture Node UCP manager Raft consensus group Internal distributed store Node UCP manager Node UCP manager Node UCP worker Node UCP worker Node UCP worker Node UCP workerAdmin / User Deploy / Manage
Docker EE Architecture Node UCP manager Raft consensus group Internal distributed store Node UCP manager Node UCP manager Node UCP worker Node UCP worker Node UCP worker Node UCP workerAdmin / User Deploy / Manage Pull / Push Image registry BYO TCP load balancer Node DTR replica Logging Monitoring Image storage External CALDAP/AD Add-ons Node DTR replica Node DTR replica
Image Security: ● Image Scanning ● Image Signing Let’s dive into the features!
• Scans at a binary level ○ Not just looking at package versions • Works both online and offline ○ New vulnerability database released daily ○ Great for air gapped scenarios (sneaker net!) • Scans both Linux (x86_64) and Windows • Coming soon for IBM z Series Image Scanning available now
$ docker history pdevine/partyparrot:1.0 IMAGE CREATED CREATED BY 4e21821ad0d9 5 minutes ago /bin/sh -c #(nop) ENTRYPOINT [“/parrot”] 880254b79668 5 minutes ago /bin/sh -c #(nop) ADD file:6e64234... 6aa638b57d74 5 minutes ago /bin/sh -c apk update && apk add pcre 4a415e366388 6 weeks ago /bin/sh -c #(nop) ADD file:730030a...
{... “layer_details”: [ “components”: [ { “component”: “coreutils”, “version”: “8.22”, … }, … ], ], }
{... “layer_details”: [ “components”: [ { “component”: “coreutils”, “version”: “8.22”, “vulns”: [ { “vuln”: { “cve”: “CVE-2014-3639”, “cvss”: 2.1, … } }, … ], }, … ], ], }
Image Signing ● Docker Content Trust built in to DTR ● Enforcement can be done in UCP ○ Only valid signers can deploy containers ● docker trust makes things easier than ever ● More to come at Ashwini and Andy’s talk at 13h30 coming soon
Image Distribution: ● Image Caching ● Image Promotion ● Image Mirroring Let’s dive into the features! coming soon
Phase 1: image content cache Phase 2: image promotion Phase 3: image mirroring Image Caching, Promotion, & Mirroring docker dtr docker dtr slow fast dtr dev / qa / staging / prod / repo / dtr dev repo / dtr stage
Image Caching ● Caches image layers closer to where it’s being consumed for faster pulls (CDN for docker images) ● Works globally for all repositories in DTR ● Preserves access permission for each individual repository of the DTR available now docker dt r docker dt r slow fast
Use Case: Without Content Cache... slow... San Francisco, USA Copenhagen, Denmark dtr dev/hello-world:latest build layer A layer B 1 2
Use Case: With Content Cache! fast San Francisco, USA Copenhagen, Denmark Content Cache dtr dev/hello-world:latest build layer A layer B 1 2 3 4 layer A layer B
Image Promotion ● Promotes “blessed” images from one repository to a different repository in the same DTR ● Repositories each have their own access control ● Images can be re-tagged automatically to a new tag ● Can be done “manually” or automatically by a “policy” available now dev / qa / staging / prod /
Use Case: Promotion Flow
Promotion Policy Criteria ● Tagged with a certain tag ● Doesn’t contain any vulnerabilities above a threshold (critical, major, minor) ● Package exists or is greater or less than a certain version ● Is greater than (or less than) a certain size ● Doesn’t contain a certain type of license (e.g. GPLv3)
Advanced Use Case: Promotion Chaining
Advanced Use Case: Promotion Branching
Image Mirroring ● Promotes “blessed” images from one repository to a different one in a different DTR ● Registries each have their own access control ● Mirroring is bi-directional. Can be done via “push” or “pull” ● Policies can be used to automatically push to remote DTRs com ing soon repo / docker dtr dev repo / docker dtr stage
Image Mirroring (push based) ● Image is pushed to DTR 1 ● If the policy is met (e.g. no vulnerabilities) image is pushed to DTR 2 ● AuthN and AuthZ managed by each individual DTR ● Signing / Scan data not (yet) preserved dtr 2dtr 1 1 2 Build
Image Mirroring (pull based) ● Image is pushed to DTR 1 ● DTR 2 polls DTR 1 at specified intervals to check for updates ● If new images are found, image is pulled to DTR 2 dtr 2dtr 1 1 2 3 Build
Image Mirroring (pull based w/ webhook) ● Image is pushed to DTR 1 ● DTR 1 notifies DTR 2 that a new image exists ● DTR 2 contacts DTR 1 and pulls the image dtr 2dtr 1 Build 1 2 3 4
Image Management Demo!
San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Push1
San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Promote after clean scan 2 Push1
San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Copenhagen, Denmark Content Cache Push1 Cache3 Promote after clean scan 2
San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Copenhagen, Denmark Content Cache Push1 Cache3 New York, USA stage/hello-world dtr us-east prod/hello-world Mirror4 Promote after clean scan 2
San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Copenhagen, Denmark Content Cache Push1 Cache3 New York, USA stage/hello-world dtr us-east prod/hello-world Mirror4 Promote5 Promote after clean scan 2
Docker EE Hosted Demo ● Free 4 Hour Demo ● No Servers Required ● Full Docker EE Cluster Access docker.com/trial
Thank You! @pdev110 @docker #dockercon

Recommended

Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
 
Continuous Packaging is also Mandatory for DevOps
Continuous Packaging is also Mandatory for DevOpsContinuous Packaging is also Mandatory for DevOps
Continuous Packaging is also Mandatory for DevOpsDocker, Inc.
 
Becoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkBecoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkDocker, Inc.
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker, Inc.
 
How Docker EE is Finnish Railway’s Ticket to App Modernization
How Docker EE is Finnish Railway’s Ticket to App ModernizationHow Docker EE is Finnish Railway’s Ticket to App Modernization
How Docker EE is Finnish Railway’s Ticket to App ModernizationDocker, Inc.
 
Docker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker, Inc.
 
Talking TUF: Securing Software Distribution
Talking TUF: Securing Software DistributionTalking TUF: Securing Software Distribution
Talking TUF: Securing Software DistributionDocker, Inc.
 
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...Docker, Inc.
 

Recommended

Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
 
Continuous Packaging is also Mandatory for DevOps
Continuous Packaging is also Mandatory for DevOpsContinuous Packaging is also Mandatory for DevOps
Continuous Packaging is also Mandatory for DevOpsDocker, Inc.
 
Becoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkBecoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkDocker, Inc.
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker, Inc.
 
How Docker EE is Finnish Railway’s Ticket to App Modernization
How Docker EE is Finnish Railway’s Ticket to App ModernizationHow Docker EE is Finnish Railway’s Ticket to App Modernization
How Docker EE is Finnish Railway’s Ticket to App ModernizationDocker, Inc.
 
Docker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker Federal Summit 2017 General Session
Docker Federal Summit 2017 General SessionDocker, Inc.
 
Talking TUF: Securing Software Distribution
Talking TUF: Securing Software DistributionTalking TUF: Securing Software Distribution
Talking TUF: Securing Software DistributionDocker, Inc.
 
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...Docker, Inc.
 
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker, Inc.
 
Modernizing Java Apps with Docker
Modernizing Java Apps with DockerModernizing Java Apps with Docker
Modernizing Java Apps with DockerDocker, Inc.
 
What's New in Docker
What's New in DockerWhat's New in Docker
What's New in DockerDocker, Inc.
 
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsDevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsAmbassador Labs
 
Modernizing Traditional Applications with Docker EE: From PoC to Production
Modernizing Traditional Applications with Docker EE: From PoC to ProductionModernizing Traditional Applications with Docker EE: From PoC to Production
Modernizing Traditional Applications with Docker EE: From PoC to ProductionDocker, Inc.
 
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahOn-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahDocker, Inc.
 
Advanced Access Control with Docker EE
Advanced Access Control with Docker EEAdvanced Access Control with Docker EE
Advanced Access Control with Docker EEDocker, Inc.
 
Azure ai on premises with docker
Azure ai on premises with dockerAzure ai on premises with docker
Azure ai on premises with dockerVishwas N
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016Docker, Inc.
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.
 
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Docker, Inc.
 
DCEU 18: App-in-a-Box with Docker Application Packages
DCEU 18: App-in-a-Box with Docker Application PackagesDCEU 18: App-in-a-Box with Docker Application Packages
DCEU 18: App-in-a-Box with Docker Application PackagesDocker, Inc.
 
How to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceHow to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceDocker, Inc.
 
Packaging software for the distribution on the edge
Packaging software for the distribution on the edgePackaging software for the distribution on the edge
Packaging software for the distribution on the edgeDocker, Inc.
 
Using Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkUsing Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkDocker, Inc.
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Docker Datacenter - CaaS
Docker Datacenter - CaaSDocker Datacenter - CaaS
Docker Datacenter - CaaSHarish Jayakumar
 
Android Meets Docker
Android Meets DockerAndroid Meets Docker
Android Meets DockerDocker, Inc.
 
DCEU 18: Docker Container Security
DCEU 18: Docker Container SecurityDCEU 18: Docker Container Security
DCEU 18: Docker Container SecurityDocker, Inc.
 
Docker ee an architecture and operations overview
Docker ee an architecture and operations overviewDocker ee an architecture and operations overview
Docker ee an architecture and operations overviewDocker, Inc.
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
DCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDocker, Inc.
 

More Related Content

What's hot

Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker, Inc.
 
Modernizing Java Apps with Docker
Modernizing Java Apps with DockerModernizing Java Apps with Docker
Modernizing Java Apps with DockerDocker, Inc.
 
What's New in Docker
What's New in DockerWhat's New in Docker
What's New in DockerDocker, Inc.
 
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsDevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsAmbassador Labs
 
Modernizing Traditional Applications with Docker EE: From PoC to Production
Modernizing Traditional Applications with Docker EE: From PoC to ProductionModernizing Traditional Applications with Docker EE: From PoC to Production
Modernizing Traditional Applications with Docker EE: From PoC to ProductionDocker, Inc.
 
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahOn-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahDocker, Inc.
 
Advanced Access Control with Docker EE
Advanced Access Control with Docker EEAdvanced Access Control with Docker EE
Advanced Access Control with Docker EEDocker, Inc.
 
Azure ai on premises with docker
Azure ai on premises with dockerAzure ai on premises with docker
Azure ai on premises with dockerVishwas N
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016Docker, Inc.
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.
 
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Docker, Inc.
 
DCEU 18: App-in-a-Box with Docker Application Packages
DCEU 18: App-in-a-Box with Docker Application PackagesDCEU 18: App-in-a-Box with Docker Application Packages
DCEU 18: App-in-a-Box with Docker Application PackagesDocker, Inc.
 
How to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceHow to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceDocker, Inc.
 
Packaging software for the distribution on the edge
Packaging software for the distribution on the edgePackaging software for the distribution on the edge
Packaging software for the distribution on the edgeDocker, Inc.
 
Using Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkUsing Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkDocker, Inc.
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Android Meets Docker
Android Meets DockerAndroid Meets Docker
Android Meets DockerDocker, Inc.
 
DCEU 18: Docker Container Security
DCEU 18: Docker Container SecurityDCEU 18: Docker Container Security
DCEU 18: Docker Container SecurityDocker, Inc.
 
Docker ee an architecture and operations overview
Docker ee an architecture and operations overviewDocker ee an architecture and operations overview
Docker ee an architecture and operations overviewDocker, Inc.
 

What's hot (20)

Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
 
Modernizing Java Apps with Docker
Modernizing Java Apps with DockerModernizing Java Apps with Docker
Modernizing Java Apps with Docker
 
What's New in Docker
What's New in DockerWhat's New in Docker
What's New in Docker
 
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsDevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
 
Modernizing Traditional Applications with Docker EE: From PoC to Production
Modernizing Traditional Applications with Docker EE: From PoC to ProductionModernizing Traditional Applications with Docker EE: From PoC to Production
Modernizing Traditional Applications with Docker EE: From PoC to Production
 
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahOn-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
 
Advanced Access Control with Docker EE
Advanced Access Control with Docker EEAdvanced Access Control with Docker EE
Advanced Access Control with Docker EE
 
Azure ai on premises with docker
Azure ai on premises with dockerAzure ai on premises with docker
Azure ai on premises with docker
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
 
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
 
DCEU 18: App-in-a-Box with Docker Application Packages
DCEU 18: App-in-a-Box with Docker Application PackagesDCEU 18: App-in-a-Box with Docker Application Packages
DCEU 18: App-in-a-Box with Docker Application Packages
 
How to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceHow to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experience
 
Packaging software for the distribution on the edge
Packaging software for the distribution on the edgePackaging software for the distribution on the edge
Packaging software for the distribution on the edge
 
Using Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at SplunkUsing Docker EE to Scale Operational Intelligence at Splunk
Using Docker EE to Scale Operational Intelligence at Splunk
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker Networking
 
Docker Datacenter - CaaS
Docker Datacenter - CaaSDocker Datacenter - CaaS
Docker Datacenter - CaaS
 
Android Meets Docker
Android Meets DockerAndroid Meets Docker
Android Meets Docker
 
DCEU 18: Docker Container Security
DCEU 18: Docker Container SecurityDCEU 18: Docker Container Security
DCEU 18: Docker Container Security
 
Docker ee an architecture and operations overview
Docker ee an architecture and operations overviewDocker ee an architecture and operations overview
Docker ee an architecture and operations overview
 

Similar to Docker EE Deep Dive

GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
DCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDocker, Inc.
 
PaaSTA: Running applications at Yelp
PaaSTA: Running applications at YelpPaaSTA: Running applications at Yelp
PaaSTA: Running applications at YelpNathan Handler
 
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016Patrick Chanezon
 
Categorizing Docker Hub Public Images
Categorizing Docker Hub Public ImagesCategorizing Docker Hub Public Images
Categorizing Docker Hub Public ImagesRoberto Hashioka
 
Be a better developer with Docker (revision 3)
Be a better developer with Docker (revision 3)Be a better developer with Docker (revision 3)
Be a better developer with Docker (revision 3)Nicola Paolucci
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsOpsta
 
Binary Authorization in Kubernetes
Binary Authorization in KubernetesBinary Authorization in Kubernetes
Binary Authorization in KubernetesAysylu Greenberg
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherSUSE
 
Getting Started with Docker
Getting Started with Docker Getting Started with Docker
Getting Started with Docker Anup Segu
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Patrick Chanezon
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherSUSE
 
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...Marc Müller
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...Ambassador Labs
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataInfluxData
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024Cloud Native NoVA
 
Operational Visibiliy and Analytics - BU Seminar
Operational Visibiliy and Analytics - BU SeminarOperational Visibiliy and Analytics - BU Seminar
Operational Visibiliy and Analytics - BU SeminarCanturk Isci
 

Similar to Docker EE Deep Dive (20)

GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
DCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and Architecture
 
PaaSTA: Running applications at Yelp
PaaSTA: Running applications at YelpPaaSTA: Running applications at Yelp
PaaSTA: Running applications at Yelp
 
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
 
Categorizing Docker Hub Public Images
Categorizing Docker Hub Public ImagesCategorizing Docker Hub Public Images
Categorizing Docker Hub Public Images
 
Be a better developer with Docker (revision 3)
Be a better developer with Docker (revision 3)Be a better developer with Docker (revision 3)
Be a better developer with Docker (revision 3)
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
 
Binary Authorization in Kubernetes
Binary Authorization in KubernetesBinary Authorization in Kubernetes
Binary Authorization in Kubernetes
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKE
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et Rancher
 
Getting Started with Docker
Getting Started with Docker Getting Started with Docker
Getting Started with Docker
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et Rancher
 
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxData
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
 
Operational Visibiliy and Analytics - BU Seminar
Operational Visibiliy and Analytics - BU SeminarOperational Visibiliy and Analytics - BU Seminar
Operational Visibiliy and Analytics - BU Seminar
 

More from Docker, Inc.

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXDocker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeDocker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDocker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices WorldDocker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with DockerDocker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog ScaleDocker, Inc.
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels Docker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDocker, Inc.
 

More from Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

Recently uploaded

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

Docker EE Deep Dive

  • 1. Product Deep Dive Docker Enterprise Edition Patrick Devine Product Manager, Docker @pdev110
  • 3. Enterprise Edition (EE) • Paid Docker subscription • Includes support from Docker • Predictable biannual releases • Certified partner ecosystem • Enterprise-grade features (security, management, automation) Recommended for production use Enterprise & Community Editions • Free for “do it yourself” dev & ops • Does not include support • Quarterly Stable release for ops • Monthly Edge release for developers Community Edition (CE)
  • 4. Docker Enterprise Edition (EE) CaaS enabled platform for the modern software supply chain • Integrated orchestration, security and management • Stable releases with 1 year of support and maintenance • Security patches and hotfixes backported to all supported versions • Enterprise class support (9am-6pm or 24x7x365) • Certified Infrastructure, Containers and Plugins docker enterprise edition
  • 5. Docker EE Components Public Cloud Virtual Physical docker enterprise edition ADVANCED INTEGRATED SECURITY docker trusted registry image management docker universal control plane app & cluster management docker engine container runtime, orchestration, networking, volumes, plugins CI/CD Images Operating Systems Volumes Monitoring Logging more...
  • 6. Docker EE Architecture Node UCP manager Raft consensus group Internal distributed store Node UCP manager Node UCP manager
  • 7. Docker EE Architecture Node UCP manager Raft consensus group Internal distributed store Node UCP manager Node UCP manager Node UCP worker Node UCP worker Node UCP worker Node UCP workerAdmin / User Deploy / Manage
  • 8. Docker EE Architecture Node UCP manager Raft consensus group Internal distributed store Node UCP manager Node UCP manager Node UCP worker Node UCP worker Node UCP worker Node UCP workerAdmin / User Deploy / Manage Pull / Push Image registry BYO TCP load balancer Node DTR replica Logging Monitoring Image storage External CALDAP/AD Add-ons Node DTR replica Node DTR replica
  • 9. Image Security: ● Image Scanning ● Image Signing Let’s dive into the features!
  • 10. • Scans at a binary level ○ Not just looking at package versions • Works both online and offline ○ New vulnerability database released daily ○ Great for air gapped scenarios (sneaker net!) • Scans both Linux (x86_64) and Windows • Coming soon for IBM z Series Image Scanning available now
  • 11.
  • 12.
  • 13. $ docker history pdevine/partyparrot:1.0 IMAGE CREATED CREATED BY 4e21821ad0d9 5 minutes ago /bin/sh -c #(nop) ENTRYPOINT [“/parrot”] 880254b79668 5 minutes ago /bin/sh -c #(nop) ADD file:6e64234... 6aa638b57d74 5 minutes ago /bin/sh -c apk update && apk add pcre 4a415e366388 6 weeks ago /bin/sh -c #(nop) ADD file:730030a...
  • 14.
  • 15.
  • 16. {... “layer_details”: [ “components”: [ { “component”: “coreutils”, “version”: “8.22”, … }, … ], ], }
  • 17. {... “layer_details”: [ “components”: [ { “component”: “coreutils”, “version”: “8.22”, “vulns”: [ { “vuln”: { “cve”: “CVE-2014-3639”, “cvss”: 2.1, … } }, … ], }, … ], ], }
  • 18.
  • 19. Image Signing ● Docker Content Trust built in to DTR ● Enforcement can be done in UCP ○ Only valid signers can deploy containers ● docker trust makes things easier than ever ● More to come at Ashwini and Andy’s talk at 13h30 coming soon
  • 20. Image Distribution: ● Image Caching ● Image Promotion ● Image Mirroring Let’s dive into the features! coming soon
  • 21. Phase 1: image content cache Phase 2: image promotion Phase 3: image mirroring Image Caching, Promotion, & Mirroring docker dtr docker dtr slow fast dtr dev / qa / staging / prod / repo / dtr dev repo / dtr stage
  • 22. Image Caching ● Caches image layers closer to where it’s being consumed for faster pulls (CDN for docker images) ● Works globally for all repositories in DTR ● Preserves access permission for each individual repository of the DTR available now docker dt r docker dt r slow fast
  • 23. Use Case: Without Content Cache... slow... San Francisco, USA Copenhagen, Denmark dtr dev/hello-world:latest build layer A layer B 1 2
  • 24. Use Case: With Content Cache! fast San Francisco, USA Copenhagen, Denmark Content Cache dtr dev/hello-world:latest build layer A layer B 1 2 3 4 layer A layer B
  • 25. Image Promotion ● Promotes “blessed” images from one repository to a different repository in the same DTR ● Repositories each have their own access control ● Images can be re-tagged automatically to a new tag ● Can be done “manually” or automatically by a “policy” available now dev / qa / staging / prod /
  • 27. Promotion Policy Criteria ● Tagged with a certain tag ● Doesn’t contain any vulnerabilities above a threshold (critical, major, minor) ● Package exists or is greater or less than a certain version ● Is greater than (or less than) a certain size ● Doesn’t contain a certain type of license (e.g. GPLv3)
  • 28. Advanced Use Case: Promotion Chaining
  • 29. Advanced Use Case: Promotion Branching
  • 30. Image Mirroring ● Promotes “blessed” images from one repository to a different one in a different DTR ● Registries each have their own access control ● Mirroring is bi-directional. Can be done via “push” or “pull” ● Policies can be used to automatically push to remote DTRs com ing soon repo / docker dtr dev repo / docker dtr stage
  • 31. Image Mirroring (push based) ● Image is pushed to DTR 1 ● If the policy is met (e.g. no vulnerabilities) image is pushed to DTR 2 ● AuthN and AuthZ managed by each individual DTR ● Signing / Scan data not (yet) preserved dtr 2dtr 1 1 2 Build
  • 32. Image Mirroring (pull based) ● Image is pushed to DTR 1 ● DTR 2 polls DTR 1 at specified intervals to check for updates ● If new images are found, image is pulled to DTR 2 dtr 2dtr 1 1 2 3 Build
  • 33. Image Mirroring (pull based w/ webhook) ● Image is pushed to DTR 1 ● DTR 1 notifies DTR 2 that a new image exists ● DTR 2 contacts DTR 1 and pulls the image dtr 2dtr 1 Build 1 2 3 4
  • 35. San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Push1
  • 36. San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Promote after clean scan 2 Push1
  • 37. San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Copenhagen, Denmark Content Cache Push1 Cache3 Promote after clean scan 2
  • 38. San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Copenhagen, Denmark Content Cache Push1 Cache3 New York, USA stage/hello-world dtr us-east prod/hello-world Mirror4 Promote after clean scan 2
  • 39. San Francisco, USA build dev/hello-world dtr us-west qa/hello-world Copenhagen, Denmark Content Cache Push1 Cache3 New York, USA stage/hello-world dtr us-east prod/hello-world Mirror4 Promote5 Promote after clean scan 2
  • 40. Docker EE Hosted Demo ● Free 4 Hour Demo ● No Servers Required ● Full Docker EE Cluster Access docker.com/trial