Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

DockerCon 15 Keynote - Day 2

19,280 views

Published on

Slides used in the day 2 keynote at DockerCon San Francisco Day 2

Published in: Technology
  • Be the first to comment

DockerCon 15 Keynote - Day 2

  1. 1. DockerCon Day 2 Welcome Ben Golub – CEO @golubbe
  2. 2. • Works for everyone (developers, devops, & ops) • Works everywhere (multi-arch, multi-OS, on & off prem) • Extensible & Pluggable • Solutions and roadmap Security Orchestration Networking & storage Workflows for developing, shipping, deploying/managing • Real users What does Docker in Production mean? And that’s what this DockerCon is all about Docker in Production
  3. 3. The Layers Open Standards Plumbing Developer Platform Business Solutions Implement Integrate Augment
  4. 4. The Layers Open Standards Plumbing Developer Platform Business Solutions OCF, OCP 1.7 , Swarm (+ Mesos, ECS), Compose, Machine, Plugins (Weave, ClusterHQ),++ runC, Notary Today
  5. 5. 3 Broad Categories of Commercial Solutions Build/ Create Ship/ Store Run/ Manage
  6. 6. Built by assembling best tools Build/ Create Ship/ Store Run/ Manage • Developer Platform • CI/CD integration • Signing/Trust • +++ • Trusted registries • Official repositories • Access control • Policies • +++ • Orchestration • GUI • Management • Logging • +++
  7. 7. Delivered in manner that works in production Build/ Create Ship/ Store Run/ Manage • Work both on premises and in the cloud • Have to work well together • Delivered with commercial support • Available through channels & partners • Priced & packaged to enable easy adoption
  8. 8. ((Ben introduces Marianna here)
  9. 9. Since launching Docker Hub 12 months ago …
  10. 10. 150,000 repos 500+ million pulls 240,000 users - 50,000 100,000 150,000 200,000 250,000 - 40,000 80,000 120,000 160,000 - 100,000,000 200,000,000 300,000,000 400,000,000 500,000,000 2014 2015 2014 2015 2014 2015
  11. 11. 60+ million pulls
  12. 12. Docker Hub Dev & QA ColleaguesDevelopers QA Build & Ship
  13. 13. 13,000 organizations
  14. 14. Laptop to the World w/ Docker Chris Buckley Director of DevOps Business Insider
  15. 15. Summary • About Me - Working in Linux/systems administration for 14 years, specializing in LAMP based businesses • About Business Insider -Mix of Bare Metal & AWS infrastructure, PHP, Go, MongoDB, Puppet, Docker
  16. 16. The Journey Business Insider’s beginnings with Docker
  17. 17. Why Docker at Business Insider? • Because it was fun… - FreeBSD Jails, Linux Containers have been around a while - Docker was a great way to really start playing with them at BI • Quickly saw opportunities for applications - Local development environments - Keeping consistent environments from Local (it works on my laptop??), Dev, Staging, through to Production - Apps using same monolithic codebase able to be isolated and segregated on the same bare metal / virtual stack
  18. 18. Our first steps… • Started using it for building and shipping code - Kept the same environment and software versions during build as in production - … No matter where the build ran
  19. 19. First long running application… • Several applications were utilizing the same infrastructure - Memcached keys being overwritten & APC clashes caused issues in several applications • Isolated containers could fix this…
  20. 20. Shipping infrastructure… so many questions • How do we ship the containers? • Adding code inside or mounting a volume outside • How to manage the container, keep it running in cases of failure? • Infrastructure heavily Puppetized - Workflow was built around consistent instances with updates applied as code (Puppet Server/Agent, Hiera)
  21. 21. - Business Insider DevOps “Let’s give it a shot…”
  22. 22. Running the Containers • Mounted application code using volumes • Shipping code using temporary containers from Jenkins • Long standing containers as Linux services, containers hosted on Docker Hub
  23. 23. It works! Sort of... • Our first application out on Docker, and it worked (hurrah!) • Docker Hub as the central repository for our containers • Porting production containers back to Developers not so simple...
  24. 24. The Lessons Business Insider’s lessons with Docker
  25. 25. Lesson Learned: Build for Local • Building for production first was grandiose but misguided • Porting it backwards for Devs to use not the right path for us • Bottleneck for Devs to start writing code
  26. 26. ConFIGuration • Fig (now Docker Compose) was perfect for our needs • Complete stack defined in YAML • Links, Ports, Volumes, Environment variables all in one place • Build container from a Dockerfile or pull an image from Docker Hub (we did both)
  27. 27. • Previous generations of Dev environments, average time to get a single app up and running was ~1-2 days • With our own Vagrant running Docker, with Fig/Compose, we cut that down to a few hours (excluding any database imports) • Allowed our Developers to start writing and committing code much faster New Developer up and running in (almost) no time
  28. 28. • Fig / Compose was great for single host applications • For multi host / distributed applications, we turned to using containers as Linux services (upstart, SysV) • Rolling our own upstart scripts for every container became a real pain, even with our containers sitting in Docker Hub Revisiting Production apps
  29. 29. • We went back to the Puppet approved Docker module to see what we could do. - https://forge.puppetlabs.com/garethr/docker • Turns out, it met a lot of our needs (Thanks Gareth!) • Handled image versions, runtime configurations, links, startup dependencies, all in a nicely packaged init.d script - Packaged as a class we could fill the blanks using Hiera, and pull the images from Docker Hub Puppet Forge + Docker Hub == WIN
  30. 30. An example Puppet class, using the Docker Puppet Forge module, showing several containers, linking, environment options, and dependencies on other containers services starting first.
  31. 31. Dev + Ops Workflow Pre-Docker
  32. 32. DevOps Workflow Post-Docker
  33. 33. The Future Business Insider’s roadmap with Docker
  34. 34. • Current system is pretty good, but we want to take orchestration to the next phase - Investigating different tools • Docker Machine/Swarm/Compose • Kubernetes • Mesosphere DCOS • EC2 Container Service • CoreOS/Fleetctl • Diving deeper into triggered/automated builds - Docker Hub automated builds - Jenkins Docker plugins for building containers What’s next for Business Insider + Docker?
  35. 35. Summary • Leverage what you know and have - No need to completely reinvent the wheel with your infrastructure • There is no wrong way to experiment - Docker ecosystem is vast, you’ll find what works for you • Have fun with it! -If we can’t enjoy what we do, what’s the point?
  36. 36. Thank you Chris Buckley Twitter: @ChrisBuckleySA
  37. 37. Today
  38. 38. Quality
  39. 39. Docker Hub Faster Pulls 60% Less Bandwidth 0% 25% 50% 75% 100% v1 v2 0% 25% 50% 75% 100% v1 v2 80% Fewer Requests
  40. 40. Docker Hub Dashboard: 2.0x Speedup Search: 1.6x Speedup 0 6,000 12,000 Current New 0 3,000 6,000 9,000 Current New
  41. 41. Docker Hub More Reliable
  42. 42. Docker Hub Security Authentication microservice One-time use Build hosts Content-addressable images On-going scanning & audits
  43. 43. Public Beta hub-beta.docker.com
  44. 44. 5 FREE Private Repos Only for DockerCon Attendees Coupon Code: dockercon2015
  45. 45. “Which capabilities are required to run Docker in production?” 1. Support 2. On-premise registry 3. Networking 4. Security 5. Directory integration
  46. 46. Open Source Registry Downloads 6.5 million
  47. 47. Docker Trusted Registry
  48. 48. On-premise registry server LDAP/Active Directory integration Role-based access control Audit & events logging Easy deploy, upgrade, & rollback
  49. 49. https://flic.kr/p/dERZT6 - m012
  50. 50. Current State – Monolithic, Stand alone application IAM RDMS API Analytics App-Business Logic LB IAM RDMS API Report IAM RDMS API Search IAM RDMS API Analytics Application 1 Application 2 Application 3 Application 4 BusinessLogic App-Business Logic LB App-Business Logic LB App-Business Logic LB Services
  51. 51. Target State – Business focused abstracted from the common platform IAM API Analytics Data Services Search/Reports Security Cloud Infrastructure Business Logic Platform Application 1 BusinessLogicServices Business Logic Application 2 Business Logic Application 3 Business Logic Application 4
  52. 52. Demo Flow Github Enterprise Jenkins Project Jellyfish/Po rtal Chef AWS/EC2 RHEL 7.1 SWARM Interlock HAPROXY Container(s) Consul Git Push Docker Trusted Registry Docker Trusted Registry
  53. 53. Demo
  54. 54. Benefits • Improved customer-centric services • Increased time-to-market • Reduced cost • Creates opportunities for new business • Target state of 2 week production sprints for platform and new applications • Decrease time for security review
  55. 55. Next Steps • Image governance through provenance • Inserting secrets in containers with Keywhiz https://square.github.io/keywhiz/ • Container networking • Plugins for Interlock (nginx, external, stats) • API for Interlock for deeper integration • “Docker Security” 11:45am @ Yerba Buena 9 Diogo Monica and Nathan McCauley
  56. 56. “Which capabilities are required to run Docker in production?” 1. Support 2. On-premise registry 3. Networking 4. Security 5. Directory integration
  57. 57. Docker Engines Image Registry Docker Trusted Registry Docker Hub Registry Commercial Support Subscription
  58. 58. $150 per month
  59. 59. docker.com/solutions
  60. 60. Distributed Apps: What’s Next?
  61. 61. Distributed Apps: What’s Next? Michael Farber EVP Innovation, Booz-Allen @BoozAllen Jason McGee Cloud CTO, IBM @jrmcgee Mark Russinovich CTO, Microsoft Azure @markrussinovich
  62. 62. The Road Ahead
  63. 63. 0M 2M 4M 6M 8M 10M 12M 2012 2013 2014 2015 2016 2017 2018 2019 Linux UNIX Other Worldwide x86 Server Unit Shipments
  64. 64. 0M 2M 4M 6M 8M 10M 12M 2012 2013 2014 2015 2016 2017 2018 2019 Windows Linux UNIX Other Worldwide x86 Server Unit Shipments
  65. 65. Openness Innovation Docker | Microsoft Since last year at DockerCon… Docker extensions in Microsoft Azure Docker client for Windows Docker VM image in Azure ASP.NET 5 Preview Docker image Orchestration in Azure Visual Studio 2015 tools for Docker: Preview Windows Server Containers showcase Libswarm support
  66. 66. Windows Server Containers
  67. 67. Demo
  68. 68. “As a sysadmin, how should I manage Dockerized apps in prod?” “What tools can help me easily scale-up my apps?” “What’s the Docker-recommended way to use Engine, Swarm, Compose, and other technologies in production?” “How can Ops make it easy – and secure - to give Devs self-serve access to approved images?” “I need better visibility into where my containers are running and how they’re performing…”
  69. 69. http://voices.suntimes.com
  70. 70. A Top-to-Bottom Integrated Stack Docker Engine Networking Docker Compose Docker Swarm GUI Security … plus tools for installation, deployment, configuration, and updates
  71. 71. Hosts Project OrcaDocker Hub Registry Docker Trusted Registry Ship Run
  72. 72. Demo Hosts Docker Swarm GUI & Control Project Orca Docker Engines Docker Hub Registry Docker Trusted Registry Docker Compose
  73. 73. Demo
  74. 74. Everything You Need To “Run” Hosts Docker Swarm GUI & Control Project Orca Docker Engines Docker Hub Registry Docker Trusted Registry Docker Compose
  75. 75. bit.ly/project-orca
  76. 76. Docker: Ready for Production
  77. 77. Docker: Ready for Production Docker Hub Docker Trusted Registry Project Orca Commercial Solutions
  78. 78. Docker: Ready for Production Ecosystem Partners
  79. 79. Docker: Ready for Production
  80. 80. Have A Great DockerCon Day 2!
  81. 81. Thank you

×