Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
What’s New in Docker 1.12
Docker Meetup
August 3, 2016
Nishant Totla
@nishanttotla
nishant@docker.com
Overview of new features
• Orchestration
• Swarm mode
• Docker services
• Secure by default
• Networking
• Live Restore
• ...
Swarm Mode
• Your Docker Engine is now cluster-aware
• The best way to orchestrate Docker is Docker
• Really easy to set u...
Swarm Mode
$ docker swarm init
Engine
Swarm mode
$ docker swarm init
$ docker swarm join <manager IP>:2377
Engine Engine
Swarm mode
$ docker swarm init
$ docker swarm join <manager IP>:2377
Engine Engine
Engine
Engine
Engine
Services
$ docker service create 
--replicas 3 
--name frontend 
--network mynet 
--publish 80:80/tcp 
frontend_image:late...
Services
$ docker service create 
--name redis 
--network mynet 
redis:latest
Engine Engine
Engine
Engine
Engine
mynet
Node Failure
$ docker service create 
--name redis 
--network mynet 
redis:latest
Engine Engine
Engine
Engine
Engine
mynet
Desired State ≠ Actual State
Engine
Engine
Engine
Engine
mynet
$ docker service create 
--replicas 3 
--name frontend 
--n...
Converge back to Desired State
Engine
Engine
Engine
Engine
mynet
$ docker service create 
--replicas 3 
--name frontend 
-...
Service Scaling
Engine
Engine
Engine
Engine
mynet
$ docker service scale frontend=6
Global Services
$ docker service create 
--mode=global 
--name=prometheus 
prom/prometheus
Engine Engine
Engine
Engine
Eng...
Constraints
Engine Engine
Engine
Engine
Engine $ docker daemon --label
com.example.storage=“ssd”
$ docker daemon --label
c...
Constraints
$ docker service create 
--replicas 5 
--name frontend 
--network mynet 
--publish 80:80/tcp 
--constraint eng...
Constraints
Engine Engine
Engine
Engine
Engine
mynet
$ docker daemon --label
com.example.storage=“ssd”
$ docker daemon --l...
Rolling Updates
$ docker service create 
--replicas 8 
--name frontend 
--network mynet 
--publish 80:80/tcp 
frontend_ima...
Rolling Updates
$ docker service update 
--image frontend_image:v2.0 
--update-delay 10s 
--update-parallelism 2 
frontend...
Rolling Updates
$ docker service update 
--image frontend_image:v2.0 
--update-delay 10s 
--update-parallelism 2 
frontend...
Rolling Updates
$ docker service update 
--image frontend_image:v2.0 
--update-delay 10s 
--update-parallelism 2 
frontend...
Rolling Updates
$ docker service update 
--image frontend_image:v2.0 
--update-delay 10s 
--update-parallelism 2 
frontend...
Rolling Updates
$ docker service update 
--image frontend_image:v2.0 
--update-delay 10s 
--update-parallelism 2 
frontend...
Overview of new features
• Orchestration
• Swarm mode
• Docker services
• Secure by default
• Networking
• Live Restore
• ...
Secure by Default with end to end Encryption
• Cryptographic node
identity
• Automatic encryption
and mutual auth (TLS)
• ...
Overview of new features
• Orchestration
• Swarm mode
• Docker services
• Secure by default
• Networking
• Live Restore
• ...
Routing Mesh
• Operator reserves a
swarm-wide ingress
port (8080) for
myapp
• Every node listens
on 8080
Manager
Agent 1 A...
Routing Mesh
• Container-aware
routing mesh can
transparently
reroute traffic to a
node that is
running the
container
• Bu...
Swarm Mode is Optional
• Docker 1.12 is fully backwards compatible
• You can continue to use your old deployments without ...
Overview of new features
• Orchestration
• Swarm mode
• Docker services
• Secure by default
• Networking
• Live Restore
• ...
Live Restore
{
“live-restore”: true
}
• By default, terminating Docker daemon shuts down running containers
• Starting wit...
Container Healthchecks in Dockerfile
• Checks every 5 minutes that web server can return index page within 3
seconds
• Thr...
New Plugin Subcommands (Experimental)
$ docker plugin install tiborvass/no-remove
$ docker plugin enable no-remove
$ docke...
Plugin Permissions Model
$ docker plugin install tiborvass/no-remove
Plugin “tiborvass/no-remove:latest” requested the fol...
Demo!
Thank You! Questions?
Nishant Totla
@nishanttotla
nishant@docker.com
Docker for AWS/Azure
Sign up for the beta at beta.docker.com
Swarm Topology
Overview of new features
• Strongly consistent – holds desired state
• Simple to operate
• Fast (in-memory reads, domain s...
Overview of new features
• Eventually consistent – routing mesh, load balancing rules, …
• High volume, p2p network betwee...
Upcoming SlideShare
Loading in …5
×

What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16

8,422 views

Published on

Docker 1.12 was made generally available on Thursday July 28. Nishant gives an overview of Docker 1.12 and discusses the benefits of the new features.

Published in: Technology
  • Be the first to comment

What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16

  1. 1. What’s New in Docker 1.12 Docker Meetup August 3, 2016 Nishant Totla @nishanttotla nishant@docker.com
  2. 2. Overview of new features • Orchestration • Swarm mode • Docker services • Secure by default • Networking • Live Restore • Container Healthchecks • Plugin Improvements
  3. 3. Swarm Mode • Your Docker Engine is now cluster-aware • The best way to orchestrate Docker is Docker • Really easy to set up your cluster and manage deployments
  4. 4. Swarm Mode $ docker swarm init Engine
  5. 5. Swarm mode $ docker swarm init $ docker swarm join <manager IP>:2377 Engine Engine
  6. 6. Swarm mode $ docker swarm init $ docker swarm join <manager IP>:2377 Engine Engine Engine Engine Engine
  7. 7. Services $ docker service create --replicas 3 --name frontend --network mynet --publish 80:80/tcp frontend_image:latest Engine Engine Engine Engine Engine mynet
  8. 8. Services $ docker service create --name redis --network mynet redis:latest Engine Engine Engine Engine Engine mynet
  9. 9. Node Failure $ docker service create --name redis --network mynet redis:latest Engine Engine Engine Engine Engine mynet
  10. 10. Desired State ≠ Actual State Engine Engine Engine Engine mynet $ docker service create --replicas 3 --name frontend --network mynet --publish 80:80/tcp frontend_image:latest
  11. 11. Converge back to Desired State Engine Engine Engine Engine mynet $ docker service create --replicas 3 --name frontend --network mynet --publish 80:80/tcp frontend_image:latest
  12. 12. Service Scaling Engine Engine Engine Engine mynet $ docker service scale frontend=6
  13. 13. Global Services $ docker service create --mode=global --name=prometheus prom/prometheus Engine Engine Engine Engine Engine
  14. 14. Constraints Engine Engine Engine Engine Engine $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd”
  15. 15. Constraints $ docker service create --replicas 5 --name frontend --network mynet --publish 80:80/tcp --constraint engine.labels.com.example.storage==ssd frontend_image:latest Engine Engine Engine Engine Engine mynet $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd”
  16. 16. Constraints Engine Engine Engine Engine Engine mynet $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd” $ docker service scale frontend=10
  17. 17. Rolling Updates $ docker service create --replicas 8 --name frontend --network mynet --publish 80:80/tcp frontend_image:v1.0 Engine Engine Engine Engine Engine mynet
  18. 18. Rolling Updates $ docker service update --image frontend_image:v2.0 --update-delay 10s --update-parallelism 2 frontend Engine Engine Engine Engine Engine mynet
  19. 19. Rolling Updates $ docker service update --image frontend_image:v2.0 --update-delay 10s --update-parallelism 2 frontend Engine Engine Engine Engine Engine mynet
  20. 20. Rolling Updates $ docker service update --image frontend_image:v2.0 --update-delay 10s --update-parallelism 2 frontend Engine Engine Engine Engine Engine mynet
  21. 21. Rolling Updates $ docker service update --image frontend_image:v2.0 --update-delay 10s --update-parallelism 2 frontend Engine Engine Engine Engine Engine mynet
  22. 22. Rolling Updates $ docker service update --image frontend_image:v2.0 --update-delay 10s --update-parallelism 2 frontend Engine Engine Engine Engine Engine mynet
  23. 23. Overview of new features • Orchestration • Swarm mode • Docker services • Secure by default • Networking • Live Restore • Container Healthchecks • Plugin Improvements
  24. 24. Secure by Default with end to end Encryption • Cryptographic node identity • Automatic encryption and mutual auth (TLS) • Automatic certificate rotation • External CA integration Manager [TLS] [CA] Manager [TLS] [CA] Manager [TLS] [CA] Agent [TLS] Agent [TLS] Agent [TLS]
  25. 25. Overview of new features • Orchestration • Swarm mode • Docker services • Secure by default • Networking • Live Restore • Container Healthchecks • Plugin Improvements
  26. 26. Routing Mesh • Operator reserves a swarm-wide ingress port (8080) for myapp • Every node listens on 8080 Manager Agent 1 Agent 2 Agent 3 $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80/tcp frontend_image:latest :8080 :8080 :8080 :8080 access myapp.com:8080
  27. 27. Routing Mesh • Container-aware routing mesh can transparently reroute traffic to a node that is running the container • Built-in (layer 4) load balancing • DNS-based service discovery Manager Agent 1 Agent 2 Agent 3 $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80/tcp frontend_image:latest :8080 :8080 :8080 :8080 access myapp.com:8080
  28. 28. Swarm Mode is Optional • Docker 1.12 is fully backwards compatible • You can continue to use your old deployments without Swarm Mode • Swarm Mode is now the easiest way to try orchestration with Docker
  29. 29. Overview of new features • Orchestration • Swarm mode • Docker services • Secure by default • Networking • Live Restore • Container Healthchecks • Plugin Improvements
  30. 30. Live Restore { “live-restore”: true } • By default, terminating Docker daemon shuts down running containers • Starting with 1.12, it is possible to configure the daemon so that containers remain running when daemon becomes unavailable • Useful for upgrades, planned outages, crashes • Either update the default configuration file • Or pass a flag when starting the daemon $ sudo dockerd --live-restore
  31. 31. Container Healthchecks in Dockerfile • Checks every 5 minutes that web server can return index page within 3 seconds • Three consecutive failures puts container in an unhealthy state • Works with services in Swarm Mode HEALTHCHECK --interval=5m --timeout=3s --retries=3 CMD curl –f http://localhost/ || exit 1
  32. 32. New Plugin Subcommands (Experimental) $ docker plugin install tiborvass/no-remove $ docker plugin enable no-remove $ docker plugin disable no-remove
  33. 33. Plugin Permissions Model $ docker plugin install tiborvass/no-remove Plugin “tiborvass/no-remove:latest” requested the following privileges: - Networking: host - Mounting host path: /data Do you grant the above permissions? [y/N]
  34. 34. Demo!
  35. 35. Thank You! Questions? Nishant Totla @nishanttotla nishant@docker.com
  36. 36. Docker for AWS/Azure Sign up for the beta at beta.docker.com
  37. 37. Swarm Topology
  38. 38. Overview of new features • Strongly consistent – holds desired state • Simple to operate • Fast (in-memory reads, domain specific indexing, …) • Secure
  39. 39. Overview of new features • Eventually consistent – routing mesh, load balancing rules, … • High volume, p2p network between workers • Secure: symmetric encryption with key rotation in Raft

×