Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

A Summary about Hykes' Keynote on Dockercon 2015

920 views

Published on

A Summary about Hykes' Keynote on Dockercon 2015

Published in: Internet
  • Be the first to comment

A Summary about Hykes' Keynote on Dockercon 2015

  1. 1. Hykes’ Keynote on Dockercon 2015 Henry Huang
  2. 2. • 1st step: Done • 2nd step: Done • 3rd step: Great more to come! • 4th and 5th steps: Docker in Production
  3. 3. Docker in Production • Real community, robust ecosystem • Works for everyone (developers, devops, & ops) • Works for everywhere (multi-arch, multi-os, on & off prem) • Extensible & Pluggable • Solution and roadmap – Security – Orchestration – Network & Storage – Workflows for developing, shipping, deploying/managing • Real users
  4. 4. PROGRAMMING What is the biggest innovation multiplier today?
  5. 5. Goal #1 Reinvent the programmer’s toolbox • Building distributed applications is too hard, because the tools are not adequate. • Let’s give programmers a toolbox designed for distributed applications • Take “Incremental Revolution” – Choose one fundamental problem – Solve in the simplest possible way – Repeat
  6. 6. Problem #1 - Runtime How do I run my code repeatedly on different machines? Docker Container Runtime
  7. 7. #2 - Packaging & Distribution How do I ship my code across many different machines? Docker Distribution Tools • Docker registry, etc.
  8. 8. #3 - Service Composition How do I organize my application in scalable services? Docker Compose
  9. 9. #4 - Machine Management How do I deploy many machines to run my code? Docker Machine
  10. 10. #5 - Clustering How do I stop worrying about individual machines? Docker Swarm
  11. 11. #6 - Networking How do I securely connect my containers across machines? Docker Network
  12. 12. Docker Network • It’s a experimental release: – https://docker.com/experimental • Multiple-host networking out of the box • Micro-segmentation built-in – Assemble virtual networks into any topology, enforce security policies, insert probes and firewalls • Built on industry standards – No need to modify your application – No need to rip out your infrastructure • Standardized service discovery – DNS • 11 community contributed backends – Azure, Calico, Cisco, Consul, Etcd, Midokura, Netflix, NuagentNetworks, VMware, Weave, Zookeeper
  13. 13. #7 - Extensibility How do I add my own tools to the toolbox? Docker Plugin • Network Plugins • Volume Plugins • Scheduler Plugins • Service Discovery Plugins • More to come…
  14. 14. Docker Plugin • Dynamic loading – No patches or restarts needed • Multi-tenant – Use different plugins for different applications • No lock-in – If your application works in Docker, it already supports every plugin • Developed with the ecosystem – WeaveWorks, ClusterHQ, Glider Labs, Mesosphere
  15. 15. Goal #2 Build better plumbing • To build a developer platform, we need infrastructure plumbing – lots of it • Infrastructure plumbers around the World are improving the Internet’s software infrastructure • Take “Principle of Software Plumbing”
  16. 16. Plumbing for Security • Trusted, cross-platform, content distribution on the Internet is an unsolved problem
  17. 17. Notary • https://github.com/docker/notary • Platform-agnostic – Distribute any content: source, build artifacts, packages, containers, VM images, documentation… • Built on industry-leading research – Reliable updates – Proof of origin – Resistant to untrusted transport – Survivable key compromise
  18. 18. Plumbing for OS Containers • Containers are 5% of Docker’s code • It’s just plumbing but it’s popular plumbing
  19. 19. runC • Just the runtime and nothing else – Battle-tested and production-ready – Support all security features of Linux • Selinux, Apparmor, Cgroups, Seccomp, Cap-drop… – Support user namespaces – Support live migration – Microsoft is contributing Windows support – ARM support underway – Intel is contributing DPDK, Secure enclave – Define a standard, portable runnable format – Usable from the command-line or programmatically
  20. 20. Goal #3 Promote open standards
  21. 21. Needs #1 – A formal specification Make it easy for anyone to write their own implementation Open Container Project • A universal intermediary format for OS containers • Supports all hardware architecture and OS
  22. 22. #2 – Independent Government Don’t tie the standard to a single company Open Container Project In collaboration with “ the Linux Foundation ”
  23. 23. #3 - A neutral reference implementation The best standards start with rough consensus and working code
  24. 24. #4 - Support from a broad coalition Your standard must present a majority of the market
  25. 25. #5 – An open door to fresh ideas Many people have been thinking about this. Hear them out.
  26. 26. 4 Goals in the Keynote • Reinvent the programmer’s toolbox. • Build better plumbing • Promote open standards • Help organizations solve real- world problems in unique ways

×