Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

DockerCon US 2015 - Engine Breakout Session

140 views

Published on

Docker maintainers Michael Crosby & Arnaud Porterie on the latest news on Docker Engine, for DockerCon US 2015.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

DockerCon US 2015 - Engine Breakout Session

  1. 1. Docker Engine - Breakout session Arnaud Porterie, eng. manager Michael Crosby, chief maintainer
  2. 2. Agenda • Engine quick facts • What’s new in Docker Engine 1.7.0 • What’s coming next - Demo! • Q&A
  3. 3. Engine quick facts What’s the Docker Engine?
  4. 4. Engine quick facts • Central piece of the Docker platform - Docker daemon + docker CLI • Engine by the numbers - 963 contributors - 71 pull requests on average merged each week • https://github.com/docker/docker/
  5. 5. What’s new in Engine 1.7.0 A tour of the major new features
  6. 6. Experimental binary • A new flavor of the Docker engine - Built and distributed nightly - Bleeding edge features: we want your feedback! • First experimental features - New networking model - Network plugins - Volume plugins • https://experimental.docker.com
  7. 7. Network stack • Introducing libnetwork - Whole new API (Container Networking Model) • A much needed technical effort - Solid ground for better default batteries - Single extension point for alternative batteries • https://github.com/docker/libnetwork/
  8. 8. Better network performance • docker -d --userland-proxy=false - Huge performance improvement for port publishing • Not the default - Relies on Hairpinning - Introduced in 2.6.32, still an issue on some distros
  9. 9. And many more! • ZFS storage driver • docker build --cpu-quota … • docker build https://github.com/x/y#branch • docker exec -u|--user • …
  10. 10. What’s next
  11. 11. Better tooling • Community wants choices - Push/pull without Docker (and vice-versa) - Containers without the daemon - … • Objective: spin-out runtime, builder, trust, …
  12. 12. Security • Trusted image distribution • User namespaces • Syscall filtering with seccomp - Already supported by libcontainer • Engine security profiles - Simple way to express security constraints - Single file for capabilities, AppArmor, seccomp, …
  13. 13. Networks & volumes management • Top-level network concept - Already in experimental • Similar top-level volume concept - Currently in design $ docker network create --driver d net1
 $ docker run --publish-service=svc.net1 my_image $ docker volume create --driver d vol1
 $ docker run -v vol1 my_image
  14. 14. Demo time!
  15. 15. Thank you Arnaud Porterie / @icecrime Michael Crosby / @crosbymichael

×