The document compares different options for deploying Docker containers in public clouds, including Docker Machine, Docker's custom cloud solutions, cloud provider container-as-a-service (CaaS) offerings, and Docker's own CaaS solutions. It outlines various parameters for comparing the options such as orchestration, management, networking, storage, registry integration, cloud integration, application definition format, Docker version/upgrades, enterprise features, and cost. The document provides architectures for some of the solutions and recommends which options may be best for different use cases based on factors like production use, VM/container mix, hybrid/multi-cloud, and Kubernetes preference.
Intro to coreOS linux distributions and how it can be used to run docker based workloads in the cloud.
coreOS instances can be started in a cloudstack cloud, it makes use of cloud-init basics to
Scaling Jenkins with Docker: Swarm, Kubernetes or Mesos?Carlos Sanchez
The Jenkins platform can be dynamically scaled by using several Docker cluster and orchestration platforms, using containers to run slaves and jobs and also isolating job execution. But which cluster technology should be used? Docker Swarm? Apache Mesos? Kubernetes? How do they compare? All of them can be used to dynamically run jobs inside containers. This talk will cover these main container clusters, outlining the pros and cons of each, the current state of the art of the technologies and Jenkins support.
Docker Online Meetup: Infrakit update and Q&ADocker, Inc.
While working on Docker for AWS and Azure, we realized the need for a standard way to create and manage infrastructure state that was portable across any type of infrastructure, from different cloud providers to on-prem. One challenge is that each vendor has differentiated IP invested in how they handle certain aspects of their cloud infrastructure. It is not enough to just provision five servers; what IT ops teams need is a simple and consistent way to declare the number of servers, what size they should be, and what sort of base software configuration is required. And in the case of server failures (especially unplanned), that sudden change needs to be reconciled against the desired state to ensure that any required servers are re-provisioned with the necessary configuration. We started InfraKit to solves these problems and to provide the ability to create a self healing infrastructure for distributed systems.
An in-depth look into Docker Networking. We will cover all the networking features natively available in Docker and take you through hands-on exercises designed to help you learn the skills you need to deploy and maintain Docker containers in your existing network environment.
Led by Docker Networking Pros:
Madhu Venugopal
Jana Radhakrishnan
Overview of Docker 1.11 features(Covers Docker release summary till 1.11, runc/containerd, dns load balancing ipv6 service discovery, labels, macvlan/ipvlan)
On-demand recording: http://bit.ly/2mRhTRB
If you’re a Java developer, you probably know that containers have begun to revolutionize application development and deployment. Developers across the world have adopted modern application stacks to more quickly develop and deploy their applications, and deliver the performance users expect. When the power of NGINX Plus and Docker is combined developers, system administrators, and application owners achieve something we all desire: flawless application delivery.
In this webinar you will hear from Arun Gupta, a key visionary behind the development and success of Java, about why choosing technologies like Docker and NGINX can provide significant benefit to your applications. Arun Gupta will share key points which he discusses in his newly released book, Docker for Java Developers, from O’Reilly.
Join us in this webinar to learn:
* How Docker can improve your Java development lifecycle.
* How to build and run Docker containers for Java applications
* Tips for managing Docker containers in Java development environments
* How to load balance Java applications running in Docker containers
Learn best practices in container security to make your containers seaworthy through the build, ship, and run lifecycle.
Demos temporarily living at github.com/endophage/apps (look under wordpress dir)
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScaleRightScale
As companies look to orchestrate Docker in the cloud, they have several options for container orchestration. We delve into both container-as-a-service options from AWS, Microsoft Azure, and Google Cloud Platform as well as running your own Kubernetes cluster in the cloud.
Intro to coreOS linux distributions and how it can be used to run docker based workloads in the cloud.
coreOS instances can be started in a cloudstack cloud, it makes use of cloud-init basics to
Scaling Jenkins with Docker: Swarm, Kubernetes or Mesos?Carlos Sanchez
The Jenkins platform can be dynamically scaled by using several Docker cluster and orchestration platforms, using containers to run slaves and jobs and also isolating job execution. But which cluster technology should be used? Docker Swarm? Apache Mesos? Kubernetes? How do they compare? All of them can be used to dynamically run jobs inside containers. This talk will cover these main container clusters, outlining the pros and cons of each, the current state of the art of the technologies and Jenkins support.
Docker Online Meetup: Infrakit update and Q&ADocker, Inc.
While working on Docker for AWS and Azure, we realized the need for a standard way to create and manage infrastructure state that was portable across any type of infrastructure, from different cloud providers to on-prem. One challenge is that each vendor has differentiated IP invested in how they handle certain aspects of their cloud infrastructure. It is not enough to just provision five servers; what IT ops teams need is a simple and consistent way to declare the number of servers, what size they should be, and what sort of base software configuration is required. And in the case of server failures (especially unplanned), that sudden change needs to be reconciled against the desired state to ensure that any required servers are re-provisioned with the necessary configuration. We started InfraKit to solves these problems and to provide the ability to create a self healing infrastructure for distributed systems.
An in-depth look into Docker Networking. We will cover all the networking features natively available in Docker and take you through hands-on exercises designed to help you learn the skills you need to deploy and maintain Docker containers in your existing network environment.
Led by Docker Networking Pros:
Madhu Venugopal
Jana Radhakrishnan
Overview of Docker 1.11 features(Covers Docker release summary till 1.11, runc/containerd, dns load balancing ipv6 service discovery, labels, macvlan/ipvlan)
On-demand recording: http://bit.ly/2mRhTRB
If you’re a Java developer, you probably know that containers have begun to revolutionize application development and deployment. Developers across the world have adopted modern application stacks to more quickly develop and deploy their applications, and deliver the performance users expect. When the power of NGINX Plus and Docker is combined developers, system administrators, and application owners achieve something we all desire: flawless application delivery.
In this webinar you will hear from Arun Gupta, a key visionary behind the development and success of Java, about why choosing technologies like Docker and NGINX can provide significant benefit to your applications. Arun Gupta will share key points which he discusses in his newly released book, Docker for Java Developers, from O’Reilly.
Join us in this webinar to learn:
* How Docker can improve your Java development lifecycle.
* How to build and run Docker containers for Java applications
* Tips for managing Docker containers in Java development environments
* How to load balance Java applications running in Docker containers
Learn best practices in container security to make your containers seaworthy through the build, ship, and run lifecycle.
Demos temporarily living at github.com/endophage/apps (look under wordpress dir)
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScaleRightScale
As companies look to orchestrate Docker in the cloud, they have several options for container orchestration. We delve into both container-as-a-service options from AWS, Microsoft Azure, and Google Cloud Platform as well as running your own Kubernetes cluster in the cloud.
Covers overview of CoreOS and current status of CoreOS projects. Presented at Open source meetup, Bangalore(http://www.meetup.com/Bangalore-Open-Source-Meetup/events/229763724/)
Integrating Docker EE into Société Générale's Existing Enterprise IT SystemsDocker, Inc.
Société Générale knows that containers and the cloud are the future of the IT industry and have been using Docker EE for over a year and a half. In this talk, we will share how Docker EE fits into our global strategy and our architecture for integrating the platform to our existing IT systems. We will go over tradeoffs of how we operationalized the platform to provide a highly available CAAS to our global enterprise. Finally, we will share how we are onboarding development teams and deploying their applications to production.
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...Edureka!
** Machine Learning Engineer Masters Program: https://www.edureka.co/masters-program/machine-learning-engineer-training **
This tutorial on Artificial Intelligence gives you a brief introduction to AI discussing how it can be a threat as well as useful. This tutorial covers the following topics:
1. AI as a threat
2. What is AI?
3. History of AI
4. Machine Learning & Deep Learning examples
5. Dependency on AI
6.Applications of AI
7. AI Course at Edureka - https://goo.gl/VWNeAu
For more information, please write back to us at sales@edureka.co
Call us at IN: 9606058406 / US: 18338555775
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Lee Rainie, director of internet and technology research at Pew Research Center, presented these findings at the International Monetary Fund/World Bank’s Youth Dialogue and its program, “A World Without Work?” The findings tie to several pieces of research at the Center, including reports on the state of American jobs, automation in everyday life, and the future of jobs training programs.
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...Alexey Bokov
Deep dive into Azure cloud technologies including common considerations about technology choices and then going deep into some of them. First we start from Azure Container Service and Docker containers orchestration by using Mesos or Swarm. Next part is about PaaS v2 which called Azure Service Fabric - crash course and deep dive into some parts of SF. After that we going through high Availability and Disaster Recovery in Azure:
- Azure DNS - cloud API for DNS records hosting
- Traffic Manager – load balancing and fault-tolerance on DNS level
- Azure Load Balancer – load balancing on transport level
-Application Gateway – load balancing on application level
Last part of deck is about IaaS based services and some updates for storage service:
* Azure Batch for computational tasks
* VM Scale sets
* Storage - managed disks and cool storage
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)Amazon Web Services
Managing and scaling hundreds of containers is a challenging task. A container management solution takes care of these challenges for you, allowing you to focus on developing your application. In this session, we cover the role and tasks of a container management solution and we analyze how four common container management solutions - Amazon EC2 Container Service, Docker for AWS, Kubernetes, and Apache Mesos - stack against each other. We also see how you can easily get started with each of these solutions on AWS.
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...DynamicInfraDays
Slides from Rob Bagby's talk "Containers in Azure: Understanding the Microsoft Container Ecosystem" at ContainerDays NYC 2016: http://dynamicinfradays.org/events/2016-nyc/programme.html#azure
This presentation will dive into all the storage options available with the most popular container orchestrators such as Kubernetes, Docker, and Mesos.
This presentation was made as closing session for Container Conference 2018 on 03rd August in Bangalore by Anoop Kumar from Docker.
"In this session we will get familiarized with the technical aspects of the Docker EE 2.0 Platform. It will involve a walkthrough of the swarm as well as the relatively newly introduced Kubernetes integrations, how it enables organizational agility, choice and security and the future roadmap of the product suite. We'll finally do a quick demo of the platform and close with a Q&A section."
Brief overview of the Docker eco system, the paradigm change it brings to development and operations processes. While docker has lots of potential its still working to mature into a viable production system that has proved itself secure, stable, and viable.
Have you ever wondered if you are using your Kubernetes cluster efficiently? GKE usage metering provides visibility into the cluster usage which in turn can help you to optimize spend.
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
This deck covers top 3 reasons why Google Kubernetes engine is best suited to run containerized workloads. The reasons covered are Security, Observability and Maturity.
Service Discovery using etcd, Consul and KubernetesSreenivas Makam
Overview of Service Discovery and Service Discovery using etcd, Consul, Kubernetes and Docker. Presented at Open source meetup, Bangalore(http://www.meetup.com/Bangalore-Open-Source-Meetup/events/229763724/)
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
This slidedeck covers overview of Docker Networking as of Docker 1.8, drawbacks of current Docker Networking and goals of Docker Experimental Networking.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Compare Docker deployment options in the public cloud
1. Compare Docker Deployment
Options in Public Cloud
Presenter Name: Sreenivas Makam
Presented at: Container conference, Bangalore
Presentation Date: April 7, 2017
2. About me
• Senior Engineering Manager at Cisco Systems Data Center
group
• Author of “Mastering CoreOS”
https://www.packtpub.com/networking-and-servers/mastering-
coreos/ )
• Docker Captain(https://www.docker.com/community/docker-
captains )
• Blog: https://sreeninet.wordpress.com/
• Code hacks: https://github.com/smakam
• LinkedIn: https://in.linkedin.com/in/sreenivasmakam
• Twitter: @srmakam
3. Agenda
•Deployment options – Overview
•Methodology used to compare
•Comparison of Deployment options
•Pick the right option for your use
case
4. Considerations for Container solution
Which Orchestration solution to choose?
Should it be deployed in VM or bare-metal?
How to run stateful applications?
How to achieve Service discovery and DNS?
Should it be deployed on premise or public cloud?
Is central logging required?
How to monitor and troubleshoot container platform?
Is the solution secure?
How to inject secrets and dynamic configuration?
5. Docker deployment in public cloud
Docker Machine
(for AWS, Azure, GCE)
Cloud provider’s CaaS
(AWS ECS, Google GKE,
Microsoft ACS)
Docker’s custom cloud
(Docker for AWS, Azure, GCE)
Docker’s CaaS (Docker cloud,
Docker datacenter)
Docker
deployment
6. Docker Machine
• Tool from Docker to create and manage Docker nodes.
• Supported for majority of cloud providers including AWS, Azure
and Google cloud.
• Creates Docker node on the cloud with 1 command.
• Latest Docker version is pre-installed in the node.
• Both old and new Swarm modes can be used to create clusters.
• Provides automatic secure access to Docker node.
• Minimal integration to native cloud provider features.
• Targeted as a developer tool.
7. Docker custom cloud
• This is Docker’s solution to get Containers integrate well with the
cloud infrastructure.
• Docker for AWS and Azure is available for general use. Docker for
GCE is available as beta currently.
• Swarm mode cluster gets automatically created using a cloud
provider template and with few simple inputs from the user.
• Solution integrated with Cloud networking, storage, logging,
security group, load balancer.
• Targeted for hybrid cloud or multi-cloud deployments.
8. Docker CaaS
• Container service offered by Docker.
• Docker Datacenter(DDC) - Docker’s enterprise grade container platform
• Docker cloud - Hosted service from Docker to manage Containers
• DDC can be run on-premise or in any of the major public cloud. Official support is
present now for AWS and Azure. GCE would be added soon.
• UCP and DTR are main components of DDC and they can be deployed in a highly
available manner.
• DDC provides enterprise grade features like high availability, RBAC and LDAP
integration.
• DDC and Docker cloud provides nice user interface for management and is also
compatible with regular Docker API.
• Docker cloud is targeted as a simple hosted solution for relatively small deployments.
• DDC is targeted as a complete Container platform since it includes all associated
services like service discovery, logging, networking, storage with a decent cloud
integration.
10. Docker datacenter for AWS - Architecture
https://docs.docker.com/datacenter/install/aws/
11. Docker datacenter for Azure - Architecture
https://blog.docker.com/2016/06/docker-datacenter-aws-azure-cloud/
12. Cloud provider CaaS
• Container service offered by Cloud providers.
• ECS – From Amazon(Docker with Amazon’s proprietary orchestrator)
• GKE – From Google(Docker with Kubernetes orchestrator)
• ACS – From Microsoft(Docker with either Swarm, Kubernetes, Mesos)
• Provides very tight cloud integration.
• In some cases, there seems to be a lag with latest Docker version
and features available with this option.
• Targeted for folks who want to manage VMs and Containers
together. This solution suits companies which have a big cloud
presence and already using public cloud.
13. Amazon ECS - Architecture
Uses proprietary orchestrator currently. There is a plan to make
orchestrator as pluggable module in the future.
http://www.allthingsdistributed.com/2015/07/under-the-hood-of-the-amazon-ec2-container-service.html http://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html
14. Azure Container service- Architecture
• Supports major orchestrators like Docker Swarm, Kubernetes, Mesos.
• ACS only takes care of installing and deploying the cluster. Management of
containers and services is done by orchestrator itself.
https://docs.microsoft.com/en-in/azure/container-service/container-service-intro
15. GKE Architecture
Kubernetes Architecture
GKE Architecture – Built on Docker
and Kubernetes
• GKE makes Kubernetes easier to manage and integrates well with
Google compute’s other cloud services.
https://www.cloudbees.com/blog/demand-jenkins-slaves-kubernetes-and-google-container-engine
https://www.slideshare.net/wattsteve/kubernetes-48013640
16. Methodology used to compare
• Built multi-node cluster in all cases. Tried to use Swarm mode in most of
the cases where it is supported. In some cases, used custom
orchestrator, old Swarm mode or Kubernetes where Swarm mode is not
supported.
• Deployed multi-container voting application using Docker containers in
the multi-node cluster.
• Accessed the externally exposed services using load balancer where it is
available.
• Tried scaling up/down services as well as scaling up/down the cluster.
• Checked features like logging capability, service discovery, high
availability, networking and storage.
• Evaluated ease of management, upgradability and the cloud integration.
• Details are captured here(https://github.com/smakam/dockerdeploy)
18. Comparison parameter - Orchestration
• Both old and new Swarm modes can be used.Docker Machine
• Swarm mode
Docker’s
custom cloud
• ECS – Amazon’s proprietary scheduler
• GKE – Kubernetes
• ACS – Supports Docker Swarm, Kubernetes,
Mesos
Cloud provider’s
CaaS
• DDC – Swarm mode
• Docker cloud – proprietary orchestration and
Swarm mode, Swarm mode available as beta
Docker’s CaaS
19. Comparison parameter - Management
• Docker-machine interface for managing cluster.
Container management using Docker tools.Docker Machine
• Cluster creation using cloud provider template,
Cluster management using Cloud provider tools,
Container management using Docker tools.
Docker’s
custom cloud
• ECS – ECS GUI and CLI
• GKE – Cluster management using Google cloud,
Kubernetes dashboard to manage Containers
• ACS – Cluster management using Azure cloud,
Container management using Docker tools.
Cloud provider’s CaaS
• DDC – UCP and DTR has GUI to manage,
Supports Docker API.
• Docker cloud – GUI to manage. Supports Docker
API.
Docker’s CaaS
20. Comparison parameter – Networking & Storage
• Libnetwork with overlay for networking. Docker volume
plugin supported by cloud provider can be used.Docker Machine
• Libnetwork with overlay for networking. Cloudstor volume
plugin is supported currently.
Docker’s
custom cloud
• ECS – Overlay network not supported. Docker volume is
supported with limited drivers
• GKE – Kubernetes based networking. Storage through
Kubernetes persistent disk and google cloud storage
• ACS – Libnetwork with overlay for networking. Docker
volume driver using Azure file storage is supported.
Cloud provider’s
CaaS
• Libnetwork with overlay for networking. Docker volume
plugin supported by cloud provider can be usedDocker’s CaaS
21. Comparison parameter – Registry
• Docker hub is default. Can be used with any Docker
registry.
Docker
Machine
• Can be used with any Docker registry.
Docker’s
custom cloud
• ECS –Docker registry and Amazon’s ECR
• GKE – Docker registry and Google’s container
registry
• ACS – Docker registry and Microsoft’s ACR
Cloud
provider’s CaaS
• DDC – DTR
• Docker cloud – Docker cloud registry and any other
Docker registry
Docker’s CaaS
22. Comparison parameter – Cloud integration
• Minimal cloud integration.
Docker
Machine
• Integrated with cloud networking, firewall, load
balancer, logging. This can be improved further.
Docker’s
custom cloud
• Provides native integration of Containers to other
cloud offerings from provider.
Cloud
provider’s CaaS
• DDC – Good integration with cloud services.
• Docker cloud – Swarm mode has minimal integration
now. Non-swarm mode has better integration.
Docker’s CaaS
23. Comparison parameter – Application file format
• Compose formatDocker Machine
• Compose format
Docker’s
custom cloud
• ECS – Proprietary task definition format, limited
compose support
• GKE – Kubernetes task definition format
• ACS – Compose can be used with Docker Swarm
Cloud provider’s
CaaS
• DDC – Compose format
• Docker cloud – Compose format, supported stackfile
format earlier which is similar to compose
Docker’s CaaS
24. Comparison parameter – Docker version & upgrade
• Uses CE latest version 17.03. No easy way to use older
versions.
• Docker upgrade has to be done manually.
Docker Machine
• Uses CE latest version 17.03. No easy way to use older
versions.
• Rolling upgrade is supported.
Docker’s
custom cloud
• ECS – Docker version 1.12.6. No flexibility with Docker
version. Container agent upgrade will also upgrade Docker
version. Upgrade is manual.
• GKE – Docker 1.11.2, Kubernetes 1.5.4. Rolling upgrade is
supported.
• ACS – CE version 17.03. No option to upgrade the cluster,
suggestion is to create new cluster.
Cloud provider’s
CaaS
• DDC – Uses EE 17.03 version. Need to upgrade UCP, DTR
and Docker engine separately. No rolling upgrade yet.
• Docker cloud – Uses CE latest version 17.03. Provides
integrated upgrade option.
Docker’s CaaS
25. Comparison parameter – Enterprise features
• Enterprise features has to be manually setup.Docker Machine
• Enterprise features has to be manually setup
Docker’s
custom cloud
• Integrated with cloud provider’s enterprise features like
user management, high availability.
Cloud provider’s
CaaS
• DDC – Highly available. Provides RBAC and LDAP
integration.
• Docker cloud – Supports organizations and teams.
Docker’s CaaS
26. Comparison parameter - Cost
• Cost is for cloud resource usage, no separate
cost for ContainersDocker Machine
• Cost is for cloud resource usage, no separate
cost for Containers
Docker’s
custom cloud
• AWS, ACS - Cost is for cloud resource usage,
no separate cost for Containers
• GKE – Chargeable after 5 Container nodes.
Cloud provider’s
CaaS
• DDC – Separate cost for Container nodes.
• Docker cloud – Separate charge for private
repositories
Docker’s CaaS
27. How do I pick the right option for me?
Production
use case
VM and
Container
used
Docker CaaS
Enterprise
grade DDC
Docker Cloud
Hybrid/Multi
cloud
Cloud
provider CaaS
Kubernetes
GKE
Azure
ECS
Azure
Docker custom
cloud
Docker
Machine
yes
yes
yes
yes
yesno
no
no
no
no
Caution:
This flowchart oversimplifies the problem.
There are more considerations than this.