Containers for Non-Developers

•

2 likes•862 views

Containers are a developer's new best friend. For all the non-developers, what does this mean? This session will demystify this abstraction called containers, and dive deep on how it changes the way we provision, deliver, deploy and manage applications. Speaker: Shiva Narayanaswamy, Solutions Architect, Amazon Web Services

Technology

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Shiva Narayanaswamy, Solutions Architect
September 2016
Containers for Non-Developers

Containerised Microservices
Dom 0
Instance Instance Instance
OS OS OS
Container Runtime Container Runtime Container Runtime
App App
Service Service
App App
Service Service
App App
Service Service

Container Orchestration
Dom 0
Instance Instance Instance
OS OS OS
Container Runtime Container Runtime Container Runtime
App Service App App Service Service
Container Orchestration

Container Orchestration
Dom 0
Instance/OS Instance/OS Instance/OS
App Service App App Service Service
Service Management
Scheduling
Resource Management
Orchestration
Service Management
§Labels
§Groups/Namespaces
§Dependencies
§Load Balancing
§Health Check
§Service Discovery

Non Functional Capabilities
Scalability
Performance, Responsiveness, Efficiency
Availability
Fault Tolerance, Reliability, DR
Flexibility
Extensibility, Portability, Interoperability
Usability
Familiarity, Debuggability, Maintainability
Portability
Container Runtime, Host OS, Cloud Provider, On-prem
Security
Isolation, Encryption, Secrets Management, Auditability

In NO Particular Order
[ ] Schedulers and Orchestration
[ ] Networking
[ ] Security
[ ] Operating Systems
[ ] Storage
[ ] Monitoring

Schedulers – General Blurb
Cluster
Machines
Cluster State
Information
Monolothic Two-Level Shared State
No Concurrency Pessimistic
Concurrency
(offers)
Optimistic
Concurrency
(transactions)
Scheduling Logic

Docker
Task
Container Instance
Amazon
ECS
Container
ECS Agent
ELB
Internet
ELB
User /
Scheduler
API
Cluster Management Engine
Task
Container
Docker
Task
Container Instance
Container
ECS Agent
Task
Container
Docker
Task
Container Instance
Container
ECS Agent
Task
Container
AZ 1 AZ 2
Key/Value Store
Agent Communication Service
ECS

Container Networking
Dom 0
Instance Instance Instance
OS OS OS
Container Runtime Container Runtime Container Runtime
Container Container Container Container Container Container

Overlay all of the Thingz
• Flannel
• Calico
• WeaveNet
• Swarm Mode

Security Pro-Tips
§ Host Security
§ Lock it down
§ Namespaces and cgroups are your friends
§ Select few belong to docker UNIX group
§ SELinux is also your friend
§ Docker daemon runs as root!
§ Docker Daemon Security
§ Do not run in privileged mode
§ Lock down inter container comms –icc=false
§ Secure APIs with TLS certificates

Whale-Say
"Only trusted users should be allowed to control your Docker daemon"
“If you run Docker on a server, it is recommended to run exclusively Docker
in the server, and move all other services within containers controlled by
Docker”

IMAGE REGISTRY
CI/CD
DEPLOYMENT SYSTEM
SOURCE
CODE REPO
SECURITY
SCANNING
CONTINUOUS
ASSURANCE
Pull latest
signed image
Commit Code
Trigger Build
Push signed
image
Pull latest
stable signed
image
DEVELOPER
Workflow

More Prescriptive Advice Here…
https://benchmarks.cisecurity.org/tools2/docker/CIS_
Docker_1.11.0_Benchmark_v1.0.0.pdf

Micro OS
CoreOS
RancherOS
Ubuntu Snappy
RedHat Atom
VmWare Photon
ECS Optimized Amazon Linux
RedHat
Atomic
VmWare
Photon
Ubuntu
Snappy
CoreOS RancherOS
395 MB
317 MB
215 MB
20 MB
150 MB

Persistent Storage
§ POSIX is legacy filesystem. So don’t!
§ Named volumes
§ Data only container
§ Flocker
§ Shared file system (EFS, GlusterFS etc.)

Monitoring and Operating
Monitoring systems need to be more available and scalable than the systems (and services) being monitored
~ Adrian Cockroft

CI/CD pipelines are key to developer agility and productivity but can add a level of complexity for infrastructure managers from an operational and security perspective. We will demonstrate a variety of CI/CD pipelines using popular 3rd party tools that allow for continuous delivery, while maintaining a high bar for quality and staying compliant with ITIL process. Speaker: Jan Haak, Solutions Architect, Amazon Web Services

DevOps, Microservices and Serverless Architecture

Mikhail Prudnikov

Continuous Delivery to Amazon ECS

Amazon Web Services

DevOps On AWS - Deep Dive on Continuous Delivery

Mikhail Prudnikov

Getting Started With Docker on AWS

Mikhail Prudnikov

(DVO306) AWS CodeDeploy: Automating Your Software Deployments

Amazon Web Services

So you’ve written some code. Now what? How do you make it available to your customers in an efficient and reliable manner? Learn how you can use AWS CodeDeploy to easily and quickly push your application updates. This talk will introduce you to the basics of CodeDeploy: key concepts, how it works, where it fits in your release process, and some deployment strategies to get you started on the right foot. We’ll walk through several demos, going from a basic sample deployment to a live update of a large multi-instance fleet, giving you a sense for how CodeDeploy can grow with your needs.

AWS re:Invent 2016: Securing Container-Based Applications (CON402)

Amazon Web Services

Containers have had an incredibly large adoption rate since Docker was launched, especially from the developer community, as it provides an easy way to package, ship, and run applications. Securing your container-based application is now becoming a critical issue as applications move from development into production. In this session, you learn ways to implement storing secrets, distributing AWS privileges using IAM roles, protecting your container-based applications with vulnerability scans of container images, and incorporating automated checks into your continuous delivery workflow.

(DVO305) Turbocharge YContinuous Deployment Pipeline with Containers

Amazon Web Services

It worked on my machine! How many times have you heard (or even said) this sentence? Keeping consistent environments across your development, test, and production systems can be a complex task. Enter containers! Containers offer a way to develop and test your application in the same environment in which it runs in production. Developers can use tools such as Docker Compose for local testing of complex applications; Jenkins and AWS CodePipeline for building and orchestration; and Amazon ECS to manage and scale their containers. Come to this session to learn how to build containers into your continuous deployment workflow, accelerating the testing and building phases and leading to more frequent software releases. Attendees will learn to use Docker containers to develop their applications and test locally with Docker Compose (or Amazon ECS local), integrate containers in building, deploy complex applications on Amazon ECS, and orchestrate continuous development workflows with CodePipeline.

As software teams transition to cloud-based architectures and adopt more agile processes, the tools they need to support their development cycles will change. In this session, we'll take you through the transition that Amazon made to a service-oriented architecture over a decade ago. We will share the lessons we learned, the processes we adopted, and the tools we built to increase both our agility and reliability. We will also introduce you to AWS CodeCommit, AWS CodePipeline, and AWS CodeDeploy, three new services born out of Amazon's internal DevOps.

Continuous Delivery with Docker and Amazon ECS

Amazon Web Services

Introduction to Docker on AWS

Amazon Web Services

Deep Dive on Elastic Load Balancing

Amazon Web Services

Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances for fault tolerance and load distribution. In this session, we go into detail about Elastic Load Balancing's configuration and day-to-day management, as well as its use in conjunction with Auto Scaling. We explain how to make decisions about the service and share best practices and useful tips for success.

AWS re:Invent 2016: Securing Container-Based Applications (CON402)

Amazon Web Services

AWS re:Invent 2016: Operations Automation and Infrastructure Management with ...

Amazon Web Services

At Capital One, we are using Docker and container technologies to advance microservices adoption, increase efficiencies of cloud resources, and decouple the application layer from the underlying infrastructure. Capital One is a federated organization with a “you build it, you own it” culture that provides autonomy and speed for delivery teams. Each federated team runs and operates their container management stack. In order for the federated teams to accelerate their cloud and container-based apps adoption, we created self-service automation tools for creation and operations management of container management stack. In this session, we explore our push-button automation tool that includes capabilities such as the creation and management of Amazon ECS clusters, an Application Load Balancer for dynamic and context-based routing and provides a user interface via a Jenkins Job or a AWS Lambda function. Our tooling also includes a home-grown dynamic service discovery and routing for applications requiring two-way mutual SSL authentication. We talk through how Capital One regularly updates AMIs with the latest patches and software versions using an automated solution that leverages AWS Lambda to rehydrate the Amazon ECS compute cluster with the latest AMI without causing any downtime. We also discuss how we created a sophisticated canary deployment automation using AWS Lambda and application services, where users can specify how to migrate to a new version of containerized apps and manage the deployment. AWS empowers enterprise Docker deployment with Amazon ECS and an ecosystem of cloud services and serverless architectures, making containerization in mission-critical environments easier than ever.

Getting Started with Docker on AWS

Amazon Web Services

AWS is an elastic, secure, flexible, and developer-centric ecosystem that serves as an ideal platform for Docker deployments. AWS offers the scalable infrastructure, APIs, and SDKs that integrate tightly into a development lifecycle and accentuate the benefits of the lightweight and portable containers that Docker offers to its users. This session familiarizes you with the benefits of containers, introduce Amazon EC2 Container Service, and demonstrates how to use Amazon ECS to run containerized applications at scale in production.

AWS re:Invent 2016: Building SaaS Offerings for Desktop Apps with Amazon AppS...

Amazon Web Services

Amazon AppStream 2.0 is an application streaming service that provides users with instant access to their applications from anywhere, on any connected device. Delivering desktop apps from the cloud allows enterprises to manage user access easily and keep apps current; ISVs can reach more users across more devices. In this session, we cover best practices for streaming desktop applications from the AWS Cloud with Amazon AppStream 2.0, and show you how you can address advanced topics such as user authentication, security, and managing an application catalog.

AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)

Amazon Web Services

The days of manually managing infrastructure tasks are quickly coming to an end; businesses increasingly need their infrastructure teams to react with the same agility of their development teams. In this session, we discuss various approaches to infrastructure-as-code utilizing AWS solutions across the areas of templated infrastructure provisioning, configuration management, and policy as code. We invite you to bring your questions and join AWS Solutions Architects as we dive deeper into the concepts and best practices behind infrastructure-as-code.

Continuous delivery and deployment on AWS

Shiva Narayanaswamy

AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS

Amazon Web Services

Based on your specific needs and the nature of your application, AWS offers a variety of services for getting your application up and running. You may want to launch and scale a web application or you may want to host a microservices application using Docker containers. How do you decide which service to use and when? In this webinar, we will provide an overview of the AWS services that help simplify launching and running your application in the cloud. We will discuss the strengths of each service and provide a framework for understanding when to use them. Learning Objectives: Understand the primary services for deploying your application on AWS Learn the basics of AWS Elastic Beanstalk, AWS CodeDeploy, and Amazon EC2 Container Service Gain an understanding of the strengths of each service and when to use them Who Should Attend: Developers, DevOps Engineers, IT Professionals

DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools

Amazon Web Services

Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.

(SEC202) Best Practices for Securely Leveraging the Cloud

Amazon Web Services

Cloud adoption is driving digital business growth and enabling companies to shift to processes and practices that make innovation continual. As with any paradigm shift, cloud computing requires different rules and a different way of thinking. This presentation will highlight best practices to build and secure scalable systems in the cloud and capitalize on the cloud with confidence and clarity. In this session we will cover: Key market drivers and advantages for leveraging cloud architectures. Foundational design principles to guide strategy for securely leveraging the cloud. The “Defense in Depth” approach to building secure services in the cloud, whether it’s private, public, or hybrid. Real-world customer insights from organizations who have successfully adopted the ""Defense in Depth"" approach. Session sponsored by Sumo Logic.

AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)

Amazon Web Services

Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as the ECS CLI and Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for building and workflow orchestration; Amazon EC2 Container Registry to store your container images; and Amazon EC2 Container Service to manage and scale containers. In this session, you will learn how to build containers into your development workflow and orchestrate container deployments using Amazon ECS. You will hear how Okta runs 30,000 tests per developer commit and releases 10,000 new lines of code each week to production with a CI system based on 100% AWS services. We'll also discuss how Okta uses ECS for parallelized testing in CI and for production microservices in a multi-region, always on cloud service.

Serverless Stream Processing with Bill Bejeck

confluent

AWS Serverless concepts and solutions

ElenaIvannikova3

無伺服器架構和Containers on AWS入門

Amazon Web Services

在無伺服器架構下，各位不需管理基礎架構資源，即可製作及佈建應用程式與服務，以往得預留伺服器空間與規模，才能運作應用程式碼、安裝與操作分散式資料庫、製作與運作處理API 需求的客製化軟體，如今AWS提供具備規模彈性及充分管理的服務堆疊，省去各種營運複雜事項。本場次將說明無伺服器架構的優點，以及AWS提供的無伺服器堆疊基本內容，並介紹如何將無伺服器架構用於各種需求，如資料處理及行動與網路後端。

AWS Innovate: Moving Microsoft .Net applications one container at a time - Da...

Amazon Web Services Korea

Advanced Container Management and Scheduling

Amazon Web Services

by Madhuri Peri, DevOps Consultant, AWS Professional Services Different containerized services have different needs. You may want to deploy containers to ensure availability, maximize resource utilization, or ensure data security. As you build and run production microservices based on containers, having powerful tools to manage the placement and scheduling of these workloads is critical. In this talk, we will focus on the capabilities of the Amazon EC2 Container Service task placement engine, options for task scheduling, and explore the use cases and construction of custom task schedulers. Level 300

Application Deployment on AWS - Startup Talks June 2015

Amazon Web Services

A Gentle Introduction To Docker And All Things Containers

Jérôme Petazzoni

Docker is a runtime for Linux Containers. It enables "separation of concern" between devs and ops, and solves the "matrix from hell" of software deployment. This presentation explains it all! It also explains the role of the storage backend and compares the various backends available. It gives multiple recipes to build Docker images, including integration with configuration management software like Chef, Puppet, Salt, Ansible. If you already watched other Docker presentations, this is an actualized version (as of mid-November 2013) of the thing!

Batch Applications for the Java Platform

Sivakumar Thyagarajan

What's hot

DevOps in Amazon.com

Amazon Web Services

Continuous Delivery with Docker and Amazon ECS

Amazon Web Services

Introduction to Docker on AWS

Amazon Web Services

Deep Dive on Elastic Load Balancing

Amazon Web Services

AWS re:Invent 2016: Securing Container-Based Applications (CON402)

Amazon Web Services

AWS re:Invent 2016: Operations Automation and Infrastructure Management with ...

Amazon Web Services

Getting Started with Docker on AWS

Amazon Web Services

AWS re:Invent 2016: Building SaaS Offerings for Desktop Apps with Amazon AppS...

Amazon Web Services

AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)

Amazon Web Services

Continuous delivery and deployment on AWS

Shiva Narayanaswamy

AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS

Amazon Web Services

DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools

Amazon Web Services

(SEC202) Best Practices for Securely Leveraging the Cloud

Amazon Web Services

AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)

Amazon Web Services

Serverless Stream Processing with Bill Bejeck

confluent

AWS Serverless concepts and solutions

ElenaIvannikova3

無伺服器架構和Containers on AWS入門

Amazon Web Services

AWS Innovate: Moving Microsoft .Net applications one container at a time - Da...

Amazon Web Services Korea

Advanced Container Management and Scheduling

Amazon Web Services

Application Deployment on AWS - Startup Talks June 2015

Amazon Web Services

What's hot (20)

DevOps in Amazon.com

Continuous Delivery with Docker and Amazon ECS

Introduction to Docker on AWS

Deep Dive on Elastic Load Balancing

AWS re:Invent 2016: Securing Container-Based Applications (CON402)

AWS re:Invent 2016: Operations Automation and Infrastructure Management with ...

Getting Started with Docker on AWS

AWS re:Invent 2016: Building SaaS Offerings for Desktop Apps with Amazon AppS...

AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)

Continuous delivery and deployment on AWS

AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS

DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools

(SEC202) Best Practices for Securely Leveraging the Cloud

AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)

Serverless Stream Processing with Bill Bejeck

AWS Serverless concepts and solutions

無伺服器架構和Containers on AWS入門

AWS Innovate: Moving Microsoft .Net applications one container at a time - Da...

Advanced Container Management and Scheduling

Application Deployment on AWS - Startup Talks June 2015

Viewers also liked

A Gentle Introduction To Docker And All Things Containers

Jérôme Petazzoni

Batch Applications for the Java Platform

Sivakumar Thyagarajan

Do We Need Containers Anyway?Dmitry Buzdin

Container Orchestration @Docker Meetup Hamburg

Timo Derstappen

Java EE 01-Servlets and Containers

Fernando Gil

AWS re:Invent 2016: The Cloud Is Enterprise Ready: How the University of Ariz...

Amazon Web Services

As enterprises seek to fully realize the scalability, availability, security, and agility of cloud computing, many are learning that they must migrate core business applications, such finance and human resource systems, not just public-facing websites. The University of Arizona shares how they addressed the challenge of creating a more efficient and agile IT operation. After initial success in migrating their Research Administration system, UA became the first major university to migrate their PeopleSoft application environments—Learning (EL), Human Resources (HR), and Student (SA)—to AWS. Learn about the university's enterprise migration roadmap, lessons learned, plans and budgets, and the tools available to support major enterprise migrations. See how to create a roadmap to cloud computing, transform application development, deploy mission-critical workloads at scale, and retrain staff.

Machine learning advanced applications

Kaniska Mandal

SecPod: A Framework for Virtualization-based Security Systems

Yue Chen

The OS kernel is critical to the security of a computer system. Many systems have been proposed to improve its security. A fundamental weakness of those systems is that page tables, the data structures that control the memory protection, are not isolated from the vulnerable kernel, and thus subject to tampering. To address that, researchers have relied on virtualization for reliable kernel memory protection. Unfortunately, such memory protection requires to monitor every update to the guest’s page tables. This fundamentally conflicts with the recent advances in the hardware virtualization support. In this paper, we propose SecPod, an extensible framework for virtualization-based security systems that can provide both strong isolation and the compatibility with modern hardware. SecPod has two key techniques: paging delegation delegates and audits the kernel’s paging operations to a secure space; execution trapping intercepts the (compromised) kernel’s attempts to subvert SecPod by misusing privileged instructions. We have implemented a prototype of SecPod based on KVM. Our experiments show that SecPod is both effective and efficient.

Integrating Spark and Solr-(Timothy Potter, Lucidworks)

Spark Summit

Containers - Transforming the data centre as we know it 2016

Keith Lynch

These innovative technologies are at the heart of the microservices and DevOps revolution currently sweeping through the IT industry. They are fuelling digital transformation and accelerating cloud adoption. They're helping organisations develop infrastructure agnostic applications that can be deployed anywhere i.e. Bare Metal, Virtualised Data Centres, Private and Public Cloud. They’re helping organisations to significantly reduce infrastructure costs and accelerating agile application delivery by automating application deployments and operational management. After this talk you’ll know what these open source technologies and open standards are, what they mean to you and your organisation and where you can go to try them out.

NFV management and orchestration framework architecture

sidneel

Pattern Recognition

Maaz Hasan

Container orchestrationTimo Derstappen

Cyber physical systems and robotics

trinhanhtuan247

Container Orchestration Wars

Karl Isenberg

Video: https://youtu.be/C_u4_l84ED8 Karl Isenberg reviews the history of distributed computing, clarifies terminology for layers in the container stack, and does a head to head comparison of several tools in the space, including Kubernetes, Marathon, and Docker Swarm. Learn which features and qualities are critical for container orchestration and how you can apply this knowledge when evaluating platforms.

Computer forensics

deaneal

NFV for beginners

Dave Neary

Introduction to HTTP protocol

Aviran Mordo

Virtualization and cloud Computing

Rishikese MR

Computer forensics powerpoint presentation

Somya Johri

Viewers also liked (20)

A Gentle Introduction To Docker And All Things Containers

Batch Applications for the Java Platform

Do We Need Containers Anyway?

Container Orchestration @Docker Meetup Hamburg

Java EE 01-Servlets and Containers

AWS re:Invent 2016: The Cloud Is Enterprise Ready: How the University of Ariz...

Machine learning advanced applications

SecPod: A Framework for Virtualization-based Security Systems

Integrating Spark and Solr-(Timothy Potter, Lucidworks)

Containers - Transforming the data centre as we know it 2016

NFV management and orchestration framework architecture

Pattern Recognition

Container orchestration

Cyber physical systems and robotics

Container Orchestration Wars

Computer forensics

NFV for beginners

Introduction to HTTP protocol

Virtualization and cloud Computing

Computer forensics powerpoint presentation

Similar to Containers for Non-Developers

State of Union - Containerz

Shiva Narayanaswamy

Introduction to Container Management on AWS

Amazon Web Services

Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...

Amazon Web Services

If you've ever considered moving part of your application stack to containers, don’t miss this session. Amazon ECS Software Engineer Uttara Sridhar will cover best practices for containerizing your code, implementing automated service scaling and monitoring, and setting up automated CI/CD pipelines with fail-safe deployments. Manjeeva Silva and Thilina Gunasinghe will show how McDonalds implemented their home delivery platform in four months using Docker containers and Amazon ECS to serve tens of thousands of customers.

Introduction to Container Management on AWS

Amazon Web Services

Omar Lari, Partner Solutions Architect at AWS, presents the Container ecosystem on AWS and how to manage containers. He starts with an overview of the container ecosystem and the various management tools available. Container orchestration concepts are explained, and finally he introduces Amazon EC2 Container Services (ECS). The Expedia success story is presented, illustrating the concepts and solutions adopted.

Containers and the Evolution of Computing

Amazon Web Services

In recent years, Docker containers have become a key component of modern application design. Increasingly, developers are breaking their applications apart into smaller components and distributing them across a pool of compute resources. Using Docker on your local development machine is simple, but running Docker applications at scale in production can be difficult. In this session, we will discuss the difficulties of running Docker in production and how Amazon EC2 Container Service (ECS) can be used to reduce the operational burdens. We will give an overview of the core architectural principles underlying Amazon ECS., and we will walk through a number of patterns used by our customers to run their microservices platforms, to run batch jobs, and for deployments and continuous integration. We will also demonstrate how to define multi-container applications, deploy and scale them seamlessly on a cluster with Amazon ECS.

AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...

Amazon Web Services

Through a combination of Amazon ECS and open source technologies, customers are able to build portable CI/CD pipelines on AWS. As container based deployments become more complex, they require additional rigging for integration. In this session, we show how popular Apache products like Kakfa, Storm, and Zookeeper are being deployed on top of Amazon ECS. We hear from HERE, a provider of mapping data, technologies, and services to the automotive, consumer, and enterprise sectors about an approach that leverages Consul from Hashicorp and Amazon ECS clusters for short-cycle deployments and tag-based environment promotion.

Amazon ECS with Docker | AWS Public Sector Summit 2016

Amazon Web Services

AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)

Amazon Web Services

Managing and scaling hundreds of containers is a challenging task. A container management solution takes care of these challenges for you, allowing you to focus on developing your application. In this session, we cover the role and tasks of a container management solution and we analyze how four common container management solutions - Amazon EC2 Container Service, Docker for AWS, Kubernetes, and Apache Mesos - stack against each other. We also see how you can easily get started with each of these solutions on AWS.

Pipelining DevOps with Jenkins and AWS

Jimmy Ray

Cloud Best PracticesEric Bottard

.NET Developer Days - So many Docker platforms, so little time...

Michele Leroux Bustamante

Docker is a key player in the microservices movement and is arguably the leader in containerization technology. That said, there are many ways to “do Docker”. Between the leading cloud providers AWS, Azure, and Google; plus other platform stacks like Docker/Swarm, Apache Mesos – DC/OS, and Kubernetes; it can get confusing.In this session, Michele will bring her customer experiences building solutions across most of these platforms – to provide you with the highlights, the architecture topologies, and some perspective on the way she helps her customers choose the right platform for their cloud, on premise or hybrid solutions.

Continuous Integration and Deployment Best Practices on AWS

Amazon Web Services

AWS Summit 2014 Perth - Breakout 6 With AWS companies now have the ability to develop and run their applications with speed and flexibility like never before. Working with an infrastructure that can be 100% API driven enables businesses to use lean methodologies and realize these benefits. This in turn leads to greater success for those who make use of these practices. In this session we'll talk about some key concepts and design patterns for Continuous Deployment and Continuous Integration, two elements of lean development of applications and infrastructures. Presenter: Adrian White, Solutions Architect, Amazon Web Services

Docker Demystified for SB JUG

Erik Osterman

A new movement is taking cloud by storm; Docker is evolving the way services are deployed by organizations so that they can operate more efficiently at scale — both in the cloud and on bare metal. In the same way shipping containers revolutionized the cargo industry, cheap, zero-penalty Linux Containers (LXC) are like shrink-wrapped VMs but without the fat. What’s not obvious, however, is how to roll your own Docker deployments and all tools you’ll need to leverage along the way. This discussion will cover: • Principles of Immutable Infrastructure • Docker Basics • Docker for Dev & QA • Docker in Production • Business Drivers • Answering the Question: Is Docker Ready for Prime Time?

Getting Started with Docker on AWS - DevDay Los Angeles 2017

Amazon Web Services

Getting Started with Docker On AWS

Amazon Web Services

Getting Started with Docker on AWS: AWS is an elastic, secure, flexible, and developer-centric ecosystem that serves as an ideal platform for Docker deployments. AWS offers the scalable infrastructure, APIs, and SDKs that integrate tightly into a development lifecycle and accentuate the benefits of the lightweight and portable containers that Docker offers to its users. This session will cover the benefits of containers, introduce Amazon EC2 Container Service, and demonstrates how to use Amazon ECS to run containerized applications at scale in production.

Getting Started with Docker on AWS - DevDay Austin 2017Amazon Web Services

Amazon ECS – Production Docker at Scale

Amazon Web Services

Containers have become key in modern application design. It is relatively easy to run a few containers on your laptop, but building and maintaining an entire infrastructure to run and manage containerized apps is hard and requires a lot of undifferentiated heavy lifting. In this session, we will discuss some of the core architectural principles underlying Amazon ECS, a highly scalable, high performance service to run and manage distributed applications using the Docker container engine. We will explore the advanced scheduling capabilities of Amazon ECS and dive deep into the Amazon ECS Service Scheduler, which optimizes for long-running applications by monitoring container health, restarting failed containers, and load balancing.

Docker on AWS

Amazon Web Services

Gaming across multiple devices

Patric Boscolo

Containers and Nutanix - Acropolis Container Services

NEXTtour

Similar to Containers for Non-Developers (20)

State of Union - Containerz

Introduction to Container Management on AWS

Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...

Introduction to Container Management on AWS

Containers and the Evolution of Computing

AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...

Amazon ECS with Docker | AWS Public Sector Summit 2016

AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)

Pipelining DevOps with Jenkins and AWS

Cloud Best Practices

.NET Developer Days - So many Docker platforms, so little time...

Continuous Integration and Deployment Best Practices on AWS

Docker Demystified for SB JUG

Getting Started with Docker on AWS - DevDay Los Angeles 2017

Getting Started with Docker On AWS

Getting Started with Docker on AWS - DevDay Austin 2017

Amazon ECS – Production Docker at Scale

Docker on AWS

Gaming across multiple devices

Containers and Nutanix - Acropolis Container Services

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Amazon Web Services

Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS. In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Amazon Web Services

La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup. Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti. Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.

Esegui pod serverless con Amazon EKS e AWS Fargate

Amazon Web Services

Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi

Costruire Applicazioni Moderne con AWS

Amazon Web Services

Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.

Come spendere fino al 90% in meno con i container e le istanze spot

Amazon Web Services

L’utilizzo dei container è in continua crescita. Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili. I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!

Open banking as a service

Amazon Web Services

In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th. Event Agenda : Open banking so far (short recap) • PSD2, OB UK, OB Australia, OB LATAM, OB Israel Intro to Open Finance marketplace • Scope • Features • Tech overview and Demo The role of the Cloud The Future of APIs • Complying with regulation • Monetizing data / APIs • Business models • Time to market One platform for all: a Strategic approach Q&A

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

Amazon Web Services

Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc. AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta. Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Amazon Web Services

Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity. AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet. Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Amazon Web Services

Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.

Computer Vision con AWS

Amazon Web Services

Database Oracle e VMware Cloud on AWS i miti da sfatare

Amazon Web Services

Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti. Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

Amazon Web Services

Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti. Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire. Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito. In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.

API moderne real-time per applicazioni mobili e web

Amazon Web Services

Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline. Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Amazon Web Services

Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali. In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.

Tools for building your MVP on AWSAmazon Web Services

How to Build a Winning Pitch DeckAmazon Web Services

Building a web application without serversAmazon Web Services

Fundraising EssentialsAmazon Web Services

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services

Introduzione a Amazon Elastic Container Service

Amazon Web Services

Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Esegui pod serverless con Amazon EKS e AWS Fargate

Costruire Applicazioni Moderne con AWS

Come spendere fino al 90% in meno con i container e le istanze spot

Open banking as a service

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Computer Vision con AWS

Database Oracle e VMware Cloud on AWS i miti da sfatare

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

API moderne real-time per applicazioni mobili e web

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Tools for building your MVP on AWS

How to Build a Winning Pitch Deck

Building a web application without servers

Fundraising Essentials

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Introduzione a Amazon Elastic Container Service

Recently uploaded

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

Free Complete Python - A step towards Data Science

RinaMondal9

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

みなさんこんにちはこれ何文字まで入るの？40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの？えこ...

名前です男

Microsoft - Power Platform_G.Aspiotis.pdf

Uni Systems S.M.S.A.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

SOFTTECHHUB

As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Paige Cruz

Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack. While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack. I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:

National Security Agency - NSA mobile device best practices

Quotidiano Piemontese

By Design, not by Accident - Agile Venture Bolzano 2024

Pierluigi Pugliese

20240607 QFM018 Elixir Reading List May 2024

Matthew Sinclair

20240609 QFM020 Irresponsible AI Reading List May 2024

Matthew Sinclair

20240605 QFM017 Machine Intelligence Reading List May 2024

Matthew Sinclair

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

Video Streaming: Then, Now, and in the Future

Alpen-Adria-Universität

In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Recently uploaded (20)

Introduction to CHERI technology - Cybersecurity

Free Complete Python - A step towards Data Science

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Microsoft - Power Platform_G.Aspiotis.pdf

DevOps and Testing slides at DASA Connect

Epistemic Interaction - tuning interfaces to provide information for AI support

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

National Security Agency - NSA mobile device best practices

By Design, not by Accident - Agile Venture Bolzano 2024

20240607 QFM018 Elixir Reading List May 2024

20240609 QFM020 Irresponsible AI Reading List May 2024

20240605 QFM017 Machine Intelligence Reading List May 2024

Securing your Kubernetes cluster_ a step-by-step guide to success !

Video Streaming: Then, Now, and in the Future

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Containers for Non-Developers

2. Containerised Microservices Dom 0 Instance Instance Instance OS OS OS Container Runtime Container Runtime Container Runtime App App Service Service App App Service Service App App Service Service

3. Container Orchestration Dom 0 Instance Instance Instance OS OS OS Container Runtime Container Runtime Container Runtime App Service App App Service Service Container Orchestration

4. Container Orchestration Dom 0 Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Service Management §Labels §Groups/Namespaces §Dependencies §Load Balancing §Health Check §Service Discovery

5. Container Orchestration Dom 0 Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Scheduling §Placement §Replication/Scaling §Resurrection §Rescheduling §Rolling deploys §Upgrades §Downgrades §Colocation

6. Container Orchestration Dom 0 Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Resource Management § Memory § CPU § GPU § Volumes § Ports § IPs

7. Non Functional Capabilities Scalability Performance, Responsiveness, Efficiency Availability Fault Tolerance, Reliability, DR Flexibility Extensibility, Portability, Interoperability Usability Familiarity, Debuggability, Maintainability Portability Container Runtime, Host OS, Cloud Provider, On-prem Security Isolation, Encryption, Secrets Management, Auditability

8. In NO Particular Order [ ] Schedulers and Orchestration [ ] Networking [ ] Security [ ] Operating Systems [ ] Storage [ ] Monitoring

9. Schedulers and Orchestration

10. Schedulers – General Blurb Cluster Machines Cluster State Information Monolothic Two-Level Shared State No Concurrency Pessimistic Concurrency (offers) Optimistic Concurrency (transactions) Scheduling Logic

11. Customers Like Options

12. Docker Task Container Instance Amazon ECS Container ECS Agent ELB Internet ELB User / Scheduler API Cluster Management Engine Task Container Docker Task Container Instance Container ECS Agent Task Container Docker Task Container Instance Container ECS Agent Task Container AZ 1 AZ 2 Key/Value Store Agent Communication Service ECS

13. Networking

14. Container Networking Dom 0 Instance Instance Instance OS OS OS Container Runtime Container Runtime Container Runtime Container Container Container Container Container Container

15. Overlay all of the Thingz • Flannel • Calico • WeaveNet • Swarm Mode

16. Security

17. Security Pro-Tips § Host Security § Lock it down § Namespaces and cgroups are your friends § Select few belong to docker UNIX group § SELinux is also your friend § Docker daemon runs as root! § Docker Daemon Security § Do not run in privileged mode § Lock down inter container comms –icc=false § Secure APIs with TLS certificates

18. Whale-Say "Only trusted users should be allowed to control your Docker daemon" “If you run Docker on a server, it is recommended to run exclusively Docker in the server, and move all other services within containers controlled by Docker”

19. IMAGE REGISTRY CI/CD DEPLOYMENT SYSTEM SOURCE CODE REPO SECURITY SCANNING CONTINUOUS ASSURANCE Pull latest signed image Commit Code Trigger Build Push signed image Pull latest stable signed image DEVELOPER Workflow

20. More Prescriptive Advice Here… https://benchmarks.cisecurity.org/tools2/docker/CIS_ Docker_1.11.0_Benchmark_v1.0.0.pdf

21. Operating System

22. Micro OS CoreOS RancherOS Ubuntu Snappy RedHat Atom VmWare Photon ECS Optimized Amazon Linux RedHat Atomic VmWare Photon Ubuntu Snappy CoreOS RancherOS 395 MB 317 MB 215 MB 20 MB 150 MB

23. Storage

24. Persistent Storage § POSIX is legacy filesystem. So don’t! § Named volumes § Data only container § Flocker § Shared file system (EFS, GlusterFS etc.)

25. Monitoring and Operations

26. Monitoring and Operating Monitoring systems need to be more available and scalable than the systems (and services) being monitored ~ Adrian Cockroft

27. Demo ApacheDogs and NginxCats

28. Thank You!

Containers for Non-Developers

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Containers for Non-Developers

Similar to Containers for Non-Developers (20)

More from Amazon Web Services

More from Amazon Web Services (20)

Recently uploaded

Recently uploaded (20)

Containers for Non-Developers