The document discusses Docker Enterprise 3.0, highlighting its capabilities for securely building, sharing, and running applications across various infrastructures. Key features include enhanced Kubernetes support, automated lifecycle management, and a focus on developer productivity with tools like Docker Desktop and Trusted Registry. The presentation covers architectural elements, security improvements, and the deployment process for multi-service applications.

1. JENNY FONG & JOE COLANDRO
Docker Enterprise
Platform & Architecture

2. Product Marketing, Docker
Jenny Fong
Sr. Solutions Engineer, Docker
Joe Colandro

3. Agenda
Introduction to Docker Enterprise
● Docker Platform Overview
● Platform Architecture
What’s New in Docker Enterprise 3.0
Demos!

4. Containers are the New Standard for Apps

5. But how do you roll out a successful
container strategy in your business?
● Will this work with my existing storage and networking
solutions?
● How do you control access to the workloads?
● How do you ensure the system is secure?
● What kind of governance model is in place?
● Where will my content/IP live?
● What types of apps will I containerize?
● Who on my staff will maintain, patch and operate this?
● Do my developers know how to use Docker?

6. Docker Enterprise 3.0
Securely build, share and run any application, anywhere
Developer Productivity:
Docker Desktop Enterprise
Build
Secure Registry and
Collaboration:
Docker Trusted Registry
Docker Hub
Share
Application Runtime and
Orchestration:
Docker Engine Enterprise
Docker Universal Control Plane
Kubernetes and Swarm
Run

7. BUILD: Desktop Enterprise
● One-click to install
certified Kubernetes
● Application Designer and
Application Templates -
faster “time-to-Docker”
● Version Packs to align to
production environments
● Distributed as PKG or
MSI with standard
endpoint management
tools

8. SHARE: Docker Hub & Trusted Registry
100B+ Container
Downloads
HUB
TRUSTED
REGISTRY
● Run in your own servers or VPC
● Role-based access controls
● Immutable repositories
● Image promotion policies
● Image vulnerability scanning
● Image caching & mirroring
● Policy-based tag pruning
● Webhook integration for CI automation

9. RUN: Docker Kubernetes Service
with Universal Control Plane
● Integrated Kubernetes 1.14
○ Includes out-of-the-box Calico CNI
plugin
○ Option to run Swarm
interchangeably, using the same
Compose files
○ Advanced role-based access
controls with integration to
LDAP/AD, SAML 2.0
● Management dashboard with
healthchecks, 24-hour data retention
and easy drilldown of nodes,
containers, networks, volumes

10. Built on Foundation of Docker Engine
Docker Engine - Enterprise
Docker Engine - Community
containerd
runc
Certified
Plugins,
ISVs
Signature
Verification
FIPS 140-2
Support
SLA
Plugins
Storage
Networking
Docker
Compose
dockerd
Docker
CLI/API
Storage
mgmt
libnetwork
BuildKitSwarmKit
Docker
Content
Trust
Image
mgmt
Logs
Mgmt
● Based on leading containerd
runtime
● Includes BuildKit and Docker CLI
● Enterprise Engine includes:
○ Enhanced security features
like FIPS 140-2 validated
encryption
○ Certified plugins for
networking, storage, logging

11. Docker Enterprise
Architecture

12. Cluster Architecture
Docker Enterprise Cluster
Node
Manager
Node
Manager
Node
Manager
Management Plane
Node Node Node
Worker Worker Worker
NodeNode
DTR
Worker
Node
DTR
Worker
DTR
Worker

13. Kubernetes in Docker Enterprise
UCP Manager/Linux UCP Linux worker
calico cni
pods
kubedns
kube-proxy
kubelet
kube-controller-
manager
kube-manager
kube-scheduler
calico cni
pods
kube-proxy
kubelet

14. What’s New in Docker Enterprise 3.0
Automated lifecycle
management on your choice of
infrastructure
● Day 1 and Day 2 ops
● Easy install, scheduled and
online backups, blue/green
upgrades
Enhanced Kubernetes Support
● Enterprise Storage CSI,
iSCSI
● Built-in Ingress - Tech
Preview
Faster time-to-market for new
applications
● Enterprise-ready desktop
development environment
● Application templates
● Multi-service compose-based
applications (Docker App)
Enhanced security and
continuous compliance
● Group managed service
accounts (gMSA) for Swarm
● PKI Certificate-based
authentication
● Open Security Controls
Assessment Language
(OSCAL) - Tech Preview
Expanding Choice Enhanced SecurityHigh Velocity Innovation

15. Docker Applications
Build, share and run multi-service apps in a single package
deployable to any infrastructure
my-app.yml
Docker App
APP
DESCRIPTION
name-version-maintainer
APP
COMPONENTS
ENVIRONMENT
VARIABLES
default-settings.yml
● “Container of containers” defines an application that can be
comprised of multiple services
● Supports Docker Compose, Kubernetes YAML, Helm Charts
and more
● Implements the new open standard, CNAB, announced by
Docker and Microsoft
● Parameterized fields allow for flexible deployment across
different environments, delivering on “code once, deploy
anywhere”

16. End-to-End Docker Application Workflow
Consistency from Dev to Ops
BUILD:
● Define and package multiple
images and their
interdependencies
● Compatible with Docker
Compose, Helm charts and
Kubernetes YAML
SHARE:
● Collaborate and distribute via
Docker Hub and Docker Trusted
Registry
● Shareable applications with clear
interfaces for operators
RUN:
● Run multiple versions of the same
application and manage per-
environment settings
● Works with Swarm and
Kubernetes
DOCKER HUB
DOCKER TRUSTED
REGISTRY
DOCKER DESKTOP
ENTERPRISE
DOCKER ENGINE + DOCKER
KUBERNETES SERVICE

17. DEMO!

18. • Docker Enterprise is the
industry-leading enterprise
container platform
• The only container platform
that extends from developers’
desktops to the cloud
• Enabling applications of all
kinds
In Summary

19. beta.docker.com
Sign up for the Enterprise 3.0 Beta

20. Using Docker Desktop To Accelerate Software Development
Tuesday @ 3pm, Room 2020
Check out these sessions:
How Docker Simplifies Kubernetes for the Masses
Tuesday @ 4:40pm, Room 2020
Lifecycle Management of Docker Clusters
Wednesday @ 4:40pm, Room 3016

21. Rate & Share
Rate this session in the DockerCon
App
Follow me @TechGalJenny and
@JoeColandro
Tweet #DockerCon