Docker Container As A Service
X11 Linux apps on mac in a container.
In container Java development with STS or Eclipse in a container.
Docker UCP and swarm load balancing with Interlock.
30. docker-compose: running multiple containers
Run your stack with one command: docker-compose up
Describe your stack with one file: docker-compose.yml
web:
build: .
command: python app.py
ports:
- "5000:5000"
volumes:
- .:/code
links:
- redis:redis
redis:
image: redis
31. Docker for Mac and Windows private beta
https://beta.docker.com/
54. Notary
“Let’s stop using curl|sh”
Trusted collections for any content
Transport-agnostic
Reliable updates, proof of origin, resistant to untrusted
transport, survivable key compromise
Build on industry-leading standards and research
60. Docker & Microsoft
• Build
• Docker Toolbox & Kitematic for Windows
• Docker for Windows beta
• Docker engine on Windows Server 2016 TP4
• yo-docker to dockerize existing projects
• Visual Studio Docker Tools
• Ship
• VSTS extension for Docker beta
• Run
• Azure Docker agent
• ACS
• Docker datacenter on Azure ARM template
64. Unikernels
specialised, single-address-space machine images
constructed by using library operating systems.
• Smaller
• link only the parts of the OS lib you need
• Faster
• fast boot
• compiler can perform whole-system optimization
• More secure
• reduced attack surface
72. 5
Goldilocks and the 3 XaaS
Platform As A Service
Infrastructure As A Service
Software
As A Service
Too high
Too low
Just right
Container As A Service
73. 5
Goldilocks and the 3 XaaS
Container As A Service
Infrastructure As A Service
Software
As A Service
74. Docker Containers as a Service (CaaS)
An IT managed and secure application content and infrastructure
where developers can self service build and deploy applications
75. The Docker Journey: The Power of AND
78
Manage and secure
at scale
Frictionless
movement
Innovation at
speed
+ +Agility Portability Control
77. Lessons learned: Avoid these pitfalls
1
2
3
Developers don’t adopt locked down systems
Existing “end to end” solutions break the
Docker experience
Beware of lock-in and loss of portability
80
87. Docker Containers as a Service platform
90
BUILD
Developer Workflows
SHIP
Registry Services
RUN
Management
Docker Toolbox Docker Trusted Registry Docker Universal Control Plane
Docker Cloud
Docker Engine
Ecosystem Plugins and Integrations
88. Characteristics of a CaaS
91
Any
Infrastructure
Any Operating
System
Any
Language
Any App
Architecture
Any
Application
Stage
Developers
+ IT Ops
The Power of AND
Open APIs
Broadest Ecosystem Support
89. Docker accelerates modern app initiatives
Cloud
Microservices
80%
Docker is central to
cloud strategy
State of App development Survey: Q1 - 2016
3 out 4
Top initiatives revolve
around applications
44%
Looking to adopt
DevOpsDevOps
92
90. Use Case: Decentralized CaaS for hybrid and multi cloud portability
Private datacenter for regulated apps
Central Portal
• Provision resources
• RBAC to VPC / datacenter
• Trusted Registry hosted
application templates
Cloud for all other apps
VPC 1 VPC2
App 1 App 2 App
App 1 App 2 App
Cloud
Portability
App
Portability
91. Use Case: Centralized CaaS for transformation to DevOps and micro services
After
Authorization
App Registration
Session
Management
Marketplace
Integration
Logging
…more
Trusted RegistryApp Service App Service
App A App B
Auth
…more
App Reg
Marketplace
Logging
Auth
Session
…more
App Reg
Logging
Before
App Teams
App BAuth
App Reg Marketplace
Logging
App Service
Universal Control Plane
App AAuth
App Reg Marketplace
Logging
App Service
App BAuth
App Reg Marketplace
Logging
App Service
App AAuth
App Reg Marketplace
Logging
App Service
Portability
93. • Docker Swarm, Compose and networking
• docker 1.11
• swarm 1.1.0
• compose 1.6.0 with networking
• Run/Debug with STS IDE in
a container
Spring Boot App using MongoDB
https://github.com/joshlong/spring-doge
https://github.com/chanezon/docker-tips/orchestration-networking
https://github.com/chanezon/spring-doge
94. Docker Universal Control Plane
https://github.com/chanezon/docker-tips/tree/master/azure-acs-ucp
95. Load balancing in UCP with Interlock
See "Reference Architecture: Service Discovery and Load Balancing with Docker Universal Control Plane (UCP)"
96. ucp-controller
Cloud LB
ucp-node-1 ucp-node-2
Cloud LB
etcd InterlockSwarm ucp-proxy nginx nginx
Configuration
Reconfigures
myapp:314
myapp:42
myapp:1968
myapp.comdocker run myapp
Load balancing in UCP with Interlock
https://github.com/chanezon/docker-tips/orchestration-networking
Interlock
Events
98. Let’s Dockerize a Neo4J App
https://github.com/neo4j-examples/movies-java-spring-data-neo4j-4
99. • Service Discovery
• https://github.com/gliderlabs/registrator
• https://github.com/hashicorp/consul-template
• https://github.com/ehazlett/interlock
• Persistent volumes with Swarm and Rex Ray on AWS
• http://blog.emccode.com/2015/11/03/use-docker-swarm-with-a-data-
persistence-layer/
• https://github.com/emccode/rexray
• Kubernetes on Swarm
• https://github.com/docker/swarm-frontends
Orchestration projects
100. • IPVS, Andrey Sibiryov, http://www.slideshare.net/Docker/kernel-load-
balancing-for-docker-containers-using-ipvs
• DNS Service Discovery for Docker Swarm, Ahmet Alp Balkan,
http://www.slideshare.net/Docker/dns-service-discovery-for-docker-swarm
Load Balancing
101. • Spring Boot, MongoDB, compose, swarm, networking
• https://github.com/joshlong/spring-doge
• https://github.com/chanezon/docker-tips/orchestration-networking
• Java EE 7 / Angular App with Docker Swarm by @mgreau
Compose for build and deploy, Wildfly, Apache, Angular, Mysql, Redis,
batch and API apps
• https://github.com/mgreau/docker4dev-tennistour-app
• Java EE Docker & Kubernetes by @arun-gupta
• https://github.com/javaee-samples/docker-java
Java Examples
102. • Docs
https://docs.docker.com/engine/userguide/networking/dockerne
tworks/
• Create a Swarm cluster with networking
https://github.com/chanezon/docker-tips/orchestration-
networking
• Networking in compose
https://github.com/docker/compose/blob/master/docs/networki
ng.md
• Nathan Leclaire Seamless Docker Multihost Overlay Networking
on DigitalOcean With Machine, Swarm, and Compose,
Docker networking
103. • Using Ansible with Docker Machine to Bootstrap Host Nodes
http://nathanleclaire.com/blog/2015/11/10/using-ansible-with-
docker-machine-to-bootstrap-host-nodes/
• Seamless Docker Multihost Overlay Networking on DigitalOcean
With Machine, Swarm, and Compose, RethinkDB
http://nathanleclaire.com/blog/2015/11/17/seamless-docker-
multihost-overlay-networking-on-digitalocean-with-machine-
swarm-and-compose-ft.-rethinkdb/
Nathan’s tips
Editor's Notes
Their customer loves the apps they are building so fast for him: George sees $$ glint in his eyes!
George relishes complexity.
Nobody understands how the system works... apart from him.
QWERTY 3.0 is a disaster, 2 years late
Docker Hub is Docker’s cloud service for …
Publishing and discovering container images through the public registry
Team collaboration and automation of application workflows
… and to make all this easy to configure and manage, Docker Trusted Registry also features a web-based admin GUI
… for insights into the state of the DTR host …
The Docker mission is enable organizations to build, ship and run distributed applications anywhere.
The Docker CaaS platform delivers these benefits for organizations and is already proven by the thousands of organizations who embarked on the Docker journey starting in 2013
Agility – The speed and simplicity of Docker is what originally drew developers to Docker. They were fundamentally able to ship more software faster. This fundamentally changed the way in which companies could innovate
- ING went from shipping once every 9 months to shipping over 1,500 times a year by adoption Docker and DevOps
- CapitalOne was able to use Docker to transform how they use data to empower their data scientists and business decisions.
Portability – Just by the nature of the Docker technology, these developers realized they could easily move that containerized app from dev to test and ultimately to prod without any issue. No more finger pointing about why the app that worked fine in dev doesn’t work in prod. Having the app and dependencies packaged together made the container a self contained and independent unit. And beyond that, teams realized they could also move these apps across data centers and clouds – giving them a level of freedom and leverage not possible before. No more lock-in.
The combination of agility and portability led to the #1 most popular use case for Docker – Continuous Integration. But that’s only half the value. To realize the full value of Docker, these apps need to move to production and new requirements around manageability, security and monitoring are required to enforce SLAs.
Control – The Docker platform is the only solution that provides Agility AND Portability AND Control.
Docker standardizes your application environment, with native tooling to manage the infrastructure and applications. And we provide you the levers so YOU can decide how much control and freedom is appropriate for YOUR business. We don’t prescribe that for you. Our tools help unify your heterogeneous infrastructure, languages and systems.
The Docker CaaS platform delivers these benefits for organizations and is already proven by the thousands of organizations who embarked on the Docker journey starting in 2013
Agility – The speed and simplicity of Docker is what originally drew developers to Docker. They were fundamentally able to ship more software faster. This fundamentally changed the way in which companies could innovate
- ING went from shipping once every 9 months to shipping over 1,500 times a year by adoption Docker and DevOps
- CapitalOne was able to use Docker to transform how they use data to empower their data scientists and business decisions.
Portability – Just by the nature of the Docker technology, these developers realized they could easily move that containerized app from dev to test and ultimately to prod without any issue. No more finger pointing about why the app that worked fine in dev doesn’t work in prod. Having the app and dependencies packaged together made the container a self contained and independent unit. And beyond that, teams realized they could also move these apps across data centers and clouds – giving them a level of freedom and leverage not possible before. No more lock-in.
The combination of agility and portability led to the #1 most popular use case for Docker – Continuous Integration. But that’s only half the value. To realize the full value of Docker, these apps need to move to production and new requirements around manageability, security and monitoring are required to enforce SLAs.
Control – The Docker platform is the only solution that provides Agility AND Portability AND Control.
Docker standardizes your application environment, with native tooling to manage the infrastructure and applications. And we provide you the levers so YOU can decide how much control and freedom is appropriate for YOUR business. We don’t prescribe that for you. Our tools help unify your heterogeneous infrastructure, languages and systems.
To do that, we can accelerate our path by learning from those who have traveled this path before and avoid common pitfalls when investigating solutions.
An environment that is too locked down becomes a hassle for developers and adoption will suffer. Shadow IT behavior will emerge and developers will start creating new tools and processes to be able to use the languages they need and complete their work.
EXAMPLE: BBC News had a locked down CI environment that did not include the tooling needed by many of the developers so the team created a side process to use the languages they needed. That not only went outside the official systems but then added a few days to each CI job.
2) Many of the existing solutions on the market are either too opinionated of a PaaS or are cobbled together solutions with a number of different products. These solutions can be difficult to deploy and manage over time. More specifically, many of them support the Docker format or take the Docker code and customize it for their solution environment. This can break not only the developer experience but also the ops side of the experience because they only supporting parts of the Docker API – so the user will not experience the desired behavior in all situations. This also breaks the ecosystem because the hundreds of partners building to the API may have compatibility issues against these solutions.
3) Portability is a default requirement for distributed applications. As the content creator, you must retain control of where that app lives and your ability to move it from environment to environment, to a different team and to different infrastructure providers.
Other pitfalls…
Developers will run entire application lifecycle outside of infra ops (shadow IT)
Infrastructure-centric “container solutions” break developer experience
Organizational finger-pointing is compounded because of stifled productivity
Legacy applications get overlooked
Gilt also shares the example where emphasizing control lead to a “cycle of suck” where they were taking longer to ship and with less innovation
Local development environments
Self service app images
Build, Test, Deploy applications
Define app behavior and infra needs
Registry services for image storage, management and distribution
IT Ops maintains library of secure base content
Manage role based access to repos/images
Management consoles
Provision, manage infrastructure resources
Monitor, manage, scale infrastructure and applications
Docker is the only solution to give you agility, control and portability for all your distributed apps. The right choice in helping transform your business into an agile business.
The platform is the only commercially supported Docker solution available on the market today. Other vendors who state they support Docker is not actually providing technical support and maintenance into the Docker product code. Docker is the only commercial yet open platform that gives you the operational flexibility you need.
And unlike other solutions, Docker is…
Language agnostic: C, Java, Phython, PHP, Go….
Infrastructure agnostic: on-prem, cloud, virtual, bare metal
All stages: from dev to test to release engineering to production
Any OS: Linux, Windows, Solaris
Docker enables agile distributed applications in production to create agile companies
Software is the lifeblood of your organization, whether automating internal processes or creating unique and engaging ways for you to service your customer, every company considers themselves a “digital” or “tech” company to some extent. To that end, many organizations like yours are looking at strategies to…
- Modernize their apps (refactor or build cloud native apps)
- Adopt microservces / distributed app architectures
- migrate to containers
- Cloud adoption, migration or multi cloud approaches
But getting tthere isn’t always easy becuase you have legacy applications and envrionment to take care while you try to do new innovatinv things. Your organizational processes might not be ready to go all in and how do you avoid the worries of just getting locked into a cloud from your datacenter?
This leading phahas a hybrid cloud environment and would like to have a portal to completely abstract away the infrastructure details from their app teams. This way in the portal they request compute resources. Depending on if the app is regulated or not, the actual provisioning and deployment will happen to either an AWS VPC or their private datacenter. In addition to the portal, J&J would like to add a central IT managed marketplace to get app templates and images to help the teams get started. Once provisioned, the actual deployment and ongoing management is de-centralized and owned by the application teams.
Use Cases
- Developer self service
- Hybrid cloud portability
- Multi cloud environment
Why Docker?
App portability is a MUST. Over time they want the option to move the DC apps to cthe cloud as regulations change. Additionally they have already added Azure to their environment and would like to be able to move apps to the new clouds.
ADP operates in a more traditional centralized IT model where IT manages and operates the application and environment ongoing. ADP looked at Docker as they began their transition to DevOps. They were interested in gaining more efficiencies and re-use of code by moving to a shared services model instead of monoliths with a lot of repeat services. ADP has OpenStack for their private cloud and AWS for their public cloud. As part of the transition, ADP would will setup a central marketplace where the shared services apps are available for the app teams. In the ADP example both the environment and ongoing management remains centralized.
Use Cases
- Transition to Micro services
- Enable Dev Ops
- CI/CD
Why Docker?
Need app portability so they can choose to move across AWS / Openstack