Kubernetes has many ways to scale your workloads, most of what we hear about is scaling our cluster up with either with vm sets or autoscaling groups. There is another way, in this talk we will look at virtual kubelet. Virual Kubelet will allow us to talk to a cloud providers container as a service platform like ACI, fargate or ECI. We will deep dive into how you can scale your applications across virtual kubelet. One issue is the kubernetes service type has is scaling to zero due to the way routing to the pod happens if there is no pod for the service to route too. Scaling our applications to zero is just as important and scaling up. We will look at projects that integrate with the horizontal pod autoscaler that fix this issue. Allowing us to not only scale our applications up but as easily down to make our cluster truly elastic.
2016 - Continuously Delivering Microservices in Kubernetes using Jenkinsdevopsdaysaustin
Presentation by Sandeep Parikh
In this talk, we will cover the basics of Kubernetes and show how to set up continuous delivery pipelines using Jenkins and Jenkins Workflow to go from code to deployment, without developers having to interact with the production deployment infrastructure. The goal is an end-to-end set of steps to automate deployment and delivery of an application composed of several microservices.
Going Serverless with Kubeless In Google Container Engine (GKE)Bitnami
If you'd like to watch along with the recording of the webinar, visit: http://bitn.am/2u5bOnA
Serverless computing has given back loads of time and money to developers whose focus is to create new, popular and disruptive applications. Without serverless computing, developers would still be spending most of their time on infrastructure rather than building new features to improve their users' experience.
With the move to containers and increased market share for Kubernetes, Bitnami has wanted to stay one step ahead by providing a serverless tool that is also Kubernetes-native, ... Kubeless! Kubeless tackles the challenge of integrating cloud services through small logical units. When creating your new project or application on Kubernetes, Kubeless will allow you to focus on creating a great application with a lightweight and flexible infrastructure.
In this video, you will watch and learn:
-The benefits of serverless computing on Kubernetes
- How to link several cloud services together with small, lightweight pieces of code
- How to install Kubeless into your GKE cluster
- How to deploy Python and Node.js functions with a straightforward CLI call
- An introduction to the Kubeless UI and how to write, update, delete, and deploy functions through it
This presentation will introduce you to Container, Docker, and Kubernetes with a live demo. This also explains Kubernetes basic concepts such as Pod, Deployment, Service, Ingress, and Rolling Update.
Facebook Live: https://www.facebook.com/imcinstitute/videos/4199946253380670
Youtube Recorded: https://youtu.be/vW1Yq5ftWZ4
IMC Live Webinar on July 17, 2020
Openshift has the mechanism for building and deploying applications and Jenkins is a tool use for continuous integration/delivery/deployment. If we combine these together we can create a CI/CD pipeline that will allow us to promote builds of applications and make them available in our OSE instance.
Video - https://youtu.be/IreIK-jICgY
We are on the cusp of a new era of application development software: instead of bolting on operations as an after-thought to the software development process, Kubernetes promises to bring development and operations together by design.
Deploying containerized applications with KubeappsJanakiram MSV
Kubeapps is a Kubernetes dashboard that supercharges your Kubernetes cluster with simple browse and click deployment of apps in any format. Building on Bitnami’s contributions to leading open source projects, Kubeapps provides a complete application delivery environment that empowers users to launch, review and share applications.
Cloud foundry: The Platform for Forging Cloud Native ApplicationsChip Childers
It wasn’t too long ago that artisans, bathed in the glow of molten metal, forged parts that would go on to make up bigger, more powerful machines. Today, we call those artisans developers. Instead of metal, they use bits and bytes in the cloud to forge a modern application architecture that supports public, private and hybrid application deployment. One that enables users and developers to move their applications wherever they need to go. And it’s built on a growing, vibrant ecosystem.
Nowhere is this epic shift in how things are made more visible than the meteoric adoption of Cloud Foundry. In this talk, Chip Childers, VP of Technology for Cloud Foundry Foundation, will give attendees an inside look at the industry movements and the technological requirements that are driving Cloud Foundry's rapid adoption. Most importantly, he will walk through how organizations are responding to the challenge of continuous innovation, what's driving modern application architectures, and how the Cloud Foundry platform uses specific constraints in order to fulfill it's promise to application owners.
Kubernetes has many ways to scale your workloads, most of what we hear about is scaling our cluster up with either with vm sets or autoscaling groups. There is another way, in this talk we will look at virtual kubelet. Virual Kubelet will allow us to talk to a cloud providers container as a service platform like ACI, fargate or ECI. We will deep dive into how you can scale your applications across virtual kubelet. One issue is the kubernetes service type has is scaling to zero due to the way routing to the pod happens if there is no pod for the service to route too. Scaling our applications to zero is just as important and scaling up. We will look at projects that integrate with the horizontal pod autoscaler that fix this issue. Allowing us to not only scale our applications up but as easily down to make our cluster truly elastic.
2016 - Continuously Delivering Microservices in Kubernetes using Jenkinsdevopsdaysaustin
Presentation by Sandeep Parikh
In this talk, we will cover the basics of Kubernetes and show how to set up continuous delivery pipelines using Jenkins and Jenkins Workflow to go from code to deployment, without developers having to interact with the production deployment infrastructure. The goal is an end-to-end set of steps to automate deployment and delivery of an application composed of several microservices.
Going Serverless with Kubeless In Google Container Engine (GKE)Bitnami
If you'd like to watch along with the recording of the webinar, visit: http://bitn.am/2u5bOnA
Serverless computing has given back loads of time and money to developers whose focus is to create new, popular and disruptive applications. Without serverless computing, developers would still be spending most of their time on infrastructure rather than building new features to improve their users' experience.
With the move to containers and increased market share for Kubernetes, Bitnami has wanted to stay one step ahead by providing a serverless tool that is also Kubernetes-native, ... Kubeless! Kubeless tackles the challenge of integrating cloud services through small logical units. When creating your new project or application on Kubernetes, Kubeless will allow you to focus on creating a great application with a lightweight and flexible infrastructure.
In this video, you will watch and learn:
-The benefits of serverless computing on Kubernetes
- How to link several cloud services together with small, lightweight pieces of code
- How to install Kubeless into your GKE cluster
- How to deploy Python and Node.js functions with a straightforward CLI call
- An introduction to the Kubeless UI and how to write, update, delete, and deploy functions through it
This presentation will introduce you to Container, Docker, and Kubernetes with a live demo. This also explains Kubernetes basic concepts such as Pod, Deployment, Service, Ingress, and Rolling Update.
Facebook Live: https://www.facebook.com/imcinstitute/videos/4199946253380670
Youtube Recorded: https://youtu.be/vW1Yq5ftWZ4
IMC Live Webinar on July 17, 2020
Openshift has the mechanism for building and deploying applications and Jenkins is a tool use for continuous integration/delivery/deployment. If we combine these together we can create a CI/CD pipeline that will allow us to promote builds of applications and make them available in our OSE instance.
Video - https://youtu.be/IreIK-jICgY
We are on the cusp of a new era of application development software: instead of bolting on operations as an after-thought to the software development process, Kubernetes promises to bring development and operations together by design.
Deploying containerized applications with KubeappsJanakiram MSV
Kubeapps is a Kubernetes dashboard that supercharges your Kubernetes cluster with simple browse and click deployment of apps in any format. Building on Bitnami’s contributions to leading open source projects, Kubeapps provides a complete application delivery environment that empowers users to launch, review and share applications.
Cloud foundry: The Platform for Forging Cloud Native ApplicationsChip Childers
It wasn’t too long ago that artisans, bathed in the glow of molten metal, forged parts that would go on to make up bigger, more powerful machines. Today, we call those artisans developers. Instead of metal, they use bits and bytes in the cloud to forge a modern application architecture that supports public, private and hybrid application deployment. One that enables users and developers to move their applications wherever they need to go. And it’s built on a growing, vibrant ecosystem.
Nowhere is this epic shift in how things are made more visible than the meteoric adoption of Cloud Foundry. In this talk, Chip Childers, VP of Technology for Cloud Foundry Foundation, will give attendees an inside look at the industry movements and the technological requirements that are driving Cloud Foundry's rapid adoption. Most importantly, he will walk through how organizations are responding to the challenge of continuous innovation, what's driving modern application architectures, and how the Cloud Foundry platform uses specific constraints in order to fulfill it's promise to application owners.
Learning the Alphabet: A/B, CD and [E-Z] in the Docker Datacenter by Brett Ti...Docker, Inc.
What is the right balance between moving fast, innovating, experimenting with new technology, and protecting the personal data of our customers and interests of our stakeholders? How can we safely try new ideas in production without risking costly downtime? Does the utopia where developers are free from lock-in and operators enjoy the calm of a steadily running system exist in the real world? Is it possible to have open platforms with better security? At Kroger Digital we are still working through these questions every day but are redesigning our systems with the goals of true operational maturity and security. Discover how we are building capabilities for monitoring, A/B testing, and continuous delivery with Docker Datacenter, plugins, and open source building blocks such as NGiNX, ElasticSearch, and more.
How to build your containerization strategyDocker, Inc.
The Docker Enterprise Edition platform helps customers deploy and manage applications faster and it secures the application pipeline at a lower cost than traditional application delivery models. But it takes more than just great technology to achieve the desired results. The organization and culture of your enterprise directly impacts what you transform, how it’s done, and who does it. Success requires a strategy for how you will govern the Docker EE container platform, how to assess your application estate, what your delivery pipeline will look like, and how to ensure developers, operators, security teams and others play nicely together.
In this talk I will cover topics such as different types of workloads (legacy, microservices, FaaS, big data, ...), how your org chart can influence whether you deploy a CaaS (Containers as a Service) vs CLaaS (Clusters as a Service), how "shifting left" can determine if you can outsource, centralized vs distributed CI/CD and how containers play a role, transforming your pets into cattle, how giant whale balloons are used for onboarding, and a prescriptive and comprehensive methodology for successfully deploying Docker in your enterprise.
Considerations for operating docker at scaleDocker, Inc.
"Scale" happens along 3 different aspects: (1) applications and their services scale up and down leading to (2) the infrastructure scaling up to meet the needs of the applications, and finally (3) sites scale across multiple locations, including movement to public cloud. In this session, we will talk about how Docker EE scales along all three of these dimensions to give you a consistent platform for running your applications:
1. At the application level: how do you manage application state & health along with resource and security constraints to scale containers up and down up in a controlled fashion?
2. The infrastructure level: as your application estate grows on the Docker EE platform you will need to scale across more nodes. How do automate the provisioning of these new nodes and how do you integrate the Docker EE platform layer with your existing infrastructure systems and tools.
3. Finally, we'll talk about distributed scale: how do you take what works for applications in one data center and spread it across multiple sites, in an integrated fashion so you can operate seamlessly?
Watch the webinar here: https://codefresh.io/unlimited-staging-environments-lp/
Sign up for a FREE Codefresh account today: https://codefresh.io/codefresh-signup/
How to run complete, disposable apps on Kubernetes or Staging and Development.
See the full video webinar on our blog at https://codefresh.io/webinars/unlimited_staging_environments_webinar/
Canary Releases on Kubernetes with Spinnaker, Istio, & Prometheus (2020)Kublr
In a microservices world, applications consist of dozens, hundreds, or even thousands of components. Manually deploying and verifying deployment quality in production is virtually impossible. Kubernetes, which natively supports rolling updates, enables blue-green application deployments with Spinnaker. However, the gradual rollout is a feature that doesn’t come out-of-the-box but can be achieved by adding Istio and Prometheus to the equation.
During this meetup, Slava will discuss canary release implementations on Kubernetes with Spinnaker, Istio, and Prometheus. He’ll examine the role of each tool in the process and how they are all connected. During a demo, he will demonstrate a successful and failed canary release, and how these tools enable IT teams, to properly roll out changes to their customer base without any downtime.
An application path to production does not end with a deployment, even if you are using Kubernetes (K8s) as your application deployment platform. Reliable BCDR (backup and disaster recovery) plan and framework is a must for any production-ready system.
This presentation accompanies meetups and webinars in which Oleg Chunikhin, CTO at Kublr, shows how Velero BCDR framework works and demonstrates how it can be used to backup and recover realistic applications running on Kubernetes in different clouds and environments.
What is covered:
- general notions of Kubernetes applications BCDR
- Velero BCDR framework
- demo Velero BCDR for stateful applications running on AWS and Azure clouds
- demo Velero BCDR using Strimzi / Kafka cluster and ArgoCD CI/CD manager as example application
Helm is a tool that streamlines the creation, deployment and management of your Kubernetes-native applications. In this talk, we take a look at how Helm enables you to manage your deployment configurations as code, and demonstrate how it can be used to power your continuous delivery (CI/CD) pipeline.
Containers, OCI, CNCF, Magnum, Kuryr, and You!Daniel Krook
Presentation at the OpenStack Summit in Austin, Texas on April 28, 2016.
http://bit.ly/os-oci-cncf-ses
The technology industry has been abuzz about cloud workload containerization since the open source Docker project became a phenomenon in early 2014.
Meanwhile, an OpenStack Containers Team was formed and the Magnum project launched to provide users with a convenient Containers-as-a-Service solution for OpenStack environments.
As the potential of both technologies emerged, many wanted to see shared governance over the baseline container specification and runtime technology to ensure an open cloud ecosystem.
This past December, two new groups were launched with a goal of creating open, industry standards. The first called the Open Container Initiative (http://www.opencontainers.org), and the second called the Cloud Native Computing Foundation (http://cncf.io)
Jeffrey Borek - Program Director, Open Tech, IBM - @JeffBorek
Daniel Krook - Senior Software Engineer, IBM - @DanielKrook
Val Bercovici - Global Cloud CTO, NetApp/SolidFire - @valb00
Building CI/CD Pipelines with Jenkins and KubernetesJanakiram MSV
Learn how to configure CI/CD pipelines with Jenkins and Kubernetes. We will show you to how to automate deployments from source code to production clusters.
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...Bitnami
Looking for the fastest way to create Node.js development environments? Not sure if Node.js is right for you? With one-click solutions like AWS Lightsail and Bitnami's ready-to-run Node.js application, exploring the fastest growing development environment has never been easier.
Node.js has become a preferred development stack for many developers internationally. Bitnami applications and AWS Lightsail make creating and managing your Node.js projects easy and cost-efficient. Join Bitnami and our featured speakers from The Node.js Foundation and AWS Lightsail as we showcase why developers continue to use Node.js, what projects they are using Node.js for, and how Bitnami's Node.js application on AWS Lightsail can be the perfect end-to-end solution to easily and quickly bring your Node.js project to life.
Watch and learn:
- What Node.js is used for.
- How organizations use Node.js.
- Best practices and use cases for Node.js.
- What Amazon Lightsail is.
- The benefits of using Amazon Lightsail.
- How Bitnami and Amazon Lightsail are the best way to jump-start your Node app development.
- How to launch and manage your Node.js instance with Amazon Lightsail.
Presentation given at Open Source Summit Japan 2016 about the state of the cloud native technology (Cloud Native Computing Foundation) and the standardization of container technology (Open Container Initiative)
Learning the Alphabet: A/B, CD and [E-Z] in the Docker Datacenter by Brett Ti...Docker, Inc.
What is the right balance between moving fast, innovating, experimenting with new technology, and protecting the personal data of our customers and interests of our stakeholders? How can we safely try new ideas in production without risking costly downtime? Does the utopia where developers are free from lock-in and operators enjoy the calm of a steadily running system exist in the real world? Is it possible to have open platforms with better security? At Kroger Digital we are still working through these questions every day but are redesigning our systems with the goals of true operational maturity and security. Discover how we are building capabilities for monitoring, A/B testing, and continuous delivery with Docker Datacenter, plugins, and open source building blocks such as NGiNX, ElasticSearch, and more.
How to build your containerization strategyDocker, Inc.
The Docker Enterprise Edition platform helps customers deploy and manage applications faster and it secures the application pipeline at a lower cost than traditional application delivery models. But it takes more than just great technology to achieve the desired results. The organization and culture of your enterprise directly impacts what you transform, how it’s done, and who does it. Success requires a strategy for how you will govern the Docker EE container platform, how to assess your application estate, what your delivery pipeline will look like, and how to ensure developers, operators, security teams and others play nicely together.
In this talk I will cover topics such as different types of workloads (legacy, microservices, FaaS, big data, ...), how your org chart can influence whether you deploy a CaaS (Containers as a Service) vs CLaaS (Clusters as a Service), how "shifting left" can determine if you can outsource, centralized vs distributed CI/CD and how containers play a role, transforming your pets into cattle, how giant whale balloons are used for onboarding, and a prescriptive and comprehensive methodology for successfully deploying Docker in your enterprise.
Considerations for operating docker at scaleDocker, Inc.
"Scale" happens along 3 different aspects: (1) applications and their services scale up and down leading to (2) the infrastructure scaling up to meet the needs of the applications, and finally (3) sites scale across multiple locations, including movement to public cloud. In this session, we will talk about how Docker EE scales along all three of these dimensions to give you a consistent platform for running your applications:
1. At the application level: how do you manage application state & health along with resource and security constraints to scale containers up and down up in a controlled fashion?
2. The infrastructure level: as your application estate grows on the Docker EE platform you will need to scale across more nodes. How do automate the provisioning of these new nodes and how do you integrate the Docker EE platform layer with your existing infrastructure systems and tools.
3. Finally, we'll talk about distributed scale: how do you take what works for applications in one data center and spread it across multiple sites, in an integrated fashion so you can operate seamlessly?
Watch the webinar here: https://codefresh.io/unlimited-staging-environments-lp/
Sign up for a FREE Codefresh account today: https://codefresh.io/codefresh-signup/
How to run complete, disposable apps on Kubernetes or Staging and Development.
See the full video webinar on our blog at https://codefresh.io/webinars/unlimited_staging_environments_webinar/
Canary Releases on Kubernetes with Spinnaker, Istio, & Prometheus (2020)Kublr
In a microservices world, applications consist of dozens, hundreds, or even thousands of components. Manually deploying and verifying deployment quality in production is virtually impossible. Kubernetes, which natively supports rolling updates, enables blue-green application deployments with Spinnaker. However, the gradual rollout is a feature that doesn’t come out-of-the-box but can be achieved by adding Istio and Prometheus to the equation.
During this meetup, Slava will discuss canary release implementations on Kubernetes with Spinnaker, Istio, and Prometheus. He’ll examine the role of each tool in the process and how they are all connected. During a demo, he will demonstrate a successful and failed canary release, and how these tools enable IT teams, to properly roll out changes to their customer base without any downtime.
An application path to production does not end with a deployment, even if you are using Kubernetes (K8s) as your application deployment platform. Reliable BCDR (backup and disaster recovery) plan and framework is a must for any production-ready system.
This presentation accompanies meetups and webinars in which Oleg Chunikhin, CTO at Kublr, shows how Velero BCDR framework works and demonstrates how it can be used to backup and recover realistic applications running on Kubernetes in different clouds and environments.
What is covered:
- general notions of Kubernetes applications BCDR
- Velero BCDR framework
- demo Velero BCDR for stateful applications running on AWS and Azure clouds
- demo Velero BCDR using Strimzi / Kafka cluster and ArgoCD CI/CD manager as example application
Helm is a tool that streamlines the creation, deployment and management of your Kubernetes-native applications. In this talk, we take a look at how Helm enables you to manage your deployment configurations as code, and demonstrate how it can be used to power your continuous delivery (CI/CD) pipeline.
Containers, OCI, CNCF, Magnum, Kuryr, and You!Daniel Krook
Presentation at the OpenStack Summit in Austin, Texas on April 28, 2016.
http://bit.ly/os-oci-cncf-ses
The technology industry has been abuzz about cloud workload containerization since the open source Docker project became a phenomenon in early 2014.
Meanwhile, an OpenStack Containers Team was formed and the Magnum project launched to provide users with a convenient Containers-as-a-Service solution for OpenStack environments.
As the potential of both technologies emerged, many wanted to see shared governance over the baseline container specification and runtime technology to ensure an open cloud ecosystem.
This past December, two new groups were launched with a goal of creating open, industry standards. The first called the Open Container Initiative (http://www.opencontainers.org), and the second called the Cloud Native Computing Foundation (http://cncf.io)
Jeffrey Borek - Program Director, Open Tech, IBM - @JeffBorek
Daniel Krook - Senior Software Engineer, IBM - @DanielKrook
Val Bercovici - Global Cloud CTO, NetApp/SolidFire - @valb00
Building CI/CD Pipelines with Jenkins and KubernetesJanakiram MSV
Learn how to configure CI/CD pipelines with Jenkins and Kubernetes. We will show you to how to automate deployments from source code to production clusters.
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...Bitnami
Looking for the fastest way to create Node.js development environments? Not sure if Node.js is right for you? With one-click solutions like AWS Lightsail and Bitnami's ready-to-run Node.js application, exploring the fastest growing development environment has never been easier.
Node.js has become a preferred development stack for many developers internationally. Bitnami applications and AWS Lightsail make creating and managing your Node.js projects easy and cost-efficient. Join Bitnami and our featured speakers from The Node.js Foundation and AWS Lightsail as we showcase why developers continue to use Node.js, what projects they are using Node.js for, and how Bitnami's Node.js application on AWS Lightsail can be the perfect end-to-end solution to easily and quickly bring your Node.js project to life.
Watch and learn:
- What Node.js is used for.
- How organizations use Node.js.
- Best practices and use cases for Node.js.
- What Amazon Lightsail is.
- The benefits of using Amazon Lightsail.
- How Bitnami and Amazon Lightsail are the best way to jump-start your Node app development.
- How to launch and manage your Node.js instance with Amazon Lightsail.
Presentation given at Open Source Summit Japan 2016 about the state of the cloud native technology (Cloud Native Computing Foundation) and the standardization of container technology (Open Container Initiative)
Develop and deploy Kubernetes applications with Docker - IBM Index 2018Patrick Chanezon
Docker Desktop and Enterprise Edition now both include Kubernetes as an optional orchestration component. This talk will explain how to use Docker Desktop (Mac or Windows) to develop and debug a cloud native application, then how Docker Enterprise Edition helps you deploy it to Kubernetes in production.
Nebulaworks invited Bitnami's software engineer, Adnan Abdulhussein to present on, "The App Developer's Kubernetes Toolbox."
Details:
If you're developing applications on top of Kubernetes, you may be feeling overwhelmed with the vast number of development tools in the ecosystem at your disposal. Kubernetes is growing at a rapid pace, and it's becoming impossible to keep up with the latest and greatest development environments, debuggers, and build test and deployment tools.
Learn:
• The current state of development in Kubernetes
• Comparison of shared and local Kubernetes development environments
• Overview of different development tools in the ecosystem
• Which tools make sense in common scenarios
• How Bitnami uses Kubernetes as a development environment
Kubernetes for java developers - Tutorial at Oracle Code One 2018Anthony Dahanne
You’re a Java developer? Already familiar with Docker? Want to know more about Kubernetes and its ecosystem for developers? During this session, you’ll get familiar with core Kubernetes concepts (pods, deployments, services, volumes, and so on) before seeing the most-popular and most-productive Kubernetes tools in action, with a special focus on Java development. By the end of the session, you’ll have a better understanding of how you can leverage Kubernetes to speed up your Java deployments on-premises or to any cloud.
Docker Meetup Talk @ Dublin on 22 Feb 2018.
Introduction to the Docker platform, Kubernetes and a recap of the DockerCon EU '17 announcement around Kubernetes in Docker CE & EE.
Cloud Native Night, April 2018, Mainz: Workshop led by Jörg Schad (@joerg_schad, Technical Community Lead / Developer at Mesosphere)
Join our Meetup: https://www.meetup.com/de-DE/Cloud-Native-Night/
PLEASE NOTE:
During this workshop, Jörg showed many demos and the audience could participate on their laptops. Unfortunately, we can't provide these demos. Nevertheless, Jörg's slides give a deep dive into the topic.
DETAILS ABOUT THE WORKSHOP:
Kubernetes has been one of the topics in 2017 and will probably remain so in 2018. In this hands-on technical workshop you will learn how best to deploy, operate and scale Kubernetes clusters from one to hundreds of nodes using DC/OS. You will learn how to integrate and run Kubernetes alongside traditional applications and fast data services of your choice (e.g. Apache Cassandra, Apache Kafka, Apache Spark, TensorFlow and more) on any infrastructure.
This workshop best suits operators focussed on keeping their apps and services up and running in production and developers focussed on quickly delivering internal and customer facing apps into production.
You will learn how to:
- Introduction to Kubernetes and DC/OS (including the differences between both)
- Deploy Kubernetes on DC/OS in a secure, highly available, and fault-tolerant manner
- Solve operational challenges of running a large/multiple Kubernetes cluster
- One-click deploy big data stateful and stateless services alongside a Kubernetes cluster
Docker Engine laid the foundation for a paradigm shift in software development with containers. Come and learn about the history of Docker Engine, current architecture, evolution of containerd and future direction of Docker Engine. This talk will explore the following: • Latest features of Docker Engine including enhancements around Build • Relationship between Docker Engine and containerd and the common building blocks across them, with a deep dive into the Engine Architecture • Differences between the Community and Enterprise Engines • Highlight areas of innovation and future direction
OSDC 2018 | Three years running containers with Kubernetes in Production by T...NETWAYS
The talk gives a state of the art update of experiences with deploying applications in Kubernetes on scale. If in clouds or on premises, Kubernetes took over the leading role as a container operating system. The central paradigm of stateless containers connected to storage and services is the core of Kubernetes. However, it can be extended to distributed databases, Machine Learning, Windows VMs in Kubernetes. All these applications have been considered as edge cases a few years ago, however, are going more and more mainstream today.
Microsoft Techsummit Zurich Docker and MicrosoftPatrick Chanezon
Docker and Microsoft have been collaborating both in open source and through their commercial partnership to bring the benefits of Docker Windows and Linux containers to Azure Enterprise customers. Docker’s container platform, Docker Enterprise Edition, is used to modernize traditioal applications, and move them to Azure, as well as to develop new cloud native applications using microservices architecture, bringing agility to developers and control to IT Pros. This talk will cover the latest developments in Docker’s container platform with planned support for Kubernetes in Docker for Windows, and Docker Enterprise Edition for Azure, Docker for Azure Stack to enable hybrid cloud deployments, Windows containers, Linux containers on Windows.
Since last DockerCon, Kubernetes has been integrated into both the Desktop and Enterprise editions of the Docker Platform. In this deep dive session, we’ll showcase live demos and explore where Kubernetes fits in the architecture of both the Desktop and the Enterprise editions and which community tools make this integration possible. We’ll be covering topics ranging from hypervisor control, storage and networking all the way to the integration of a custom RBAC system, native Compose file support and providing a rich user interface for Kubernetes.
KubeCon China 2019 - Building Apps with Containers, Functions and Managed Ser...Patrick Chanezon
Cloud native applications are composed of many technologies and components, but three canonical abstraction emerged in the past few years that help developers structure their architecture: container, functions responding to events, and managed services.
This talk will explain how to develop (Docker, local Kubernetes, virtual Kubelet, OpenFaaS), deploy (managed Kubernetes, functions and services) and package (CNAB specification and tooling) applications using these three components and look at not only deployment workflows but also at day 2 concerns that a developer would need to consider in the cloud native landscape.
We will demo every topic and a Github repository will be available for developers to reproduce the demos and learn at their own pace.
Patrick Chanezon and Scott Coulton
Dockercon 2019 Developing Apps with Containers, Functions and Cloud ServicesPatrick Chanezon
Cloud native applications are composed of containers, serverless functions and managed cloud services.
What is the best set of tools on your desktop to provide a rapid, iterative development experience and package applications using these three components?
This hand-on talk will explain how you can complement Docker Desktop, with it’s local Docker engine and Kubernetes cluster, with open source tools such as the Virtual Kubelet, Open Service Broker, the Gloo hybrid app gateway, Draft, and others, to build the most productive development inner-loop for these type of applications.
It will also cover how you can use the Cloud Native Application Bundle (CNAB) format and it’s implementation in the Docker app experimental tool to package your application and manage it with container supply chain tooling such as Docker Hub.
GIDS 2019: Developing Apps with Containers, Functions and Cloud ServicesPatrick Chanezon
Cloud native applications are increasingly composed of containers, serverless functions responding to events and managed cloud services. What is the best workflow and set of tools to provide a rapid, iterative development experience and to package applications using these three components?
This hand-on talk will compare and contrast several sets of tools and their associated workflows:
Using Docker Desktop, with its local Docker engine and Kubernetes cluster, with open source tools such as the Virtual Kubelet, or the Gloo hybrid app gateway, to build the most productive development inner-loop for these type of applications
OpenFaaS, Fn, or Nuclio open source serverless framework to run functions in containers locally
Telepresence to run a container locally, connected to a remote cluster
Helm and Draft
Knative
The talk will also cover how you can use the Cloud Native Application Bundle (CNAB) format and tools to package your applications and share them using a container registry.
Patrick Chanezon, un des pionniers du Cloud chez Google, VMware, Microsoft et Docker, vous raconte la révolution des conteneurs logiciels et comment certains concepts du taoïsme, wei-wu-wei, "agir sans agir", et ziran, naturel, ou spontanéïté, permettent d'en mieux cerner les enjeux.
Les conteneurs accélèrent l'adoption du Cloud en entreprise, avec des architectures hybride et multi cloud, la mise en place de démarches agiles et DevOps pour moderniser les applications existantes et réduire les coûts d'infrastructure, et permettent de nouveaux cas d'utilisation dans l'internet des objets et l'intelligence artificielle.
Moby is an open source project providing a "LEGO set" of dozens of components, the framework to assemble them into specialized container-based systems, and a place for all container enthusiasts to experiment and exchange ideas.
One of these assemblies is Docker CE, an open source product that lets you build, ship, and run containers.
This talk will explain how you can leverage the Moby project to assemble your own specialized container-based system, whether for IoT, cloud or bare metal scenarios.
We will cover Moby itself, the framework, and tooling around the project, as well as many of it’s components: LinuxKit, InfraKit, containerd, SwarmKit, Notary.
Then we will present a few use cases and demos of how different companies have leveraged Moby and some of the Moby components to create their own container-based systems.
Video at https://www.youtube.com/watch?v=kDp22YkD6WY
The Docker Way: modernize traditional applications without action (wu-wei) and create new cloud native microservices applications with naturalness (ziran).
This talk also provides a summary of all the DockerCon EU 2017 announcements: Kubernetes now supported in Docker, MTA, IBM partnership.
Building specialized container-based systems with Moby: a few use cases
This talk will explain how you can leverage the Moby project to assemble your own specialized container-based system, whether for IoT, cloud or bare metal scenarios. We will cover Moby itself, the framework, and tooling around the project, as well as many of it’s components: LinuxKit, InfraKit, containerd, SwarmKit, Notary. Then we will present a few use cases and demos of how different companies have leveraged Moby and some of the Moby components to create their own container-based systems.
Docker Cap Gemini CloudXperience 2017 - la revolution des conteneurs logicielsPatrick Chanezon
Si vous avez raté le début : Patrick Chanezon, un des pionniers du Cloud chez Google, VMware, Microsoft et Docker, vous raconte la révolution des conteneurs logiciels en quelques films ; comment ils accélèrent l'adoption du Cloud en entreprise, avec des architectures hybride et multi, la mise en place de démarches agiles et DevOps pour moderniser les applications existantes et réduire les coûts d'infrastructure, et permettent de nouveaux cas d'utilisation dans l'internet des objets et l'intelligence artificielle.
En bref, comment expliquer la stratégie des opérateurs du Cloud avec des films de science- fiction ? C’est le défi que va relever Patrick Chanezon, évangéliste chez Docker.
Docker moves very fast, with an edge channel released every month and a stable release every 3 months. Patrick will talk about how Docker introduced Docker EE and a certification program for containers and plugins with Docker CE and EE 17.03 (from March), the announcements from DockerCon (April), and the many new features planned for Docker CE 17.05 in May.
This talk will be about what's new in Docker and what's next on the roadmap
Oscon 2017: Build your own container-based system with the Moby projectPatrick Chanezon
Build your own container-based system
with the Moby project
Docker Community Edition—an open source product that lets you build, ship, and run containers—is an assembly of modular components built from an upstream open source project called Moby. Moby provides a “Lego set” of dozens of components, the framework for assembling them into specialized container-based systems, and a place for all container enthusiasts to experiment and exchange ideas.
Patrick Chanezon and Mindy Preston explain how you can leverage the Moby project to assemble your own specialized container-based system, whether for IoT, cloud, or bare-metal scenarios. Patrick and Mindy explore Moby’s framework, components, and tooling, focusing on two components: LinuxKit, a toolkit to build container-based Linux subsystems that are secure, lean, and portable, and InfraKit, a toolkit for creating and managing declarative, self-healing infrastructure. Along the way, they demo how to use Moby, LinuxKit, InfraKit, and other components to quickly assemble full-blown container-based systems for several use cases and deploy them on various infrastructures.
Using Open Source and Open Standards in the Platform gamePatrick Chanezon
Software platforms are a particular case of two-sided markets, where growing the 2 sides of the market at the same time is quite hard, but once established, the network effects accruing to the platform provider provide a solid moat to grow a robust business.
After the meteoric rise the Windows Platform using a proprietary development model in the 90's, in the past 20 years, Open Source and Open Standards proved to be very useful strategic options in the platform game. In this talk I will share my personal experiences in this area about the use of open source and open standards in platforms I have helped create or grow: Sun Portal Server, Google Adwords, OpenSocial, HTML5, Google App Engine, Cloud Foundry, Microsoft Azure, and Docker. I will also cover platforms I have studied, and try to extract some useful lessons and principles that I hope can be useful to other practitioners.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Hivelance Technology
Cryptocurrency trading bots are computer programs designed to automate buying, selling, and managing cryptocurrency transactions. These bots utilize advanced algorithms and machine learning techniques to analyze market data, identify trading opportunities, and execute trades on behalf of their users. By automating the decision-making process, crypto trading bots can react to market changes faster than human traders
Hivelance, a leading provider of cryptocurrency trading bot development services, stands out as the premier choice for crypto traders and developers. Hivelance boasts a team of seasoned cryptocurrency experts and software engineers who deeply understand the crypto market and the latest trends in automated trading, Hivelance leverages the latest technologies and tools in the industry, including advanced AI and machine learning algorithms, to create highly efficient and adaptable crypto trading bots
4. spring-doge.jar
Example: Spring Boot App using MongoDB
https://github.com/chanezon/docker-tips/tree/master/java-in-container-dev/spring-doge-workspace
spring-doge
spring-doge-web
spring-doge-photo
API: Spring Boot, Spring Data
UI: AngularJS
Business Logic: java.awt
java -Dserver.port=8080
-Dspring.data.mongodb.uri=mongodb://mongo:27017/test
-jar spring-doge.jar
5. Dockerfile for development
FROM java:8
MAINTAINER Patrick Chanezon <patrick@chanezon.com>
EXPOSE 8080
COPY spring-doge/target/*.jar /usr/src/spring-doge/spring-
doge.jar
WORKDIR /usr/src/spring-doge
CMD java -Dserver.port=8080 -
Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar
6. Using Docker to compile your jar/war
https://registry.hub.docker.com/_/maven/
docker run -it --rm
-v $PWD:/usr/src/spring-doge
-v maven:/root/.m2
-w /usr/src/spring-doge
maven:3.3-jdk-8
mvn package
7. Build an image
docker build -t chanezon/spring-doge .
FROM java:8
MAINTAINER Patrick Chanezon <patrick@chanezon.com>
EXPOSE 8080
COPY spring-doge/target/*.jar /usr/src/spring-doge/spring-
doge.jar
WORKDIR /usr/src/spring-doge
CMD java -Dserver.port=8080 -
Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar
8. Dockerfile with multi stage build
FROM maven:3.5-jdk-8 as builder
MAINTAINER Patrick Chanezon <patrick@chanezon.com>
COPY . /usr/src
WORKDIR /usr/src
RUN mvn package
FROM openjdk:8u131-jre
EXPOSE 8080
COPY --from=builder /usr/src/spring-doge/target/*.jar
/usr/app/spring-doge.jar
WORKDIR /usr/app
CMD java -Dserver.port=8080 -Dspring.data.mongodb.uri=$MONGODB_URI -
jar spring-doge.jar
HEALTHCHECK --interval=5m --timeout=3s --retries=3
9. Run a container
docker run
—env MONGODB_URI=mongodb://mongo:27017/test
-p 8090:8080
chanezon/spring-doge
10. docker-compose: running multiple containers
● Run your stack with one command: docker-compose up
● Describe your stack with one file: docker-compose.yml
version: '3.3'
services:
web:
image: chanezon/spring-doge
ports:
- "8080:8080"
environment:
- MONGODB_URI=mongodb://mongo:27017/test
mongo:
image: mongo
11. docker stack deploy
● Deploy your stack with one command: docker stack deploy
● Describe your stack with one file: docker-compose.yml
version: '3'
services:
web:
image: chanezon/spring-doge
ports:
- "8004:8080"
environment:
- MONGODB_URI=mongodb://mongo:27017/test
depends_on:
- mongo
deploy:
replicas: 2
update_config:
parallelism: 2
delay: 10s
restart_policy:
condition: on-failure
mongo:
image: mongo
19. Docker for Azure
Making things simple for a great user experience
Virtual Network VMSS
Blob Storage Azure LB ARM
AAD
20. Docker EE on Azure
Free 30 Days Test Drive from Docker Store
21. Docker & Microsoft: collaboration on all fronts
• Build
• Docker for Windows
• Docker EE for Windows Servers
• Visual Studio Tools for Docker
• Visual Studio Code Docker extension
• Ship
• Visual Studio Team Services Docker Integration
• Azure Container Registry
• Run
• Docker EE in Azure MarketPlace
• Docker on Azure Stack
22. Docker with Windows Server 1709
• Docker Linux Containers on Windows
• Docker ingress mode service publishing on Windows
• Named pipes in Windows containers
> docker run -d -p 8080:8080 -v
.pipedocker_engine:.pipedocker_engine
friism/jenkins
• Smaller Windows base images: Nanoserver download
70MB
https://blog.docker.com/2017/09/docker-windows-server-1709/
23. .Net and ASP.NET Docker Images & Samples
• Smaller Windows base images
• Nanoserver download 70MB
• Alpine images
• Linux and Windows
• Multi stage build
• Unit tests at build or runtime
https://github.com/dotnet/dotnet-docker/tree/master/samples
24. Swarm Windows Roadmap for Docker EE
24
Versions Release Date Highlights
Docker EE 2.0.0 GA Q1 2018 ● Only Windows Server 2016 (RS1) Supported
○ Easy Image Compatibility: No
○ Ingress Networking: No
Docker EE 2.0.x
Patches
Q2 2018 ● Add Windows Server 1709 (RS3) support with partial features:
○ Easy Image Compatibility: Yes
○ Ingress Networking: No
Docker EE 2.1 Q3 2018 ● Full Support for Windows Server 1709
○ Easy Image Compatibility: Yes
○ Ingress Networking: Yes
● Tentative Considerations:
○ Windows Server 1803 (RS4) support
○ Possible new Windows LTSC version in Q3
25. Kube Windows Known Timelines (Still assessing for EE Roadmap)
25
Q4’ 2017
Kube 1.9
Beta support for Windows
● Docker 17.06 engine
● Windows Server 1709
Q1’2018
Kube 1.10
Beta Support for Windows
● Docker 17.06 engine
● Windows Server 1709
Q2’2018
Kube 1.11
GA Support for Windows
● Docker 17.06 engine
● Possibly containerd
● Windows Server 1709
(RS3)
● Windows Server 1803
(RS4)
H2’ 2018
Kube 1.x?
GA Support for Windows
● Possibly containerd
● Windows Server LTS
release
27. Lifecycle of a Kubernetes API Request
Kubernetes API Server
Authentication Authorization
Admission
Control
etcd
28. Orchestrator: Docker Engine with Swarm-Mode Enabled
● github.com/docker/swarmkit
● Declarative State through the “Service” construct
● Built-in Routing Mesh & Overlay networking
● In-memory Raft Store for all state (persisted to disk)
● Built-in CA, per-node cryptographic node identity, mTLS between all endpoints
29. Orchestrator: Kubernetes
● github.com/kubernetes/kubernetes
● Scheduling Unit: Pods
● Declarative State through “Controllers”: Deployment, ReplicaSet, DaemonSet …
● Load balancing via Services and Ingresses
● Flat Networking model delegated to plugins
30. Linuxkit VM
Kubernetes CLI
Swarm Mode
Kubernetes
etcd
Docker CLI
kubeadm
Kubernetes in Docker CE (Windows and Mac)
Compose
CRD
Single Docker Engine
vpnkitHost fs mounts hyperkit / hyperv
32. Docker EE now includes Kubernetes
Docker Enterprise Edition
Production Ready Windows and IBM P/Z Support
Pods, batch jobs, blue-green deployments,
horizontal pod auto-scaling
Docker Swarm Swarm-Mode Kubernetes
Private Image Registry
Secure Access and User
Management
App and Cluster Management
Image Security Scanning Content Trust and Verification
Policy Management
33. GUI
Universal Control Plane
Trusted Registry Kubernetes CLI
Docker Engine
Swarm-Mode
Docker Swarm Kubernetes
etcd
CA OIDC Provider
Docker CLI
Node Agent Reconciler
Kubernetes in Docker EE
35. Docker EE Architectural Highlights
● Conformant Kubernetes components ran as Docker containers
● Swarm Managers are Kubernetes Masters
● Swarmkit node inventory is source of truth
● Cryptographic Node Identity and mTLS used throughout
37. Authentication
● X509 Client Certificates
○ Used for authentication of kubectl and the docker CLI via the “client bundle” feature
● OpenID Connect Identity Provider
○ GUI sessions use a custom identity provider and a token exchange service to authenticate with
the OIDC authentication plugin
38. Authorization
● All requests authorized via the Authorization Webhook plugin
● Custom RBAC system shared between Swarm and Kubernetes:
○ Users, Teams, Organizations, Service Accounts
○ Custom Roles
○ Hierarchical “Grants”
● No support for the rbac.authorization.k8s.io API, future plans for API translation
39. Admission Control
● Allows plugins to inspect, mutate or reject API requests after authorization
● Used for:
○ Orchestrator Selection
○ Linking nodes to namespaces
○ User Impersonation for Stacks
○ Image Signing policy enforcement
40. Orchestrator Selection
● Each node is running both kubernetes and swarm system components
● Administrators can toggle between (kubernetes, swarm or mixed) for any given node
● When toggling orchestrators, workloads of the previous orchestrator will be evicted
● An admission controller ensures that kubernetes workloads can only be scheduled on nodes
labelled as “kubernetes” nodes.
● Workloads of multiple orchestrators on the same node can lead to resource contention
Manager Node
(K8s, Swarm)
Worker Node
(Swarm)
Worker Node
(Kubernetes)
Worker Node
(Kubernetes)
Kubelet
Swarm Agents
Kubelet Kubelet Kubelet
Swarm Agents Swarm Agents Swarm Agents
41. Linking Nodes to Namespaces
● Allows users to uniquely assign nodes to namespaces.
● Variation of the PodNodeSelector admission controller integrated with UCP’s RBAC system
42. Image Signing Policy Enforcement
● Enforces that all workloads deployed in the cluster have a fully qualified image reference
● Resolves image references to always include a digest
● Contacts the registry to ensure that the referenced image has been signed by an authorized
user.
45. Instructions
• Signup: ask karen.bajza@docker.com to plan your workshop and
provide you the url.
• Instructions: https://github.com/dockersamples/ee-workshop
• Code: https://github.com/dockersamples/hybrid-app
Build each point so the final slide has all 3 points.
Safer apps mean that when you build and deploy your app in docker, it is intrinsicly more secure
TD is everything is needed for the full fucntioning of your app is delivered in a secure and trusted manner
All of these things in your system are in the app platform itself and move across
= usable = people are not leaning in to security
Secrets enable: secure API handshakes, encrypted communication what else?
Assign secrets to services when they are ready to run and need to connect to other services (both internal and external)
Windows containers are different
Runs on Docker EE engine
Swarm-mode Managers are Kubernetes Masters
Swarm-modet node inventory is source of truth
Cryptographic Node Identity and mTLS used throughout
Unmodified Kubernetes components run as Docker containers
UCP Agent/Reconciler manages component lifecycle
Manager / Worker states
Certificate validity
Patching and upgrades
Leverage Kubernetes extension model (webhooks, initializers, flexvolume, CNI, etc.)
We will submit the product and aim to pass the Certified Kubernetes Conformance program
Requests arriving to the UCP controller against the kubernetes API will have their session token exchanged for a long-lived identity token. The request is then forwarded to the kubernetes API server which is configured to trust UCP’s identity tokens.
A Grant is either a RoleBinding or a ClusterRoleBinding