SlideShare a Scribd company logo
Devops, Docker and Security
John Willis
@botchagalupe
• One of the founding members of “Devopsdays”
• Co-author of the “Devops Handbook”.
• Author of the “Introduction to Devops” on Linux Foundation
edX.
• Podcaster at devopscafe.org
• Devops Enterprise Summit - Cofounder
• Nine person in at Chef (VP of Customer Enablement)
• Formally Director of Devops at Dell
• Found of Socketplane (Acquired by Docker)
• 10 Startups over 25 years
About Me
https://github.com/botchagalupe/my-presentations
Evolve 2017 - Vegas - Devops, Docker and Security
Evolve 2017 - Vegas - Devops, Docker and Security
5
What If I told you you
could be 2000 times
faster than your
competitors
6
What if I told you that
you could be 100
times more reliable
than your
competitors
7
What if you
could have
both
Faster, Effective, Reliable
• Devops (Faster)
• Docker (Effective)
• Supply Chain (Reliable)
8
Immutable
Service
Delivery
Devops … faster
DTO Solutions
• CAMS

• Culture
• Automation
• Measurement
• Sharing
Devops Taxonomies
• The Three Ways
•The First Way
•The Second Way
•The Third Way
Devops Practices and Patterns
• Continuous Delivery
• Everything in version control
• Small batch principle
• Trunk based deployments
• Manage flow (WIP)
• Automate everything

• Culture
• Everyone is responsible
• Done means released
• Stop the line when it breaks
• Remove silos12
itrevolution.com/devops-handbook
30x 200x
more frequent
deployments
faster lead
times
60x 168x
the change
success rate
faster mean time to
recover (MTTR)
2x 50%
more likely to
exceed profitability,
market share &
productivity goals
higher market
capitalization growth
over 3 years*
High performers compared to their peers…
Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report
Recent IT Performance Data is Compelling
30x 200x
more frequent
deployments
faster lead
times
60x 168x
the change
success rate
faster mean time to
recover (MTTR)
2x 50%
more likely to
exceed profitability,
market share &
productivity goals
higher market
capitalization growth
over 3 years*
High performers compared to their peers…
Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report
Recent IT Performance Data is Compelling
Faster
Higher

Quality
More

Effective
2555x
Fast
CheapGood
“Pick Two!”
Conventional Wisdom
Devops Automated Deployment Pipeline
16
Source: Wikipedia - Continuous Delivery
Evolve 2017 - Vegas - Devops, Docker and Security
18
Devops Results
Google
• Over 15,000 engineers in over 40 offices
• 4,000+ projects under active development
• 5500+ code submissions per day (20+ p/m)
• Over 75M test cases run daily
• 50% of code changes monthly
• Single source tree
• Over 75M test cases run daily
19
Devops Results
Amazon
• 11.6 second mean time between deploys.
• 1079 max deploys in a single hour.
• 10,000 mean number of hosts
simultaneously receiving a deploy.
• 30,000 max number of hosts simultaneously
receiving a deploy
20
Unicorns and Horses (Enterprises)
Unicorns
Enterprise
Shamelessly stolen and repurposed from: Pete Cheslock
21
Devops Results
Enterprise Organizations
• Ticketmaster - 98% reduction in MTTR
• Nordstrom - 20% shorter Lead Time
• Target - Full Stack Deploy 3 months to minutes
• USAA - Release from 28 days to 7 days
• ING - 500 applications teams doing devops
• CSG - From 200 incidents per release to 18
Docker … effective
• IBM 360/370 (1960/1970)
• CHROOT - Version 7 Unix 1979 (Bell Labs)
• BSD in 1982 (Berkley)
• VMware (1998)
• FreeBSD Jails 2000
• XEN 2003
• Solaris Zones 2004
• OpenVZ 2005
• Amazon Web Services 2006
• Namespaces 2007
• Cgroups (Google) 2007
• KVM 2007
• AIX LPARS (IBM) 2007
• Drawbridge (2008)
• Hyper-V (2008)
• Linux Containers - LXC (Parelles, IBM, Google) 2008
• Docker (Dotcloud Inc) 2013
• Microsoft Docker on Windows Server 2016
History
of
Virtualization
•Type 1 Virtualization
•VMware ESX, XEN, Hyper-V

•Type 2 Virtualization
•KVM, Virtualbox, QEMU, VMware Workstation

•OS Level Virtualization
•OpenVZ, LXC, Docker
Virtualization
www.slideshare.net/
BodenRussell/realizing-
linux-containerslxc
• Provision in milliseconds
• Near bare metal runtime performance
• VM-like agility – it’s still “virtualization”
• Lightweight – Just enough Operating System (JeOS)
• Supported with modern Linux kernel
• Growing in popularity
Why OS Level Virtualization
Evolve 2017 - Vegas - Devops, Docker and Security
• Isolation
• Lightweight
• Simplicity
• Workflow
• Security
• Community
Why Docker
29
Docker Security Enhancements
• Docker Security Scanning
• Docker Content Trust
• Docker Trusted Registry
• TLS by Default for Swarm/Docker Data Center
• Read Only Containers
• User Namespaces
• Secomp and LSMS support
• Enhanced System “Capabilities” support
• Secrets Management
• Immutable Operating System (Coming Soon)
30
Immutable Delivery
31
Immutable Delivery
Supply Chain … Reliable
33
Evolve 2017 - Vegas - Devops, Docker and Security
35
Supply&chain&advantage&
Source:(Toyota(Supply(Chain(
Management:(A(Strategic(
Approach(to(Toyota’s(
Renowned(System,(by(Ananth(
Iyer(and(Sridhar(Seshadri(
Toyota&
Advantage&
Toyota&
Prius&
Chevy&
Volt&
Unit%Retail%Price% 61%& $24,200% $39,900%
Units%Sold/Month% 13x& 23,294% 1,788%
In?House%ProducBon% 50%& 27%% 54%%
Plant%Suppliers% 16%&& 125% 800%
Firm@Wide(Suppliers( 4%# 224( 5,500(
Use their highest
quality parts
Use fewer, better
suppliers
Track which parts
you use & where
37
Variety
• Determine your variety of
offerings based on operational
efficiency and market demand
Velocity
• Maintain a steady flow through all
processes of the supply chain
Variability
• Manage inconsistencies carefully
to reduce cost and improve
quality
Visibility
• Ensure the transparency of all
processes to enable continuous
learning and improvement
Toyota Production Systems - 4VL
38
Docker and the Three Ways of Devops
39
Variety
• Learn faster, Limited frameworks,
Limited operating systems, Limit
vendors.
Velocity
• Small Batch, Small Teams,
Microservices and Containers
Variability
• Docker and Immutable Delivery
Visibility
• Automated Testing, Docker Trust,
Docker Security Scanning, Bounded
Context, Bill of Materials
Immutable Service Delivery (4VL)
Use their highest
quality parts
Use fewer, better
suppliers
Track which parts
you use & where
40
Visibility - Docker - Bill of Material
• Where and when was it built and why
• What was its ancestor images
• How do I start, validate, monitor and update it
• What git repo is being built, what hash of that git repo
was built
• What are all the tags this specific container is known as
at time of build
• What’s the project name this belongs to
• Have the ability to have arbitrary user supplied rich
metadata
Software Supply Chain - 4VL
Devops Automated Deployment Pipeline
41
Source: Wikipedia - Continuous Delivery
DevSecOps
Requirements
& Design
Development CI
Interval
Trigger
Assessment
Production
Application Risk
Classification
Security Requirement
Definition
Secure Libraries
Static Analysis/IDE
SCM
Open Source
Governance(CI)
Secure Coding
Standards
Perimeter
Assessment
Dynamic
Assessments
Threat-Based Pen
Test
Web Application
Firewalls
Automated Attack/
Bot Defense
Container Security
Management
Security Mavens (Security-Trained Developers and Operations)
Role Based Software Security Training
Continuous Monitoring, Analytics and KPI Gathering
Preventative Detective
Lightweight threat
modeling approach
Detailed manual
assessments
triggered
automatically at
appropriate interval;
detached from
release cycle
Container Security
Compliance (CI)
Threat modeling
Static Analysis (CI)
43
Immutable Service Delivery
Fortune 500 Insurance Company
• Tracks critical and high security defect rate per 10k
lines of code
• Started out with (10/10k)
• After applying Devops practices and principles (4/10k)
• After applying Toyota Supply Chain 4VL (1/10k )
• After Docker with Immutable Delivery (0.1/10k)
44
With Docker
Fortune 500 Insurance Company
• One Service
• One Container
• One Read Only File System
• One Port
Immutable Service Delivery
• Devops (Faster)
• Docker (Effective)
• Supply Chain (Reliable)
45
2000x Faster
and
100x Reliable

More Related Content

What's hot

Mediawiki to Confluence migration
Mediawiki to Confluence migrationMediawiki to Confluence migration
Mediawiki to Confluence migration
Nils Hofmeister
 
Getting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLabGetting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLab
Melvin Hillsman
 
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
Daniel Bryant
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio StruyfO365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
Micro Service – The New Architecture Paradigm
Micro Service – The New Architecture ParadigmMicro Service – The New Architecture Paradigm
Micro Service – The New Architecture Paradigm
Eberhard Wolff
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
VMware Tanzu
 
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
Alfresco Software
 
Make It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version ControlMake It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version Control
indiver
 
CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010
Joel Gascoigne
 
CD with spinnaker
CD with spinnakerCD with spinnaker
CD with spinnaker
AbdulBasit Kabir
 
From java to scala at crowd mix
From java to scala at crowd mixFrom java to scala at crowd mix
From java to scala at crowd mix
Stefano Galarraga
 
7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day
Kimihiko Kitase
 
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
Legacy Typesafe (now Lightbend)
 
CI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page AppsCI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page Apps
Mike North
 
Cucumber jvm best practices v3
Cucumber jvm best practices v3Cucumber jvm best practices v3
Cucumber jvm best practices v3
Ahmed Misbah
 
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOpsSaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltStack
 
Immutable infrastructure with Boxfuse
Immutable infrastructure with BoxfuseImmutable infrastructure with Boxfuse
Immutable infrastructure with Boxfuse
Lars Östling
 
DevOps culture
DevOps cultureDevOps culture
DevOps culture
Murughan Palaniachari
 
Operations for databases – the agile/devops journey
Operations for databases – the agile/devops journeyOperations for databases – the agile/devops journey
Operations for databases – the agile/devops journey
Eduardo Piairo
 

What's hot (20)

Mediawiki to Confluence migration
Mediawiki to Confluence migrationMediawiki to Confluence migration
Mediawiki to Confluence migration
 
Getting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLabGetting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLab
 
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio StruyfO365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
 
Micro Service – The New Architecture Paradigm
Micro Service – The New Architecture ParadigmMicro Service – The New Architecture Paradigm
Micro Service – The New Architecture Paradigm
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
 
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
 
Make It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version ControlMake It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version Control
 
CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010
 
CD with spinnaker
CD with spinnakerCD with spinnaker
CD with spinnaker
 
From java to scala at crowd mix
From java to scala at crowd mixFrom java to scala at crowd mix
From java to scala at crowd mix
 
7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day
 
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
 
CI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page AppsCI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page Apps
 
Cucumber jvm best practices v3
Cucumber jvm best practices v3Cucumber jvm best practices v3
Cucumber jvm best practices v3
 
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOpsSaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
 
Immutable infrastructure with Boxfuse
Immutable infrastructure with BoxfuseImmutable infrastructure with Boxfuse
Immutable infrastructure with Boxfuse
 
DevOps culture
DevOps cultureDevOps culture
DevOps culture
 
Operations for databases – the agile/devops journey
Operations for databases – the agile/devops journeyOperations for databases – the agile/devops journey
Operations for databases – the agile/devops journey
 

Similar to Evolve 2017 - Vegas - Devops, Docker and Security

Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery   Shenzhen 2016Immutable Service Delivery   Shenzhen 2016
Immutable Service Delivery Shenzhen 2016
John Willis
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
Sumo Logic
 
Oscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to ProductionOscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to Production
Patrick Chanezon
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of Containers
NVISIA
 
Webinar Docker Tri Series
Webinar Docker Tri SeriesWebinar Docker Tri Series
Webinar Docker Tri Series
Newt Global Consulting LLC
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
dotCloud
 
Containers, microservices and serverless for realists
Containers, microservices and serverless for realistsContainers, microservices and serverless for realists
Containers, microservices and serverless for realists
Karthik Gaekwad
 
You build it - Cyber Chicago Keynote
You build it -  Cyber Chicago KeynoteYou build it -  Cyber Chicago Keynote
You build it - Cyber Chicago Keynote
John Willis
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
Patrick Chanezon
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference   2016 - Docker Open Source Alibaba Cloud Conference   2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
New Technology for Modern Development Challenges
New Technology for Modern Development ChallengesNew Technology for Modern Development Challenges
New Technology for Modern Development Challenges
Perforce
 
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC WongDocker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker, Inc.
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick Stinemates
Atlassian
 
Cloud Native Camel Riding
Cloud Native Camel RidingCloud Native Camel Riding
Cloud Native Camel Riding
Christian Posta
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
Lucas Jellema
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
DevOps'n the Operating System
DevOps'n the Operating SystemDevOps'n the Operating System
DevOps'n the Operating System
C4Media
 
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
Amazon Web Services
 
Container DevOps in Azure
Container DevOps in AzureContainer DevOps in Azure
Container DevOps in Azure
Microsoft Tech Community
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
dotCloud
 

Similar to Evolve 2017 - Vegas - Devops, Docker and Security (20)

Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery   Shenzhen 2016Immutable Service Delivery   Shenzhen 2016
Immutable Service Delivery Shenzhen 2016
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
 
Oscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to ProductionOscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to Production
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of Containers
 
Webinar Docker Tri Series
Webinar Docker Tri SeriesWebinar Docker Tri Series
Webinar Docker Tri Series
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
 
Containers, microservices and serverless for realists
Containers, microservices and serverless for realistsContainers, microservices and serverless for realists
Containers, microservices and serverless for realists
 
You build it - Cyber Chicago Keynote
You build it -  Cyber Chicago KeynoteYou build it -  Cyber Chicago Keynote
You build it - Cyber Chicago Keynote
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference   2016 - Docker Open Source Alibaba Cloud Conference   2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source
 
New Technology for Modern Development Challenges
New Technology for Modern Development ChallengesNew Technology for Modern Development Challenges
New Technology for Modern Development Challenges
 
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC WongDocker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick Stinemates
 
Cloud Native Camel Riding
Cloud Native Camel RidingCloud Native Camel Riding
Cloud Native Camel Riding
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
 
DevOps'n the Operating System
DevOps'n the Operating SystemDevOps'n the Operating System
DevOps'n the Operating System
 
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
 
Container DevOps in Azure
Container DevOps in AzureContainer DevOps in Azure
Container DevOps in Azure
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
 

More from John Willis

Automated Governance
Automated GovernanceAutomated Governance
Automated Governance
John Willis
 
Devops Long Strange Trip
Devops Long Strange Trip Devops Long Strange Trip
Devops Long Strange Trip
John Willis
 
I Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of ThemI Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of Them
John Willis
 
Math is cool
Math is coolMath is cool
Math is cool
John Willis
 
The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019
John Willis
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018
John Willis
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber SecurityswampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
John Willis
 
Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security  devopsdays austin 2018Divine and felonios cyber security  devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018
John Willis
 
Devops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's BeenDevops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's Been
John Willis
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's BeenDevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
John Willis
 
Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017 Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017
John Willis
 
Why Executives Can't Change
Why Executives Can't Change Why Executives Can't Change
Why Executives Can't Change
John Willis
 
Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017 Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017
John Willis
 
Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference   2016 - Docker EnterpriseAlibaba Cloud Conference   2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker Enterprise
John Willis
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSACBreaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
John Willis
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LABreaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LA
John Willis
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops   2016 - Turning Human Capital into High Performance Organizati...All daydevops   2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
John Willis
 
Turning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational CapitalTurning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational Capital
John Willis
 
DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How? DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How?
John Willis
 
Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness
John Willis
 

More from John Willis (20)

Automated Governance
Automated GovernanceAutomated Governance
Automated Governance
 
Devops Long Strange Trip
Devops Long Strange Trip Devops Long Strange Trip
Devops Long Strange Trip
 
I Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of ThemI Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of Them
 
Math is cool
Math is coolMath is cool
Math is cool
 
The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber SecurityswampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
 
Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security  devopsdays austin 2018Divine and felonios cyber security  devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018
 
Devops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's BeenDevops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's Been
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's BeenDevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
 
Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017 Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017
 
Why Executives Can't Change
Why Executives Can't Change Why Executives Can't Change
Why Executives Can't Change
 
Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017 Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017
 
Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference   2016 - Docker EnterpriseAlibaba Cloud Conference   2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker Enterprise
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSACBreaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LABreaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LA
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops   2016 - Turning Human Capital into High Performance Organizati...All daydevops   2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
 
Turning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational CapitalTurning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational Capital
 
DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How? DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How?
 
Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness
 

Recently uploaded

How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
HackersList
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
maigasapphire
 
WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
Lidia A.
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Torry Harris
 
find out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challengesfind out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challenges
huseindihon
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
BrainSell Technologies
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Zilliz
 
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
Edge AI and Vision Alliance
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Mydbops
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
Neo4j
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
aakash malhotra
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
ssuser1915fe1
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
Tatiana Al-Chueyr
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
Kief Morris
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
Adam Dunkels
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Networks
 
How to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdfHow to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdf
ChristopherTHyatt
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
Recent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS InfrastructureRecent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS Infrastructure
KAMAL CHOUDHARY
 

Recently uploaded (20)

How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
 
WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
 
find out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challengesfind out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challenges
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
 
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
 
How to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdfHow to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdf
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
 
Recent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS InfrastructureRecent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS Infrastructure
 

Evolve 2017 - Vegas - Devops, Docker and Security

  • 1. Devops, Docker and Security John Willis @botchagalupe
  • 2. • One of the founding members of “Devopsdays” • Co-author of the “Devops Handbook”. • Author of the “Introduction to Devops” on Linux Foundation edX. • Podcaster at devopscafe.org • Devops Enterprise Summit - Cofounder • Nine person in at Chef (VP of Customer Enablement) • Formally Director of Devops at Dell • Found of Socketplane (Acquired by Docker) • 10 Startups over 25 years About Me https://github.com/botchagalupe/my-presentations
  • 5. 5 What If I told you you could be 2000 times faster than your competitors
  • 6. 6 What if I told you that you could be 100 times more reliable than your competitors
  • 8. Faster, Effective, Reliable • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 8 Immutable Service Delivery
  • 11. • CAMS
 • Culture • Automation • Measurement • Sharing Devops Taxonomies • The Three Ways •The First Way •The Second Way •The Third Way
  • 12. Devops Practices and Patterns • Continuous Delivery • Everything in version control • Small batch principle • Trunk based deployments • Manage flow (WIP) • Automate everything
 • Culture • Everyone is responsible • Done means released • Stop the line when it breaks • Remove silos12 itrevolution.com/devops-handbook
  • 13. 30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling
  • 14. 30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling Faster Higher
 Quality More
 Effective 2555x
  • 16. Devops Automated Deployment Pipeline 16 Source: Wikipedia - Continuous Delivery
  • 18. 18 Devops Results Google • Over 15,000 engineers in over 40 offices • 4,000+ projects under active development • 5500+ code submissions per day (20+ p/m) • Over 75M test cases run daily • 50% of code changes monthly • Single source tree • Over 75M test cases run daily
  • 19. 19 Devops Results Amazon • 11.6 second mean time between deploys. • 1079 max deploys in a single hour. • 10,000 mean number of hosts simultaneously receiving a deploy. • 30,000 max number of hosts simultaneously receiving a deploy
  • 20. 20 Unicorns and Horses (Enterprises) Unicorns Enterprise Shamelessly stolen and repurposed from: Pete Cheslock
  • 21. 21 Devops Results Enterprise Organizations • Ticketmaster - 98% reduction in MTTR • Nordstrom - 20% shorter Lead Time • Target - Full Stack Deploy 3 months to minutes • USAA - Release from 28 days to 7 days • ING - 500 applications teams doing devops • CSG - From 200 incidents per release to 18
  • 23. • IBM 360/370 (1960/1970) • CHROOT - Version 7 Unix 1979 (Bell Labs) • BSD in 1982 (Berkley) • VMware (1998) • FreeBSD Jails 2000 • XEN 2003 • Solaris Zones 2004 • OpenVZ 2005 • Amazon Web Services 2006 • Namespaces 2007 • Cgroups (Google) 2007 • KVM 2007 • AIX LPARS (IBM) 2007 • Drawbridge (2008) • Hyper-V (2008) • Linux Containers - LXC (Parelles, IBM, Google) 2008 • Docker (Dotcloud Inc) 2013 • Microsoft Docker on Windows Server 2016 History of Virtualization
  • 24. •Type 1 Virtualization •VMware ESX, XEN, Hyper-V
 •Type 2 Virtualization •KVM, Virtualbox, QEMU, VMware Workstation
 •OS Level Virtualization •OpenVZ, LXC, Docker Virtualization
  • 26. • Provision in milliseconds • Near bare metal runtime performance • VM-like agility – it’s still “virtualization” • Lightweight – Just enough Operating System (JeOS) • Supported with modern Linux kernel • Growing in popularity Why OS Level Virtualization
  • 28. • Isolation • Lightweight • Simplicity • Workflow • Security • Community Why Docker
  • 29. 29 Docker Security Enhancements • Docker Security Scanning • Docker Content Trust • Docker Trusted Registry • TLS by Default for Swarm/Docker Data Center • Read Only Containers • User Namespaces • Secomp and LSMS support • Enhanced System “Capabilities” support • Secrets Management • Immutable Operating System (Coming Soon)
  • 32. Supply Chain … Reliable
  • 33. 33
  • 36. Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
  • 37. 37 Variety • Determine your variety of offerings based on operational efficiency and market demand Velocity • Maintain a steady flow through all processes of the supply chain Variability • Manage inconsistencies carefully to reduce cost and improve quality Visibility • Ensure the transparency of all processes to enable continuous learning and improvement Toyota Production Systems - 4VL
  • 38. 38 Docker and the Three Ways of Devops
  • 39. 39 Variety • Learn faster, Limited frameworks, Limited operating systems, Limit vendors. Velocity • Small Batch, Small Teams, Microservices and Containers Variability • Docker and Immutable Delivery Visibility • Automated Testing, Docker Trust, Docker Security Scanning, Bounded Context, Bill of Materials Immutable Service Delivery (4VL) Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
  • 40. 40 Visibility - Docker - Bill of Material • Where and when was it built and why • What was its ancestor images • How do I start, validate, monitor and update it • What git repo is being built, what hash of that git repo was built • What are all the tags this specific container is known as at time of build • What’s the project name this belongs to • Have the ability to have arbitrary user supplied rich metadata Software Supply Chain - 4VL
  • 41. Devops Automated Deployment Pipeline 41 Source: Wikipedia - Continuous Delivery
  • 42. DevSecOps Requirements & Design Development CI Interval Trigger Assessment Production Application Risk Classification Security Requirement Definition Secure Libraries Static Analysis/IDE SCM Open Source Governance(CI) Secure Coding Standards Perimeter Assessment Dynamic Assessments Threat-Based Pen Test Web Application Firewalls Automated Attack/ Bot Defense Container Security Management Security Mavens (Security-Trained Developers and Operations) Role Based Software Security Training Continuous Monitoring, Analytics and KPI Gathering Preventative Detective Lightweight threat modeling approach Detailed manual assessments triggered automatically at appropriate interval; detached from release cycle Container Security Compliance (CI) Threat modeling Static Analysis (CI)
  • 43. 43 Immutable Service Delivery Fortune 500 Insurance Company • Tracks critical and high security defect rate per 10k lines of code • Started out with (10/10k) • After applying Devops practices and principles (4/10k) • After applying Toyota Supply Chain 4VL (1/10k ) • After Docker with Immutable Delivery (0.1/10k)
  • 44. 44 With Docker Fortune 500 Insurance Company • One Service • One Container • One Read Only File System • One Port
  • 45. Immutable Service Delivery • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 45 2000x Faster and 100x Reliable