SlideShare a Scribd company logo

Multi tenancy for docker

Download as PPTX, PDF
Ananth Padmanabhan
Ananth Padmanabhan

Uploading the presentation given at the OpenStack Summit, Austin in April, 2016. The video link is here , https://www.openstack.org/videos/video/multi-tenancy-for-docker-containers-with-keystone-and-adding-quota-limits

Technology
1 of 16
Multi-tenancy for Docker Containers with Keystone Satya Routray, Rahul Upadhyay Anantha Padmanabhan CB, Meenakshi Lakshmanan 27, Apr 2016
Current authorization mechanism  Username / Password based authentication  Allows user to run any docker command  Or view all provisioned containers  No limit on number of containers / resources used
Why multitenancy?  We can use standalone Keystone to provide multitenancy to Docker.  Multitenancy allows users to view/manage only the containers they provisioned  Enables Role Based Access Control (RBAC)  Enables administrator to specify quota – pay as you go model  Can utilize Keystone’s ability to support multiple backend domains  Single sign-on and Hierarchical multitenancy  Not only users-to-container authorization, but also service-to-service authorization that are running across different containers
Keystone services • Identity – Credential validation • Resources – Data about Projects and Domains • Assignment - Roles and Roles-to-Resource assignments • Token – Manages tokens • Catalog – Registry of services and end points • Policy – Rule based authorization
Authentication mechanisms UUID Tokens • UUID • Persistent PKI & PKIZ Tokens (From Grizzly) • Public Key Infrastructure – Certificate based • More informative payload but size is huge • Persistent Fernet Tokens (From Juno) • Non-persistent & Symmetric key encryption • 85% faster than UUID and 89% faster than PKI
UUID tokens Client API Token Token Generation User/Pass Verify/Generate/Store UUID Send User/Pass Cache UUID locally UUID Cache UUID Keystone Backend API Call Validation Request Send API request+UUID Request UUID Extract UUID from Request UUID Check UUID and expiry date Valid? Process Request Reject Request 2xx HTTP 4xx HTTP Update Req. status Display Req. Error Yes No API Call Validation response
PKI Tokens
What is Docker • Enables you to package an application with all its dependencies into a standardized unit • Docker separates applications from infrastructure using container technology Similar to how VMs separate the operating system from bare metal • Runs the same regardless of the environment Build Ship Run
Docker – Key Components • Docker Demon • Docker API • Cli Used to interact with Daemon • Docker Engine, (Constitutes of all the above) • Docker Machine – bring up Docker Swarm • Docker Swarm – Native clustering for Docker
Multitenant Cluster Multi-Tenant Swarm C1 C2 C3 C4 Tenant1 Tenant4Tenant3Tenant2 Keystone C1 C2 C3 C4 H1 H2 User Policy Resource Identity Catalog
Multi-tenancy with keystone User keystoneDocker HostSwarm keystoneDocker HostSwarmUser Authenticate (User, Tenant, Password) Validate and generate token Token Update config.json with token and tenant ID Docker –H swarm url <docker CMD> List tenants List tenant to which token has access Check keystone’s tenant list for user’s tenant Ensure that Tenants are isolated from each other, Each tenant can only manage and link to their own container Docker <Docker cmd>
Timelines and future work • Implementation of keystone support – In progress • Explore fernet tokens and include support for the same • Provide isolated tenant networking capabilities • Provide a framework for dockerized applications to use the multitenancy seamlessly
Connect with us… • Satya Routray (engg.sanj@gmail.com) • Rahul Upadhyay (rahuupad@cisco.com) • Anantha Padmanabhan CB (cbpadman@cisco.com) • Meenakshi Lakshmanan (mlakshma@cisco.com)
References • Identity, Authentication & Access Management in OpenStack – Implementing and Deploying Keystone - Steve Martinelli, Henry Nash & Brad Topol • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/ • http://dolphm.com/the-anatomy-of-openstack-keystone-token-formats/ • https://docs.docker.com/swarm/ • https://docs.docker.com/machine/drivers/openstack/ • https://wiki.openstack.org/wiki/Keystone • http://docs.openstack.org/developer/keystone/ • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/
Q&A
OpenStack Summit Austin, Texas 2016

Recommended

[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입
[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입
[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입choi sungwook
 
これがCassandra
これがCassandraこれがCassandra
これがCassandraTakehiro Torigaki
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesSecret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesAn Nguyen
 
Weaveを試してみた
Weaveを試してみたWeaveを試してみた
Weaveを試してみたKazuto Kusama
 
Write behind logging
Write behind loggingWrite behind logging
Write behind loggingPouyan Rezazadeh
 
Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019
Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019
Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019Steve Wong
 
Hashicorp Vault: Open Source Secrets Management at #OPEN18
Hashicorp Vault: Open Source Secrets Management at #OPEN18Hashicorp Vault: Open Source Secrets Management at #OPEN18
Hashicorp Vault: Open Source Secrets Management at #OPEN18Kangaroot
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In DeepMydbops
 

Recommended

[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입
[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입
[개인 프로젝트] 쿠버네티스를 이용한 개발환경 자동화 구축시스템 - 프로토타입choi sungwook
 
これがCassandra
これがCassandraこれがCassandra
これがCassandraTakehiro Torigaki
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesSecret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesAn Nguyen
 
Weaveを試してみた
Weaveを試してみたWeaveを試してみた
Weaveを試してみたKazuto Kusama
 
Write behind logging
Write behind loggingWrite behind logging
Write behind loggingPouyan Rezazadeh
 
Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019
Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019
Kubernetes Disaster Recovery - Los Angeles K8s meetup Dec 10 2019Steve Wong
 
Hashicorp Vault: Open Source Secrets Management at #OPEN18
Hashicorp Vault: Open Source Secrets Management at #OPEN18Hashicorp Vault: Open Source Secrets Management at #OPEN18
Hashicorp Vault: Open Source Secrets Management at #OPEN18Kangaroot
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In DeepMydbops
 
Openstack Swift - Lots of small files
Openstack Swift - Lots of small filesOpenstack Swift - Lots of small files
Openstack Swift - Lots of small filesAlexandre Lecuyer
 
Linux Container Technology 101
Linux Container Technology 101Linux Container Technology 101
Linux Container Technology 101inside-BigData.com
 
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례Docker + Kubernetes를 이용한 빌드 서버 가상화 사례
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례NAVER LABS
 
쿠키런 1년, 서버개발 분투기
쿠키런 1년, 서버개발 분투기쿠키런 1년, 서버개발 분투기
쿠키런 1년, 서버개발 분투기Brian Hong
 
Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)DongHyeon Kim
 
Docker 활용법: dumpdocker
Docker 활용법: dumpdockerDocker 활용법: dumpdocker
Docker 활용법: dumpdockerJaehwa Park
 
2019.06.27 Intro to Ceph
2019.06.27 Intro to Ceph2019.06.27 Intro to Ceph
2019.06.27 Intro to CephCeph Community
 
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 SeoulElastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 SeoulSeungYong Oh
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Weaveworks
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기SeungYong Oh
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?Akihiro Suda
 
BlueStore, A New Storage Backend for Ceph, One Year In
BlueStore, A New Storage Backend for Ceph, One Year InBlueStore, A New Storage Backend for Ceph, One Year In
BlueStore, A New Storage Backend for Ceph, One Year InSage Weil
 
分散環境におけるDocker とオーケストレーション
分散環境におけるDocker とオーケストレーション分散環境におけるDocker とオーケストレーション
分散環境におけるDocker とオーケストレーションMasahito Zembutsu
 
Docker introduction
Docker introductionDocker introduction
Docker introductionPhuc Nguyen
 
Kubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceKubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceJanakiram MSV
 
Apache kafka performance(latency)_benchmark_v0.3
Apache kafka performance(latency)_benchmark_v0.3Apache kafka performance(latency)_benchmark_v0.3
Apache kafka performance(latency)_benchmark_v0.3SANG WON PARK
 
Event sourcing with reactor and spring statemachine
Event sourcing with reactor and spring statemachineEvent sourcing with reactor and spring statemachine
Event sourcing with reactor and spring statemachineJimmy Lu
 
DockerとKubernetesをかけめぐる
DockerとKubernetesをかけめぐるDockerとKubernetesをかけめぐる
DockerとKubernetesをかけめぐるKohei Tokunaga
 
フィッシングとドメイン名・DNS
フィッシングとドメイン名・DNSフィッシングとドメイン名・DNS
フィッシングとドメイン名・DNSShiojiri Ohhara
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Felix Gessert
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeAcademy
 

More Related Content

What's hot

Openstack Swift - Lots of small files
Openstack Swift - Lots of small filesOpenstack Swift - Lots of small files
Openstack Swift - Lots of small filesAlexandre Lecuyer
 
Linux Container Technology 101
Linux Container Technology 101Linux Container Technology 101
Linux Container Technology 101inside-BigData.com
 
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례Docker + Kubernetes를 이용한 빌드 서버 가상화 사례
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례NAVER LABS
 
쿠키런 1년, 서버개발 분투기
쿠키런 1년, 서버개발 분투기쿠키런 1년, 서버개발 분투기
쿠키런 1년, 서버개발 분투기Brian Hong
 
Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)DongHyeon Kim
 
Docker 활용법: dumpdocker
Docker 활용법: dumpdockerDocker 활용법: dumpdocker
Docker 활용법: dumpdockerJaehwa Park
 
2019.06.27 Intro to Ceph
2019.06.27 Intro to Ceph2019.06.27 Intro to Ceph
2019.06.27 Intro to CephCeph Community
 
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 SeoulElastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 SeoulSeungYong Oh
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Weaveworks
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기SeungYong Oh
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?Akihiro Suda
 
BlueStore, A New Storage Backend for Ceph, One Year In
BlueStore, A New Storage Backend for Ceph, One Year InBlueStore, A New Storage Backend for Ceph, One Year In
BlueStore, A New Storage Backend for Ceph, One Year InSage Weil
 
分散環境におけるDocker とオーケストレーション
分散環境におけるDocker とオーケストレーション分散環境におけるDocker とオーケストレーション
分散環境におけるDocker とオーケストレーションMasahito Zembutsu
 
Docker introduction
Docker introductionDocker introduction
Docker introductionPhuc Nguyen
 
Kubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceKubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceJanakiram MSV
 
Apache kafka performance(latency)_benchmark_v0.3
Apache kafka performance(latency)_benchmark_v0.3Apache kafka performance(latency)_benchmark_v0.3
Apache kafka performance(latency)_benchmark_v0.3SANG WON PARK
 
Event sourcing with reactor and spring statemachine
Event sourcing with reactor and spring statemachineEvent sourcing with reactor and spring statemachine
Event sourcing with reactor and spring statemachineJimmy Lu
 
DockerとKubernetesをかけめぐる
DockerとKubernetesをかけめぐるDockerとKubernetesをかけめぐる
DockerとKubernetesをかけめぐるKohei Tokunaga
 
フィッシングとドメイン名・DNS
フィッシングとドメイン名・DNSフィッシングとドメイン名・DNS
フィッシングとドメイン名・DNSShiojiri Ohhara
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 

What's hot (20)

Openstack Swift - Lots of small files
Openstack Swift - Lots of small filesOpenstack Swift - Lots of small files
Openstack Swift - Lots of small files
 
Linux Container Technology 101
Linux Container Technology 101Linux Container Technology 101
Linux Container Technology 101
 
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례Docker + Kubernetes를 이용한 빌드 서버 가상화 사례
Docker + Kubernetes를 이용한 빌드 서버 가상화 사례
 
쿠키런 1년, 서버개발 분투기
쿠키런 1년, 서버개발 분투기쿠키런 1년, 서버개발 분투기
쿠키런 1년, 서버개발 분투기
 
Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)Kubernetes internals (Kubernetes 해부하기)
Kubernetes internals (Kubernetes 해부하기)
 
Docker 활용법: dumpdocker
Docker 활용법: dumpdockerDocker 활용법: dumpdocker
Docker 활용법: dumpdocker
 
2019.06.27 Intro to Ceph
2019.06.27 Intro to Ceph2019.06.27 Intro to Ceph
2019.06.27 Intro to Ceph
 
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 SeoulElastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?
 
BlueStore, A New Storage Backend for Ceph, One Year In
BlueStore, A New Storage Backend for Ceph, One Year InBlueStore, A New Storage Backend for Ceph, One Year In
BlueStore, A New Storage Backend for Ceph, One Year In
 
分散環境におけるDocker とオーケストレーション
分散環境におけるDocker とオーケストレーション分散環境におけるDocker とオーケストレーション
分散環境におけるDocker とオーケストレーション
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Kubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceKubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistence
 
Apache kafka performance(latency)_benchmark_v0.3
Apache kafka performance(latency)_benchmark_v0.3Apache kafka performance(latency)_benchmark_v0.3
Apache kafka performance(latency)_benchmark_v0.3
 
Event sourcing with reactor and spring statemachine
Event sourcing with reactor and spring statemachineEvent sourcing with reactor and spring statemachine
Event sourcing with reactor and spring statemachine
 
DockerとKubernetesをかけめぐる
DockerとKubernetesをかけめぐるDockerとKubernetesをかけめぐる
DockerとKubernetesをかけめぐる
 
フィッシングとドメイン名・DNS
フィッシングとドメイン名・DNSフィッシングとドメイン名・DNS
フィッシングとドメイン名・DNS
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
 

Viewers also liked

Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Felix Gessert
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeAcademy
 
Building a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containersBuilding a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containersaslomibm
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerAnanth Padmanabhan
 
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeAcademy
 
Monitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsMonitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsAnanth Padmanabhan
 
Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Adrien Blind
 
FOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platformFOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platformAndrew Nagy
 
Making Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and MeteredMaking Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and MeteredPaul Fremantle
 
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible
 
Monitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized ApplicationMonitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized ApplicationRahul Krishna Upadhyaya
 
Pachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with DockerPachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with DockerJoseph Zwicker
 
What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.Rahul Krishna Upadhyaya
 
Federated mesos clusters for global data center designs
Federated mesos clusters for global data center designsFederated mesos clusters for global data center designs
Federated mesos clusters for global data center designsKrishna-Kumar
 
Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)Imesh Gunaratne
 
Dalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PADalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PAMaria Cristina Lavazza
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...festival ICT 2016
 
VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016Andrew Nagy
 

Viewers also liked (20)

Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
Building a Global-Scale Multi-Tenant Cloud Platform on AWS and Docker: Lesson...
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant KubernetesKubeCon EU 2016: Multi-Tenant Kubernetes
KubeCon EU 2016: Multi-Tenant Kubernetes
 
Building a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containersBuilding a multi-tenant cloud service from legacy code with Docker containers
Building a multi-tenant cloud service from legacy code with Docker containers
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using docker
 
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
 
Monitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsMonitoring docker container and dockerized applications
Monitoring docker container and dockerized applications
 
Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?
 
FOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platformFOLIO - An open source multi-tenant platform
FOLIO - An open source multi-tenant platform
 
Making Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and MeteredMaking Apache Tomcat Multi-tenant, Elastic and Metered
Making Apache Tomcat Multi-tenant, Elastic and Metered
 
Docker. General overview
Docker. General overviewDocker. General overview
Docker. General overview
 
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
 
Monitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized ApplicationMonitoring Docker Containers and Dockererized Application
Monitoring Docker Containers and Dockererized Application
 
Pachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with DockerPachyderm: Data Storage and Processing with Docker
Pachyderm: Data Storage and Processing with Docker
 
What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.What is Virtualization. Talk from Pycon 2013 India.
What is Virtualization. Talk from Pycon 2013 India.
 
Federated mesos clusters for global data center designs
Federated mesos clusters for global data center designsFederated mesos clusters for global data center designs
Federated mesos clusters for global data center designs
 
Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)Multitenancy in WSO2 Carbon 5 (C5)
Multitenancy in WSO2 Carbon 5 (C5)
 
Dalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PADalla parte degli utenti: riprogettare un sito della PA
Dalla parte degli utenti: riprogettare un sito della PA
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
 
Big Data Applications
Big Data ApplicationsBig Data Applications
Big Data Applications
 
VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016VuFind on FOLIO @ VuFind Summit 2016
VuFind on FOLIO @ VuFind Summit 2016
 

Similar to Multi tenancy for docker

Docker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + KubernetesDocker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + KubernetesThomas Barlow
 
Docker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker, Inc.
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in Dockerdocker-athens
 
Getting started with google kubernetes engine
Getting started with google kubernetes engineGetting started with google kubernetes engine
Getting started with google kubernetes engineShreya Pohekar
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaRoman Dembitsky
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Edureka!
 
Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technologyFrank Victory
 
Attacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisAttacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisOWASP Hacker Thursday
 
CONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptxCONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptxSanjuGamesphere
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Docker, Inc.
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 RecapLee Calcote
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionKyunghun Jeon
 
Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018Patrick Chanezon
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsPatrick Chanezon
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHansFarroCastillo1
 
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...Alexey Bokov
 

Similar to Multi tenancy for docker (20)

Docker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + KubernetesDocker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
Docker Dublin Meetup | 22 Feb 2018 | Docker + Kubernetes
 
Docker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup Slides
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in Docker
 
Getting started with google kubernetes engine
Getting started with google kubernetes engineGetting started with google kubernetes engine
Getting started with google kubernetes engine
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 Barcelona
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
 
Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technology
 
Attacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisAttacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin Jois
 
CONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptxCONTAINERIZATION WITH DOCKER .pptx
CONTAINERIZATION WITH DOCKER .pptx
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker Introduction
 
Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018Develop and deploy Kubernetes applications with Docker - IBM Index 2018
Develop and deploy Kubernetes applications with Docker - IBM Index 2018
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
 
Kubernetes integration with ODL
Kubernetes integration with ODLKubernetes integration with ODL
Kubernetes integration with ODL
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptx
 
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
Azure: Docker Container orchestration, PaaS ( Service Farbic ) and High avail...
 
Flocker
FlockerFlocker
Flocker
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 

Recently uploaded (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 

Multi tenancy for docker

  • 1. Multi-tenancy for Docker Containers with Keystone Satya Routray, Rahul Upadhyay Anantha Padmanabhan CB, Meenakshi Lakshmanan 27, Apr 2016
  • 2. Current authorization mechanism  Username / Password based authentication  Allows user to run any docker command  Or view all provisioned containers  No limit on number of containers / resources used
  • 3. Why multitenancy?  We can use standalone Keystone to provide multitenancy to Docker.  Multitenancy allows users to view/manage only the containers they provisioned  Enables Role Based Access Control (RBAC)  Enables administrator to specify quota – pay as you go model  Can utilize Keystone’s ability to support multiple backend domains  Single sign-on and Hierarchical multitenancy  Not only users-to-container authorization, but also service-to-service authorization that are running across different containers
  • 4. Keystone services • Identity – Credential validation • Resources – Data about Projects and Domains • Assignment - Roles and Roles-to-Resource assignments • Token – Manages tokens • Catalog – Registry of services and end points • Policy – Rule based authorization
  • 5. Authentication mechanisms UUID Tokens • UUID • Persistent PKI & PKIZ Tokens (From Grizzly) • Public Key Infrastructure – Certificate based • More informative payload but size is huge • Persistent Fernet Tokens (From Juno) • Non-persistent & Symmetric key encryption • 85% faster than UUID and 89% faster than PKI
  • 6. UUID tokens Client API Token Token Generation User/Pass Verify/Generate/Store UUID Send User/Pass Cache UUID locally UUID Cache UUID Keystone Backend API Call Validation Request Send API request+UUID Request UUID Extract UUID from Request UUID Check UUID and expiry date Valid? Process Request Reject Request 2xx HTTP 4xx HTTP Update Req. status Display Req. Error Yes No API Call Validation response
  • 8. What is Docker • Enables you to package an application with all its dependencies into a standardized unit • Docker separates applications from infrastructure using container technology Similar to how VMs separate the operating system from bare metal • Runs the same regardless of the environment Build Ship Run
  • 9. Docker – Key Components • Docker Demon • Docker API • Cli Used to interact with Daemon • Docker Engine, (Constitutes of all the above) • Docker Machine – bring up Docker Swarm • Docker Swarm – Native clustering for Docker
  • 10. Multitenant Cluster Multi-Tenant Swarm C1 C2 C3 C4 Tenant1 Tenant4Tenant3Tenant2 Keystone C1 C2 C3 C4 H1 H2 User Policy Resource Identity Catalog
  • 11. Multi-tenancy with keystone User keystoneDocker HostSwarm keystoneDocker HostSwarmUser Authenticate (User, Tenant, Password) Validate and generate token Token Update config.json with token and tenant ID Docker –H swarm url <docker CMD> List tenants List tenant to which token has access Check keystone’s tenant list for user’s tenant Ensure that Tenants are isolated from each other, Each tenant can only manage and link to their own container Docker <Docker cmd>
  • 12. Timelines and future work • Implementation of keystone support – In progress • Explore fernet tokens and include support for the same • Provide isolated tenant networking capabilities • Provide a framework for dockerized applications to use the multitenancy seamlessly
  • 13. Connect with us… • Satya Routray (engg.sanj@gmail.com) • Rahul Upadhyay (rahuupad@cisco.com) • Anantha Padmanabhan CB (cbpadman@cisco.com) • Meenakshi Lakshmanan (mlakshma@cisco.com)
  • 14. References • Identity, Authentication & Access Management in OpenStack – Implementing and Deploying Keystone - Steve Martinelli, Henry Nash & Brad Topol • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/ • http://dolphm.com/the-anatomy-of-openstack-keystone-token-formats/ • https://docs.docker.com/swarm/ • https://docs.docker.com/machine/drivers/openstack/ • https://wiki.openstack.org/wiki/Keystone • http://docs.openstack.org/developer/keystone/ • https://www.mirantis.com/blog/understanding-openstack-authentication-keystone-pki/
  • 15. Q&A