SlideShare a Scribd company logo

Dockercon 2015 Recap

E
ehazlett

The document recaps announcements from Dockercon including improved security features for Docker like process monitoring and fine-grained access control. It outlines updates to networking including multi-host networking and plugins for networking and volumes. Docker 1.7 was announced with improvements to building, networking stack, and Swarm orchestration. The OpenContainer Project was also announced to develop universal container standards.

Technology
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Dockercon Recap Evan Hazlett @ehazlett
Dockercon: Announcements • Docker in Production • Security • Networking and Plugins • RunC • Docker Release 1.7 • OpenContainer Project
Docker in Production • Tremendous Community & Partner Ecosystem • Extensible and Pluggable • Roadmap • Security • Orchestration • Networking and Storage • Deployment and Management Workflows
Security • Least Privilege Microservices • Service Profiles: access to only resources needed (API, etc) • Process Monitoring • Fine-grained Access Control • Namespaces • Cgroups • Linux Security Modules (AppArmor, SELinux) • Per container ulimit • User namespaces (remap root coming in 1.8) • Seccomp: syscall filtering (coming)
Security (cont.) • DockerBench: Security Benchmark Tool • https://github.com/docker/docker-bench-security • Notary: Secure Content Distribution • https://github.com/docker/notary
Networking and Plugins
Networking • Multi-host networking out of the box • Builtin Micro Segmentation • Create Virtual Networks of any Topology • Enforce Security Policies • Probes and Firewalls • Built on industry standards • Standardized Service Discovery • API (coming)
Plugins • Initial Extension Points • Network • Volume • Scheduler • Service Discovery • ...more to come
RunC
RunC • Universal Container Runtime • Docker’s Container Management; nothing else • Lightweight • Battle Tested and Production Ready • Supports selinux, apparmor, cgroups, seccomp, namespaces • User namespaces • Live Migration • Microsoft contributing Windows support • Arm support coming • https://runc.io
Docker Release 1.7
Docker Engine 1.7 • Experimental Binary • Built and distributed nightly • Bleeding edge features • Initial Experimental Features • New networking • Network Plugins • Volume Plugins
Docker Engine 1.7 (cont.) • Network Stack • libnetwork: new API for container networking • https://github.com/docker/libnetwork • Disable userland proxy • Huge performance for port publishing • ZFS driver • Build Quota: docker build --cpu-quota • Build Branch: docker build https://github.com/user/repo#branch
Docker Machine 0.3 • Generic Driver • Provision any host with SSH • Exoscale Driver • Specify custom Engine and Swarm options • Swarm Provisioning out of experimental • Specify custom Engine and Swarm Versions
Docker Swarm 0.3 • Multi-tenancy • Leader Election and Replication (experimental); requires external service discovery • Node Removal • Mesos Integration • Improved Builtin Scheduler • Better Docker Remote API Parity • docker load • docker build • docker save
Docker Compose 1.3.0 • Performance and stability • More config option support for Engine • New feature (experimental): Smart Recreate • Only recreate containers whose configuration has changed • docker-compose up -x-smart-recreate • Will become default
OpenContainer Project
OpenContainer Project • OCF: universal intermediary format for OS containers • Docker dontated RunC to Open Container Project • RunC is the OCF reference implementation • Founding Members:
Thank You! ● Notary: https://github.com/docker/notary ● DockerBench: http://dockerbench.com ● Engine: https://github.com/docker/docker ● Machine: https://github.com/docker/machine ● Swarm: https://github.com/docker/swarm ● Compose: https://github.com/docker/compose ● RunC: https://github.com/opencontainers/runc ● Network: https://github.com/docker/libnetwork ● OpenContainer Project: http://opencontainers.org
Thank you! Evan Hazlett @ehazlett

More Related Content

PDF
Introduction to LinuxKit - Docker Bangalore Meetup
Ajeet Singh Raina
 
PDF
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Michelle Antebi
 
PPTX
Linux kit meetup_v1.0.0
Anshul Patel
 
PPTX
Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker, Inc.
 
PDF
Docker Security and Content Trust
ehazlett
 
PDF
Unikernels: the rise of the library hypervisor in MirageOS
Docker, Inc.
 
PDF
DockerCon 2016 Recap
ehazlett
 
PDF
Docker
Anil Wadghule
 
Introduction to LinuxKit - Docker Bangalore Meetup
Ajeet Singh Raina
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Michelle Antebi
 
Linux kit meetup_v1.0.0
Anshul Patel
 
Docker Online Meetup #30: Docker Trusted Registry 1.4.1
Docker, Inc.
 
Docker Security and Content Trust
ehazlett
 
Unikernels: the rise of the library hypervisor in MirageOS
Docker, Inc.
 
DockerCon 2016 Recap
ehazlett
 
Docker
Anil Wadghule
 

What's hot (20)

PPTX
An Introduction to Kubernetes
Rohman Muhamad
 
PDF
DockerDay2015: Docker orchestration for developers
Docker-Hanoi
 
PPTX
Docker Mentorweek beginner workshop notes
Sreenivas Makam
 
PDF
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 
PDF
DockerCon EU 2015: Monitoring Docker
Docker, Inc.
 
PDF
DockerCon EU 2015: Docker Networking Deep Dive
Docker, Inc.
 
PPTX
Introducing LinuxKit
Docker, Inc.
 
PPTX
Docker 1.9 Feature Overview
Sreenivas Makam
 
PDF
Swarm docker bangalore_meetup
Arunan Rabindran
 
PPTX
Docker Networking : 0 to 60mph slides
Docker, Inc.
 
PDF
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Lakmal Warusawithana
 
PPTX
K8s security best practices
Sharon Vendrov
 
PDF
DockerCon SF 2015: Docker Security
Docker, Inc.
 
PDF
Production Ready Containers from IBM and Docker
Docker, Inc.
 
PPTX
DockerCon EU 2015: Nesting Containers: Real Life Observations
Docker, Inc.
 
PDF
Fluentd and docker monitoring
Vinay Krishna
 
PDF
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
PPTX
Docker practical solutions
Kesav Kumar Kolla
 
PPTX
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
Docker, Inc.
 
PDF
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
Arnaud Porterie
 
An Introduction to Kubernetes
Rohman Muhamad
 
DockerDay2015: Docker orchestration for developers
Docker-Hanoi
 
Docker Mentorweek beginner workshop notes
Sreenivas Makam
 
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 
DockerCon EU 2015: Monitoring Docker
Docker, Inc.
 
DockerCon EU 2015: Docker Networking Deep Dive
Docker, Inc.
 
Introducing LinuxKit
Docker, Inc.
 
Docker 1.9 Feature Overview
Sreenivas Makam
 
Swarm docker bangalore_meetup
Arunan Rabindran
 
Docker Networking : 0 to 60mph slides
Docker, Inc.
 
Containers in production with Docker, CoreOS, Kubernetes and Apache Stratos
Lakmal Warusawithana
 
K8s security best practices
Sharon Vendrov
 
DockerCon SF 2015: Docker Security
Docker, Inc.
 
Production Ready Containers from IBM and Docker
Docker, Inc.
 
DockerCon EU 2015: Nesting Containers: Real Life Observations
Docker, Inc.
 
Fluentd and docker monitoring
Vinay Krishna
 
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
Docker practical solutions
Kesav Kumar Kolla
 
DockerCon EU 2015: Docker Universal Control Plane (Gordon's Special Session)
Docker, Inc.
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
Arnaud Porterie
 
Ad

Similar to Dockercon 2015 Recap (20)

PDF
DockerCon Recap - Online Meetup by Ben Firshman
Docker, Inc.
 
PPTX
Docker Platform and Ecosystem Nov 2015
Patrick Chanezon
 
PPTX
Docker SF Meetup January 2016
Patrick Chanezon
 
PDF
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Jérôme Petazzoni
 
PDF
Introduction to Docker at the Azure Meet-up in New York
Jérôme Petazzoni
 
PDF
Docker Introduction + what is new in 0.9
Jérôme Petazzoni
 
PDF
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQ
Jérôme Petazzoni
 
PDF
DockerCon 2016 Seattle Recap
Philipp Garbe
 
PDF
Docker and Containers for Development and Deployment — SCALE12X
Jérôme Petazzoni
 
PDF
Docker fundamentals
Alper Unal
 
PDF
Introduction to Docker at Glidewell Laboratories in Orange County
Jérôme Petazzoni
 
PPTX
Docker Enterprise Workshop - Technical
Patrick Chanezon
 
PPTX
Docker Platform and Ecosystem
Patrick Chanezon
 
PPTX
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Patrick Chanezon
 
PDF
The Docker "Gauntlet" - Introduction, Ecosystem, Deployment, Orchestration
Erica Windisch
 
PDF
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
PDF
Introduction to Docker (as presented at December 2013 Global Hackathon)
Jérôme Petazzoni
 
PDF
DockerCon SF 2015: Keynote Day 1
Docker, Inc.
 
PDF
Docker and-containers-for-development-and-deployment-scale12x
rkr10
 
PDF
Docker 2014
Open Networking Perú (Opennetsoft)
 
DockerCon Recap - Online Meetup by Ben Firshman
Docker, Inc.
 
Docker Platform and Ecosystem Nov 2015
Patrick Chanezon
 
Docker SF Meetup January 2016
Patrick Chanezon
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Jérôme Petazzoni
 
Introduction to Docker at the Azure Meet-up in New York
Jérôme Petazzoni
 
Docker Introduction + what is new in 0.9
Jérôme Petazzoni
 
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQ
Jérôme Petazzoni
 
DockerCon 2016 Seattle Recap
Philipp Garbe
 
Docker and Containers for Development and Deployment — SCALE12X
Jérôme Petazzoni
 
Docker fundamentals
Alper Unal
 
Introduction to Docker at Glidewell Laboratories in Orange County
Jérôme Petazzoni
 
Docker Enterprise Workshop - Technical
Patrick Chanezon
 
Docker Platform and Ecosystem
Patrick Chanezon
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Patrick Chanezon
 
The Docker "Gauntlet" - Introduction, Ecosystem, Deployment, Orchestration
Erica Windisch
 
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
Introduction to Docker (as presented at December 2013 Global Hackathon)
Jérôme Petazzoni
 
DockerCon SF 2015: Keynote Day 1
Docker, Inc.
 
Docker and-containers-for-development-and-deployment-scale12x
rkr10
 
Docker 2014
Open Networking Perú (Opennetsoft)
 
Ad

Recently uploaded (20)

PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
KodekX | Application Modernization Development
KodekX
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 

Dockercon 2015 Recap

  • 2. Dockercon: Announcements • Docker in Production • Security • Networking and Plugins • RunC • Docker Release 1.7 • OpenContainer Project
  • 3. Docker in Production • Tremendous Community & Partner Ecosystem • Extensible and Pluggable • Roadmap • Security • Orchestration • Networking and Storage • Deployment and Management Workflows
  • 4. Security • Least Privilege Microservices • Service Profiles: access to only resources needed (API, etc) • Process Monitoring • Fine-grained Access Control • Namespaces • Cgroups • Linux Security Modules (AppArmor, SELinux) • Per container ulimit • User namespaces (remap root coming in 1.8) • Seccomp: syscall filtering (coming)
  • 5. Security (cont.) • DockerBench: Security Benchmark Tool • https://github.com/docker/docker-bench-security • Notary: Secure Content Distribution • https://github.com/docker/notary
  • 7. Networking • Multi-host networking out of the box • Builtin Micro Segmentation • Create Virtual Networks of any Topology • Enforce Security Policies • Probes and Firewalls • Built on industry standards • Standardized Service Discovery • API (coming)
  • 8. Plugins • Initial Extension Points • Network • Volume • Scheduler • Service Discovery • ...more to come
  • 10. RunC • Universal Container Runtime • Docker’s Container Management; nothing else • Lightweight • Battle Tested and Production Ready • Supports selinux, apparmor, cgroups, seccomp, namespaces • User namespaces • Live Migration • Microsoft contributing Windows support • Arm support coming • https://runc.io
  • 12. Docker Engine 1.7 • Experimental Binary • Built and distributed nightly • Bleeding edge features • Initial Experimental Features • New networking • Network Plugins • Volume Plugins
  • 13. Docker Engine 1.7 (cont.) • Network Stack • libnetwork: new API for container networking • https://github.com/docker/libnetwork • Disable userland proxy • Huge performance for port publishing • ZFS driver • Build Quota: docker build --cpu-quota • Build Branch: docker build https://github.com/user/repo#branch
  • 14. Docker Machine 0.3 • Generic Driver • Provision any host with SSH • Exoscale Driver • Specify custom Engine and Swarm options • Swarm Provisioning out of experimental • Specify custom Engine and Swarm Versions
  • 15. Docker Swarm 0.3 • Multi-tenancy • Leader Election and Replication (experimental); requires external service discovery • Node Removal • Mesos Integration • Improved Builtin Scheduler • Better Docker Remote API Parity • docker load • docker build • docker save
  • 16. Docker Compose 1.3.0 • Performance and stability • More config option support for Engine • New feature (experimental): Smart Recreate • Only recreate containers whose configuration has changed • docker-compose up -x-smart-recreate • Will become default
  • 18. OpenContainer Project • OCF: universal intermediary format for OS containers • Docker dontated RunC to Open Container Project • RunC is the OCF reference implementation • Founding Members:
  • 19. Thank You! ● Notary: https://github.com/docker/notary ● DockerBench: http://dockerbench.com ● Engine: https://github.com/docker/docker ● Machine: https://github.com/docker/machine ● Swarm: https://github.com/docker/swarm ● Compose: https://github.com/docker/compose ● RunC: https://github.com/opencontainers/runc ● Network: https://github.com/docker/libnetwork ● OpenContainer Project: http://opencontainers.org