4. Image Registry
CI/CD
Security scan
& sign
Traditional
Third Party
Microservices
docker store
DEVELOPERS IT OPERATIONS
Control Plane
Docker EE Platform to Modernize Traditional Apps
And Beyond
15. Example: Savings at MetLife with MTA
+
Consolidate
VMs
70%
Move workloads
easily to Cloud
Massive
operational
leverage
+
22. Traditional & microservices apps,
cloud
Traditional app modernization
Big data, genomic sequencing
Microservices appsMicroservices apps
Big data, genomic sequencing
DevOps, CI for traditional
& microservices apps, cloud
Traditional & microservices
apps, cloud
Automated dev pipelines
Traditional & microservices
apps
Enterprise Customer Use Cases
38. Not everybody uses Swarm!
Docker Enterprise Edition
Docker Community Edition
containerd
Dilemma: Integration vs Choice
39. Docker Enterprise Edition
Docker Community Edition
containerd
Native Kubernetes
integration provides full
ecosystem
compatibility Industry-standard
container runtime
The best container
development workflow
The best enterprise
container security and
management
Docker: Now Powered by Swarm and Kubernetes
43. Docker Enterprise Edition
Docker Community Edition
containerd
The best container
development workflow
The best enterprise
container security and
management
Docker: Now Powered by Swarm and Kubernetes
Native Kubernetes
integration provides full
ecosystem
compatibility Industry-standard
container runtime
44. Test locally on Swarm
?
Deploy to production
in Swarm
Developing for Swarm and Kubernetes : Before
Develop with Docker
Community Edition
on your workstation
Deploy to production
in Kubernetes
45. Test locally on Swarm
and Kubernetes
Docker Community Edition
All in one Development for Swarm and Kubernetes
Develop with Docker
Community Edition
on your workstation
Deploy to production
in Swarm
Deploy to production
in Kubernetes
47. Docker Community Edition
All in one Development for Swarm and Kubernetes
Test locally on Swarm
and Kubernetes
Develop with Docker
Community Edition
on your workstation
Deploy to production
in Swarm
Deploy to production
in Kubernetes
48. - Easy High Availability provisioning
- Cryptographic node identity
Features Swarm Support
- Registry
- Content Trust
- Secure Scanning
- Clean upstream integration
- Full ecosystem compatibility
- Role Based Access Control
- Authorization, Authentication
- Node Segmentation
Secure Cluster Lifecycle
Secure Supply Chain
100% Interoperability
Secure Multi-tenancy
Management Dashboard
Supported and Certified on Windows Server and Major Linux Distributions
Kubernetes Support
Docker Enterprise Edition
Management for Swarm and Kubernetes
49. Docker Enterprise Edition
Docker Community Edition
containerd
The best container
development workflow
The best enterprise
container security and
management
Docker: Now Powered by Swarm and Kubernetes
Native Kubernetes
integration provides full
ecosystem
compatibility Industry-standard
container runtime
51. Docker Community Edition
Developers EnterpriseContainer Ecosystem
The Docker Innovation Model
Docker Enterprise Edition
9,149 Open Source Contributors 8800 PRs/Year
53. November 2016 containerd
1.0 development starts at
KubeCon
March 2017
containerd contributed to
CNCF at CloudNativeCon
April 2017
LinuxKit + Kubernetes at
DockerCon
Kubernetes + cri-containerd at
Moby Summit
September 2017
libnetwork + CNI at
Open Source Summit
October 2017
Notary submitted to
CNCF contribution
Q4 2017
Beta of Docker
with Kubernetes support
An Open Source Integration
1 Year in the Making
54. What happens when the two largest
open source container projects collaborate?
58. Agenda (morning)
9am - 9:30am - Introduction to the Moby Project
• Open Source contribution & collaboration with CNCF Patrick Chanezon (Docker)
• Governance, Moby Core and project roadmap
• Kubernetes and Docker: Tim Hockin (Google)
9:30am - 10:15am - Infrakit
• Infrakit update + integration with k8s by David Chung (Docker)
• Declare Your Infrastructure with InfraKit, LinuxKit, and Moby by Steven Kaufer (IBM) and David Freitag (IBM)
10:15am - 10:30am - Break
10:30am - 11:30am - LinuxKit
• LinuxKit update and demo Justin & Riyaz (Docker) and Ilya Dmitrichenko (Weave)
• LinuxKit Demo on ARM64 by Andrew Wafaa (ARM)
• Balena, Petros Angelatos (resin.io)
• Using LinuxKit to Build Custom RancherOS Systems by Sven Dowideit (Rancher)
11:30am - 12:15pm - containerd
• containerd 1.0 & roadmap by Stephen (Docker) & Phil (IBM)
• containerd & CRI integration by Abhi Bayankaram (Docker) and Liu Lantao (Google)
12:15 - 13:15 pm - Lunch
59. Agenda (afternoon)
13:15 - 13:45pm - BuildKit by Tonis Tiigi (Docker)
13:45pm - 14:15pm - Security
• Container and App Security by Nassim Eddequiaq (Docker)
• Security Scanning & Notary by David Lawrence (Docker)
14:15pm - 15:00pm - Serverless & container sessions
• Fn by Chad Arimura (Oracle)
• OpenFaaS by Alex Ellis (ADP)
• OpenWhisk by Phil Estes (IBM)
15:00pm - 15:15pm - networking
• Libnetwork CNI
• Openoverlay
• Istio
15:15pm - 15:30pm - break
15:30pm - 17:00pm - Birds of a feather sessions
1. runC / containerd
2. LinuxKit
3. InfraKit
17:00pm - 17:30pm - BOFs recap + AMA / panel
4. Buildkit
5. Serverless
6. Security
60. Moby Blog on Medium
Guest blog posts welcome!
blog.mobyproject.org
ECONOMICS (slide 12)For the economics slide. I think the best way to talk about it would be that Docker give us three new powerful cost levers to pull:
the ability to consolidate VMs. I can mention that in extreme cases we are seeing up to 70% consolidation opportunities
The ability to move workloads easily to cloud. This allows us to build to average and surge to peak embracing the elasticity of the cloud, effectively solving our Super Bowl ad problem
Massive operational leverage due to automation built into the orchestration layer. Automated recovery/rescheduling are so effective that by the time ops teams are notified that a hardware failure has occurred, workloads have been already been rescheduled and the app generally hasn't taken a hit. Likewise, scaling an app for higher loads is so easy it's a non event. In short Dockerized apps are much easier to run than traditional apps, that it's <something witty>
Containers and container orchestration may feel like they’ve been around for a long time, but this is really just the beginning. While we’ve done a bunch of work to make it easier to operate containerized distributed systems on public clouds like Azure, there’s really so much more to do. That’s why I’m thrilled to join forces with Solomon and the rest of the Docker community. I’m looking forward to Microsoft and Docker working together to develop the best of breed tools that will enable users to rapidly build, deploy, debug and manage their distributed systems running on Kubernetes on Azure or wherever their container ships take them.
Containers and container orchestration may feel like they’ve been around for a long time, but this is really just the beginning. While we’ve done a bunch of work to make it easier to operate containerized distributed systems on public clouds like Azure, there’s really so much more to do. That’s why I’m thrilled to join forces with Solomon and the rest of the Docker community. I’m looking forward to Microsoft and Docker working together to develop the best of breed tools that will enable users to rapidly build, deploy, debug and manage their distributed systems running on Kubernetes on Azure or wherever their container ships take them.