SlideShare a Scribd company logo

Docker + App Container = ocp

Apcera
Apcera

You can learn more about The Trusted Cloud Platform at: https://www.apcera.com/

Technology
1 of 27
Download to read offline
Docker + App Container -> OCP 23 June 2015 Alex Toombs Software Engineer, Apcera
Who am I? @ Apcera > 2 years Platform Lead Deployment, packaging, auditability Not only microservice-based apps: legacy stacks, too (...but not the focus today)
About Apcera Develop a platform for enterprises to manage applications & services Golang users! (>90% Go code in our main repo, since ~ August 2012) Wrote our own container implementation (using common techs like cgroups, namespaces) Digest Docker/ACI/whatever images to run (polyglot stacks welcome)
Hosted Slides http://present.croissant.buffalo.im/apceraMeetup/apceraMeetup.slide#1 (on Continuum)
Docker vs CoreOS
Docker vs CoreOS By Evrik and Mets501 [Public domain], via Wikimedia Commons
Docker vs CoreOS Just kidding! We're all friends now
Original title: killed by shykes! Awesome announcement yesterday: OCP! Open Container Project (under the Linux Foundation) First reference implementation: runC Apcera's down with OCP! Lots of big backers (Docker, Amazon, Google, Microsoft, CoreOS, etc.)
Docker
Docker: past History: dotCloud's Docker project started in ~ early 2013 dotCloud has been around ~8 years; struck a chord with Docker Docker: quickly became synonymous with containers
Docker: past docker/dockerrepo, v0.1.0: https://github.com/docker/docker/releases/tag/v0.1.0 March 23, 2013 527 commits dotCloud -> Docker LXC (Linux Containers)
Docker: past docker/dockerrepo, v0.9.0: https://github.com/docker/docker/releases/tag/v0.9.0 March 10, 2014 6739 commits "Add the pure Go libcontainer library to make it possible to run containers..." "Add native exec driver which uses libcontainer and make it the default exec driver." LXC -> libcontainer
Docker: present 500,000,000 containers downloaded (according to Dockercon) 16,339 commits (post-lunch, today) Many products: Engine, Compose, Swarm, Machine, Notary, etc. Plugins are powerful OCP! (more later)
Docker: future Microkernels (just kidding) Heavy focus on trust around containers (big criticism; tarsums, signatures, etc) Support more platforms (e.g. Microsoft, for Windows Server) libcontainer -> runC?
appc
appc: origins CoreOS started appc project to define a spec for containers Trust at the core; use common tools like pgp/tar/shasum for image verification/portability Independent from CoreOS, maintained by 6 people (up until recently!) rkt: reference implementation
appc: tenets Composable Secure Decentralized (!) Open
appc: pieces App Container Image: what image is run App Container Image Discovery: how to find images App Container Pod: what a deployable, executable unit is App Container Executor: how pods are executed
appc + Apcera: Kurma Apcera question: what to do with container runtimes? libcontainer vs rkt vs our own tech vs something else... Spec was attractive; well-defined interface DNS discovery protocol: awesome! Decentralized distribution vs centralized registry
Future: Open Container Project (OCP)
OCP (http://opencontainers.org/)
OCP Reference implementation: https://github.com/opencontainers/runc Heavily libcontainer flavored No image spec yet (adopting from appc?) Highly in flux! (just over a day old, publicly) Spec: emphasis on "working code" for moving spec forward
OCP: open questions Image spec: what will that look like? (ACI, we hope) Registry v2: pertains to above Future of rkt Future of libcontainer Security scanning of images (mentioned briefly yesterday)
OCP + Apcera: ? Committed to improving the spec Provide feedback/PRs Very interested in image verification (notary is cool, but independent) Policy for allowed sets of keys, maybe? Doesn't replace Docker; Docker has the distribution down
Thank you 23 June 2015 Alex Toombs Software Engineer, Apcera alex@apcera.com(mailto:alex@apcera.com) @alextoombs(http://twitter.com/alextoombs) See you at Gophercon!
Docker + App Container = ocp

Recommended

Apcera: Agility and Security in Docker Delivery
Apcera: Agility and Security in Docker DeliveryApcera: Agility and Security in Docker Delivery
Apcera: Agility and Security in Docker Delivery
Apcera
 
Docker & Apcera Better Together
Docker & Apcera Better TogetherDocker & Apcera Better Together
Docker & Apcera Better Together
Simone Morellato
 
Microservices: Notes From The Field
Microservices: Notes From The FieldMicroservices: Notes From The Field
Microservices: Notes From The Field
Apcera
 
Securing your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory EnterpriseSecuring your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory Enterprise
DevOps.com
 
NetflixOSS: The Netflix Way
NetflixOSS: The Netflix WayNetflixOSS: The Netflix Way
NetflixOSS: The Netflix Way
Diego Pacheco
 
Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool
sangam biradar
 
Kubernetes security
Kubernetes securityKubernetes security
Kubernetes security
Thomas Fricke
 
Microservices reativos usando a stack do Netflix na AWS
Microservices reativos usando a stack do Netflix na AWSMicroservices reativos usando a stack do Netflix na AWS
Microservices reativos usando a stack do Netflix na AWS
Diego Pacheco
 

Recommended

Apcera: Agility and Security in Docker Delivery
Apcera: Agility and Security in Docker DeliveryApcera: Agility and Security in Docker Delivery
Apcera: Agility and Security in Docker Delivery
Apcera
 
Docker & Apcera Better Together
Docker & Apcera Better TogetherDocker & Apcera Better Together
Docker & Apcera Better Together
Simone Morellato
 
Microservices: Notes From The Field
Microservices: Notes From The FieldMicroservices: Notes From The Field
Microservices: Notes From The Field
Apcera
 
Securing your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory EnterpriseSecuring your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory Enterprise
DevOps.com
 
NetflixOSS: The Netflix Way
NetflixOSS: The Netflix WayNetflixOSS: The Netflix Way
NetflixOSS: The Netflix Way
Diego Pacheco
 
Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool
sangam biradar
 
Kubernetes security
Kubernetes securityKubernetes security
Kubernetes security
Thomas Fricke
 
Microservices reativos usando a stack do Netflix na AWS
Microservices reativos usando a stack do Netflix na AWSMicroservices reativos usando a stack do Netflix na AWS
Microservices reativos usando a stack do Netflix na AWS
Diego Pacheco
 
Docker
DockerDocker
Docker
Diego Pacheco
 
Security threats with Kubernetes - Igor Khoroshchenko
Security threats with Kubernetes - Igor Khoroshchenko Security threats with Kubernetes - Igor Khoroshchenko
Security threats with Kubernetes - Igor Khoroshchenko
Kuberton
 
Modern Container Orchestration (Without Breaking the Bank)
Modern Container Orchestration (Without Breaking the Bank)Modern Container Orchestration (Without Breaking the Bank)
Modern Container Orchestration (Without Breaking the Bank)
All Things Open
 
Open faas and linkerd
Open faas and linkerdOpen faas and linkerd
Open faas and linkerd
Keiran Smith
 
Best Practices to Secure Your Kubernetes Cluster
Best Practices to Secure Your Kubernetes ClusterBest Practices to Secure Your Kubernetes Cluster
Best Practices to Secure Your Kubernetes Cluster
Stefano Tempesta
 
VOID19 The Power Of Community
VOID19 The Power Of CommunityVOID19 The Power Of Community
VOID19 The Power Of Community
Vietnam Open Infrastructure User Group
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the Cloud
Amazon Web Services
 
Docker echosystemtelaviv
Docker echosystemtelavivDocker echosystemtelaviv
Docker echosystemtelaviv
Pini Reznik
 
XCloudLabs- AWS Overview
XCloudLabs- AWS Overview XCloudLabs- AWS Overview
XCloudLabs- AWS Overview
sangam biradar
 
Introduction to Cloudify for OpenStack users
Introduction to Cloudify for OpenStack users Introduction to Cloudify for OpenStack users
Introduction to Cloudify for OpenStack users
Nati Shalom
 
Serverless security for multi cloud workloads
Serverless security for multi cloud workloadsServerless security for multi cloud workloads
Serverless security for multi cloud workloads
Runcy Oommen
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
Amazon Web Services
 
DevOps, Microservices, and Azure Container Service
DevOps, Microservices, and Azure Container ServiceDevOps, Microservices, and Azure Container Service
DevOps, Microservices, and Azure Container Service
David Tesar
 
Zombies in Kubernetes
Zombies in KubernetesZombies in Kubernetes
Zombies in Kubernetes
Thomas Fricke
 
Implementing Infrastructure as Code ConfigMgtCamp 2017
Implementing Infrastructure as Code ConfigMgtCamp 2017Implementing Infrastructure as Code ConfigMgtCamp 2017
Implementing Infrastructure as Code ConfigMgtCamp 2017
Kief Morris
 
20170831 - Greg Palmier: Terraform & AWS at Tempus
20170831 - Greg Palmier: Terraform & AWS at Tempus20170831 - Greg Palmier: Terraform & AWS at Tempus
20170831 - Greg Palmier: Terraform & AWS at Tempus
DevOps Chicago
 
Running Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using KubernetesRunning Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using Kubernetes
Jorge Arteiro
 
Containerization with Azure
Containerization with AzureContainerization with Azure
Containerization with Azure
Pranav Ainavolu
 
Spring ing apps on amazon web services
Spring ing apps on amazon web servicesSpring ing apps on amazon web services
Spring ing apps on amazon web services
Vinay Shivaswamy
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
Amazon Web Services
 
UniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtimeUniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtime
Lee Calcote
 
Kubernetes for Java Developers
Kubernetes for Java DevelopersKubernetes for Java Developers
Kubernetes for Java Developers
Anthony Dahanne
 

More Related Content

What's hot

Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the Cloud
Amazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
Amazon Web Services
 

What's hot (20)

Docker
DockerDocker
Docker
 
Security threats with Kubernetes - Igor Khoroshchenko
Security threats with Kubernetes - Igor Khoroshchenko Security threats with Kubernetes - Igor Khoroshchenko
Security threats with Kubernetes - Igor Khoroshchenko
 
Modern Container Orchestration (Without Breaking the Bank)
Modern Container Orchestration (Without Breaking the Bank)Modern Container Orchestration (Without Breaking the Bank)
Modern Container Orchestration (Without Breaking the Bank)
 
Open faas and linkerd
Open faas and linkerdOpen faas and linkerd
Open faas and linkerd
 
Best Practices to Secure Your Kubernetes Cluster
Best Practices to Secure Your Kubernetes ClusterBest Practices to Secure Your Kubernetes Cluster
Best Practices to Secure Your Kubernetes Cluster
 
VOID19 The Power Of Community
VOID19 The Power Of CommunityVOID19 The Power Of Community
VOID19 The Power Of Community
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the Cloud
 
Docker echosystemtelaviv
Docker echosystemtelavivDocker echosystemtelaviv
Docker echosystemtelaviv
 
XCloudLabs- AWS Overview
XCloudLabs- AWS Overview XCloudLabs- AWS Overview
XCloudLabs- AWS Overview
 
Introduction to Cloudify for OpenStack users
Introduction to Cloudify for OpenStack users Introduction to Cloudify for OpenStack users
Introduction to Cloudify for OpenStack users
 
Serverless security for multi cloud workloads
Serverless security for multi cloud workloadsServerless security for multi cloud workloads
Serverless security for multi cloud workloads
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
 
DevOps, Microservices, and Azure Container Service
DevOps, Microservices, and Azure Container ServiceDevOps, Microservices, and Azure Container Service
DevOps, Microservices, and Azure Container Service
 
Zombies in Kubernetes
Zombies in KubernetesZombies in Kubernetes
Zombies in Kubernetes
 
Implementing Infrastructure as Code ConfigMgtCamp 2017
Implementing Infrastructure as Code ConfigMgtCamp 2017Implementing Infrastructure as Code ConfigMgtCamp 2017
Implementing Infrastructure as Code ConfigMgtCamp 2017
 
20170831 - Greg Palmier: Terraform & AWS at Tempus
20170831 - Greg Palmier: Terraform & AWS at Tempus20170831 - Greg Palmier: Terraform & AWS at Tempus
20170831 - Greg Palmier: Terraform & AWS at Tempus
 
Running Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using KubernetesRunning Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using Kubernetes
 
Containerization with Azure
Containerization with AzureContainerization with Azure
Containerization with Azure
 
Spring ing apps on amazon web services
Spring ing apps on amazon web servicesSpring ing apps on amazon web services
Spring ing apps on amazon web services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 

Similar to Docker + App Container = ocp

Application Deployment on Openstack
Application Deployment on OpenstackApplication Deployment on Openstack
Application Deployment on Openstack
Docker, Inc.
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
kanedafromparis
 

Similar to Docker + App Container = ocp (20)

UniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtimeUniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtime
 
Kubernetes for Java Developers
Kubernetes for Java DevelopersKubernetes for Java Developers
Kubernetes for Java Developers
 
Cloud Native Landscape (CNCF and OCI)
Cloud Native Landscape (CNCF and OCI)Cloud Native Landscape (CNCF and OCI)
Cloud Native Landscape (CNCF and OCI)
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
 
Application Deployment on Openstack
Application Deployment on OpenstackApplication Deployment on Openstack
Application Deployment on Openstack
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
 
Shipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOSShipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOS
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
 
Docker Overview - Rise of the Containers
Docker Overview - Rise of the ContainersDocker Overview - Rise of the Containers
Docker Overview - Rise of the Containers
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
 
Docker for dev
Docker for devDocker for dev
Docker for dev
 
Docker and java
Docker and javaDocker and java
Docker and java
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
 
8 good reasons to learn docker
8 good reasons to learn docker8 good reasons to learn docker
8 good reasons to learn docker
 
Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
 

More from Apcera

Gopher fest 2017: Adding Context To NATS
Gopher fest 2017: Adding Context To NATSGopher fest 2017: Adding Context To NATS
Gopher fest 2017: Adding Context To NATS
Apcera
 
How Clarifai uses NATS and Kubernetes for Machine Learning
How Clarifai uses NATS and Kubernetes for Machine LearningHow Clarifai uses NATS and Kubernetes for Machine Learning
How Clarifai uses NATS and Kubernetes for Machine Learning
Apcera
 
The Zen of High Performance Messaging with NATS
The Zen of High Performance Messaging with NATSThe Zen of High Performance Messaging with NATS
The Zen of High Performance Messaging with NATS
Apcera
 
NATS: A Central Nervous System for IoT Messaging - Larry McQueary
NATS: A Central Nervous System for IoT Messaging - Larry McQuearyNATS: A Central Nervous System for IoT Messaging - Larry McQueary
NATS: A Central Nervous System for IoT Messaging - Larry McQueary
Apcera
 

More from Apcera (20)

Gopher fest 2017: Adding Context To NATS
Gopher fest 2017: Adding Context To NATSGopher fest 2017: Adding Context To NATS
Gopher fest 2017: Adding Context To NATS
 
How Clarifai uses NATS and Kubernetes for Machine Learning
How Clarifai uses NATS and Kubernetes for Machine LearningHow Clarifai uses NATS and Kubernetes for Machine Learning
How Clarifai uses NATS and Kubernetes for Machine Learning
 
Modernizing IT in the Platform Era
Modernizing IT in the Platform EraModernizing IT in the Platform Era
Modernizing IT in the Platform Era
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network Issues
 
IT Modernization Doesn’t Mean You Leave Your Legacy Apps Behind
IT Modernization Doesn’t Mean You Leave Your Legacy Apps BehindIT Modernization Doesn’t Mean You Leave Your Legacy Apps Behind
IT Modernization Doesn’t Mean You Leave Your Legacy Apps Behind
 
How Greta uses NATS to revolutionize data distribution on the Internet
How Greta uses NATS to revolutionize data distribution on the InternetHow Greta uses NATS to revolutionize data distribution on the Internet
How Greta uses NATS to revolutionize data distribution on the Internet
 
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and SwarmSimple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
 
The Zen of High Performance Messaging with NATS
The Zen of High Performance Messaging with NATSThe Zen of High Performance Messaging with NATS
The Zen of High Performance Messaging with NATS
 
Implementing Microservices with NATS
Implementing Microservices with NATSImplementing Microservices with NATS
Implementing Microservices with NATS
 
NATS for Modern Messaging and Microservices
NATS for Modern Messaging and MicroservicesNATS for Modern Messaging and Microservices
NATS for Modern Messaging and Microservices
 
Actor Patterns and NATS - Boulder Meetup
Actor Patterns and NATS - Boulder MeetupActor Patterns and NATS - Boulder Meetup
Actor Patterns and NATS - Boulder Meetup
 
NATS Connector Framework - Boulder Meetup
NATS Connector Framework - Boulder MeetupNATS Connector Framework - Boulder Meetup
NATS Connector Framework - Boulder Meetup
 
Simple Solutions for Complex Problems - Boulder Meetup
Simple Solutions for Complex Problems - Boulder MeetupSimple Solutions for Complex Problems - Boulder Meetup
Simple Solutions for Complex Problems - Boulder Meetup
 
Patterns for Asynchronous Microservices with NATS
Patterns for Asynchronous Microservices with NATSPatterns for Asynchronous Microservices with NATS
Patterns for Asynchronous Microservices with NATS
 
NATS vs HTTP
NATS vs HTTPNATS vs HTTP
NATS vs HTTP
 
Micro on NATS - Microservices with Messaging
Micro on NATS - Microservices with MessagingMicro on NATS - Microservices with Messaging
Micro on NATS - Microservices with Messaging
 
NATS: A Central Nervous System for IoT Messaging - Larry McQueary
NATS: A Central Nervous System for IoT Messaging - Larry McQuearyNATS: A Central Nervous System for IoT Messaging - Larry McQueary
NATS: A Central Nervous System for IoT Messaging - Larry McQueary
 
Securing the Cloud Native Stack
Securing the Cloud Native StackSecuring the Cloud Native Stack
Securing the Cloud Native Stack
 
Simple Solutions for Complex Problems
Simple Solutions for Complex Problems Simple Solutions for Complex Problems
Simple Solutions for Complex Problems
 
How to Migrate to Cloud with Complete Confidence and Trust
How to Migrate to Cloud with Complete Confidence and TrustHow to Migrate to Cloud with Complete Confidence and Trust
How to Migrate to Cloud with Complete Confidence and Trust
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Recently uploaded (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 

Docker + App Container = ocp

  • 1. Docker + App Container -> OCP 23 June 2015 Alex Toombs Software Engineer, Apcera
  • 2. Who am I? @ Apcera > 2 years Platform Lead Deployment, packaging, auditability Not only microservice-based apps: legacy stacks, too (...but not the focus today)
  • 3. About Apcera Develop a platform for enterprises to manage applications & services Golang users! (>90% Go code in our main repo, since ~ August 2012) Wrote our own container implementation (using common techs like cgroups, namespaces) Digest Docker/ACI/whatever images to run (polyglot stacks welcome)
  • 4.
  • 7. Docker vs CoreOS By Evrik and Mets501 [Public domain], via Wikimedia Commons
  • 8. Docker vs CoreOS Just kidding! We're all friends now
  • 9. Original title: killed by shykes! Awesome announcement yesterday: OCP! Open Container Project (under the Linux Foundation) First reference implementation: runC Apcera's down with OCP! Lots of big backers (Docker, Amazon, Google, Microsoft, CoreOS, etc.)
  • 11. Docker: past History: dotCloud's Docker project started in ~ early 2013 dotCloud has been around ~8 years; struck a chord with Docker Docker: quickly became synonymous with containers
  • 12. Docker: past docker/dockerrepo, v0.1.0: https://github.com/docker/docker/releases/tag/v0.1.0 March 23, 2013 527 commits dotCloud -> Docker LXC (Linux Containers)
  • 13. Docker: past docker/dockerrepo, v0.9.0: https://github.com/docker/docker/releases/tag/v0.9.0 March 10, 2014 6739 commits "Add the pure Go libcontainer library to make it possible to run containers..." "Add native exec driver which uses libcontainer and make it the default exec driver." LXC -> libcontainer
  • 14. Docker: present 500,000,000 containers downloaded (according to Dockercon) 16,339 commits (post-lunch, today) Many products: Engine, Compose, Swarm, Machine, Notary, etc. Plugins are powerful OCP! (more later)
  • 15. Docker: future Microkernels (just kidding) Heavy focus on trust around containers (big criticism; tarsums, signatures, etc) Support more platforms (e.g. Microsoft, for Windows Server) libcontainer -> runC?
  • 16. appc
  • 17. appc: origins CoreOS started appc project to define a spec for containers Trust at the core; use common tools like pgp/tar/shasum for image verification/portability Independent from CoreOS, maintained by 6 people (up until recently!) rkt: reference implementation
  • 19. appc: pieces App Container Image: what image is run App Container Image Discovery: how to find images App Container Pod: what a deployable, executable unit is App Container Executor: how pods are executed
  • 20. appc + Apcera: Kurma Apcera question: what to do with container runtimes? libcontainer vs rkt vs our own tech vs something else... Spec was attractive; well-defined interface DNS discovery protocol: awesome! Decentralized distribution vs centralized registry
  • 21. Future: Open Container Project (OCP)
  • 23. OCP Reference implementation: https://github.com/opencontainers/runc Heavily libcontainer flavored No image spec yet (adopting from appc?) Highly in flux! (just over a day old, publicly) Spec: emphasis on "working code" for moving spec forward
  • 24. OCP: open questions Image spec: what will that look like? (ACI, we hope) Registry v2: pertains to above Future of rkt Future of libcontainer Security scanning of images (mentioned briefly yesterday)
  • 25. OCP + Apcera: ? Committed to improving the spec Provide feedback/PRs Very interested in image verification (notary is cool, but independent) Policy for allowed sets of keys, maybe? Doesn't replace Docker; Docker has the distribution down
  • 26. Thank you 23 June 2015 Alex Toombs Software Engineer, Apcera alex@apcera.com(mailto:alex@apcera.com) @alextoombs(http://twitter.com/alextoombs) See you at Gophercon!