Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan

•Als PPTX, PDF herunterladen•

4 gefällt mir•4,689 views

Overview; What is libnetwork New features in 1.12 Deep Dive; Multihost networking Secure Control Plane Secure Data plane Service Discovery Native Loadbalacing Routing Mesh

Technologie

Docker for Ops: Docker Networking
Deep Dive
Madhu Venugopal
Jana Radhakrishnan

Overview
What is libnetwork
New features in 1.12
Agenda
Deep Dive
Multihost networking
Secure Control Plane
Secure Data plane
Service Discovery
Native Loadbalacing
Routing Mesh
Finish
Demo
Q&A

It is not just a driver interface
• Docker networking fabric
• Defines Container Networking Model
• Provides builtin IP address management
• Provides native multi-host networking
• Provides native Service Discovery and Load Balancing
• Allows for extensions by the ecosystem
What is libnetwork?

New features in 1.12 swarm mode
CNM
Routing
Mesh
Multi-host
Networking
without external
k/v store
Service
Discovery
Secure
Data-Plane
Secure
Control-Plane
Load
Balancing
• Cluster aware
• De-centralized control
plane
• Highly scalable

Macvlan driver
• Out of experimental
• Integrates with Underlay
• Place containers in your
existing vlans

MacVlan
# Create a macvlan network
$ docker network create -d macvlan
--subnet=192.168.0.0/16
—-ip-range=192.168.41.0/24
--aux-address="favorite_ip_ever=192.168.41.2"
--gateway=192.168.41.1
-o parent=eth0.41 macnet41
# First address is the specified gateway, second is aux
$ docker run --net=macnet41 -it --rm alpine /bin/sh

Multi-host networking
Manager
Network
Create
Orchestrator
Allocator
Scheduler
Dispatcher
Service
Create
Task
Create
Task
Dispatch
Task
Dispatch
Gossip
Worker1 Worker2
Engine
Libnetwork
Engine
Libnetwork
• The VXLAN based data path
remains unchanged
• No external key-value store
necessary
• Central resource allocation
• Improved performance
• Highly scalable

• Gossip based protocol
• Network scoped
• Fast convergence
• Secure by default
• periodic key rotations
• swarm native key-exchange
• Highly scalable
Network control plane Cluster Scope Gossip
W1
W2
W3
W1
W5
W4
Network Scope Gossip
Network Scope Gossip

• Available as an option during
overlay network creation
• Uses kernel IPSec modules
• On-demand tunnel setup
• Swarm native key-exchange
• Periodic key rotations
• Highly performant
Secure dataplane
Worker1
Worker2
Worker3
secure
network
secure
network
IPSec Tunnel
IPSec Tunnel
IPSec Tunnel
secure
network
secure
network
non-
secure
network
non-
secure
network
Open UDP traffic

• Provided by embedded DNS
• Highly available
• Uses Network Control Plane to learn state
• Can be used to discover both tasks and
services
Service Discovery
engine
DNS Server
DNS Resolver DNS Resolver
DNS requests

• Provided by embedded DNS
• Highly available
• Uses Network Control Plane to learn state
• Can be used to discover both tasks and
services
• Minimal Overhead because of CNM
• Can use DNS RR instead as an option
Internal Load balancer Task1
Service
A
Task2
Service
A Task3
Service
A
Client1 Client2
VIP LB VIP LB

• Builtin routing mesh for edge routing
• Worker nodes themselves participate in
ingress routing mesh
• All worker nodes accept connection
requests on PublishedPort
• Port translation happens at the worker
node
• Same internal load balancing mechanism
used to load balance external requests
Routing mesh
External
Loadbalancer
(optional)
Task1
ServiceA Task1
ServiceA
Task1
ServiceA
Worker1 Worker2
Ingress Network
8080 8080
VIP LB VIP LB
8080->80 8080->80

Weitere ähnliche Inhalte

Was ist angesagt?

Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...

Docker, Inc.

In this talk, we will provide a 10,000-ft. overview of the key concepts, architectures, and common deployment scenarios for stateful services. We will cover the Docker volumes and available storage options in the community including ClusterHQ’s Flocker volume manager. After getting the lay of the land, we'll see these concepts in action. Starting by deploying a database container on a single node with UCP, Flocker and VolumeHub. Then, using the features of Docker Swarm and Flocker, we will then allow Swarm to automatically reschedule the stateful service along with Flocker moving its volume when the node fails giving us a HA containerized database.

DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...

ClusterHQ

1&1, Europe’s largest web hosting company, has been automatically deploying and managing multi-tenant server environments for 20 years. These servers support millions of active websites and services around the world. Historically software stacks were pre-installed using estimates of what was considered good, taking a ‘one size fits all’ approach. I am going to show how we are now combining Git, Gitlab, Openshift and Docker to revolutionise our approach to large scale hosting, providing greater power and flexibility without increasing support overhead. This includes showing: · Transforming the legacy multi-tenant LAMP environment into many single-tenant Docker projects · Managing thousands of projects on behalf of tenants · Gitlab CI for testing Docker containers · Testing container interactions and upgrade cycle

Application Deployment and Management at Scale with 1&1 by Matt Baldwin

Docker, Inc.

Docker and microservices architecture have taken the software community by storm. Containerizing stateless applications is a no-brainer, but how about performance-sensitive stateful apps like databases and Hadoop? Must you compromise on performance and predictability for the love of containers? In this session we will discuss how the full-application-stack-containerization is not only possible, there are actually lots of advantages to it. We will also talk about how to build a pure-container infrastructure platform that can help containerize both your stateless and stateful apps, deliver guaranteed app-to-spindle performance, and bring agile DevOps practices to data.

Containers: Life Beyond Microservices? by Sushil Kumar, Robin Systems

Docker, Inc.

Docker for Ops: Docker Storage and Volumes Deep Dive and Considerations by Br...

Docker, Inc.

Mobycraft is a Minecraft client-side mod to manage and visualize Docker containers in Minecraft. This mod can be installed in any standard Minecraft client and allow young kids to learn Docker fundamentals in a fun way. It allowed a 13-year old boy to apply his Minecraft modding skills to pick up Docker concepts such as Engine, Machine, Swarm, and Remote API. This project became a great bonding experience between a father and a son. It allowed them to engage in fun and geeky conversations, such as code reviews and tooling discussion, and thereby building memories for a lifetime.

Mobycraft - Docker in 8-bit by Aditya Gupta

Docker, Inc.

JEEconf 2017

Ihor Kolodyuk

Break -> inspect -> fix is the Ops workflow for infrastructure stacks of the past. Distributed infrastructure and applications claim to be the new generation, but why is it so much more painful to maintain and troubleshoot them? Much of the pain comes from outdated operational models relying on reactive or, worse yet, manual monitoring and Ops. This talk lays out a proactive Ops model for container infrastructure. By focusing on event monitoring, infrastructure state monitoring, trend analysis, and distributed log collection, a proactive Ops model delivers observability for distributed apps that was not possible before. Using real-world examples from Swarm and Kubernetes, we'll demonstrate the tools used and how we relieve Ops pain in container orchestration.

Proactive ops for container orchestration environments

Docker, Inc.

Monitoring docker container and dockerized applications

Ananth Padmanabhan

Avishay Traeger & Shimshon Zimmerman, Stratoscale - Deploying OpenStack Cinde...

Cloud Native Day Tel Aviv

Wido den hollander cloud stack and ceph

ShapeBlue

Outside The Wire

Salo Shp

Container Orchestration with Docker Swarm and Kubernetes

Will Hall

Introducing LinuxKit

Docker, Inc.

Stateful set in kubernetes implementation & usecases

Krishna-Kumar

On Prem Container Cloud - Lessons Learned

CodeOps Technologies LLP

The talk gives a state of the art update of experiences with deploying applications in Kubernetes on scale. If in clouds or on premises, Kubernetes took over the leading role as a container operating system. The central paradigm of stateless containers connected to storage and services is the core of Kubernetes. However, it can be extended to distributed databases, Machine Learning, Windows VMs in Kubernetes. All these applications have been considered as edge cases a few years ago, however, are going more and more mainstream today.

OSDC 2018 | Three years running containers with Kubernetes in Production by T...

NETWAYS

Container technology is being used to answer some of the biggest questions in science today - what is the Universe made of? How has it evolved over time? Scientists use vast quantities of data to study these questions, and analyzing this data requires Big Data solutions on high performance computing resources. In this talk we discuss why containers are being deployed on the Cori supercomputer at NERSC (the National Energy Research Scientific Computing center) to answer fundamental scientific questions. We will give examples of the use of Docker in simulating complex physical processes and analyzing experimental data in fields as diverse as particle physics, cosmology, astronomy, genomics and material science. We will demonstrate how container technology is being used to facilitate access to scientific computing resources by scientists from around the globe. Finally, we will discuss how container technology has the potential to revolutionize scientific publishing, and could solve the problem of scientific reproducibility.

Using Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard

Docker, Inc.

Monitoring Docker containers - Docker NYC Feb 2015

Datadog

Docker focuses on simplicity. In this session we will here how, Zeph, a 10 year old boy went from asking his dad a simple question, to deploying Docker containers to help search for a cancer cure and to build worlds. We’ll hear how the simplicity of Docker inspired him to learn more, and now as an 11 year old, he has moved on to programming his own containerized applications to process vital data streams from public APIs.

So Easy, A Ten Year Old Can Do It by Zeph Gardler

Docker, Inc.

Was ist angesagt? (20)

Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...

DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...

Application Deployment and Management at Scale with 1&1 by Matt Baldwin

Containers: Life Beyond Microservices? by Sushil Kumar, Robin Systems

Docker for Ops: Docker Storage and Volumes Deep Dive and Considerations by Br...

Mobycraft - Docker in 8-bit by Aditya Gupta

JEEconf 2017

Proactive ops for container orchestration environments

Monitoring docker container and dockerized applications

Avishay Traeger & Shimshon Zimmerman, Stratoscale - Deploying OpenStack Cinde...

Wido den hollander cloud stack and ceph

Outside The Wire

Container Orchestration with Docker Swarm and Kubernetes

Introducing LinuxKit

Stateful set in kubernetes implementation & usecases

On Prem Container Cloud - Lessons Learned

OSDC 2018 | Three years running containers with Kubernetes in Production by T...

Using Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard

Monitoring Docker containers - Docker NYC Feb 2015

So Easy, A Ten Year Old Can Do It by Zeph Gardler

Ähnlich wie Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan

DockerCon US 2016 - Docker Networking deep dive

Madhu Venugopal

Starting with Docker 1.12, Docker has added features to the core Docker Engine to make multi-host and multi-container orchestration extremely simple to use and accessible to everyone. Docker 1.12 Networking plays a key role in enabling these orchestration features. In this online meetup, we learned all the new and exciting networking features introduced in Docker 1.12: Swarm-mode networking Routing Mesh Ingress and Internal Load-Balancing Service Discovery Encrypted Network Control-Plane and Data-Plane Multi-host networking without external KV-Store MACVLAN Driver

Docker Networking Deep Dive

Docker, Inc.

Docker 1.12 networking deep dive

Madhu Venugopal

lthough containers are bringing a refreshing flexibility when deploying services in production, the management of those containers in such an environment still requires special care in order to keep the application up and running. In this regard, orchestration platforms like Docker, Kubernetes and Nomad have been trying to alleviate this responsibility, facilitating the task of deploying and maintaining the entire application stack in its desired state. This ensures that a service will be always running, tolerating machine failures, network erratic behavior or software updates and downtime. The purpose of this talk is to explain the mechanisms and architecture of the Docker Engine orchestration platform (using a framework called swarmkit) to tolerate failures of services and machines, from cluster state replication and leader-election to container re-scheduling logic when a host goes down.

Orchestrating Linux Containers while tolerating failures

Docker, Inc.

Optimising nfv service chains on open stack using docker

Rahul Krishna Upadhyaya

Optimising nfv service chains on open stack using docker

Ananth Padmanabhan

Optimising nfv service chains on open stack using docker

Satya Sanjibani Routray

Docker Networking : 0 to 60mph slides

Docker, Inc.

DCUS17 : Docker networking deep dive

Madhu Venugopal

Neutron Done the SDN Way Dragonflow is an open source distributed control plane implementation of Neutron which is an integral part of OpenStack. Dragonflow introduces innovative solutions and features to implement networking and distributed network services in a manner that is both lightweight and simple to extend, yet targeted towards performance-intensive and latency-sensitive applications. Dragonflow aims at solving the performance

Dragonflow Austin Summit Talk

Eran Gampel

1. How to integrate OpenStack environment to our existing infrastructure. 2. How to efficiently interconnect the SAE & SWS, while preserving security properties and seamless connection. 3. The challenges we are facing when building & providing OpenStack-based public cloud service and how we solved it. http://openstackconferencespring2012.sched.org/event/370f9d74a4e9e938a7f6f1e2af0958fe?iframe=yes&w=990&sidebar=no&bg=no#?iframe=yes&w=990&sidebar=no&bg=no#sched-body-outer

Integrating OpenStack To Existing Infrastructure

Hui Cheng

Building a sdn solution for the deployment of web application stacks in docker

Jorge Juan Mendoza

On-demand webinar recording: http://bit.ly/2mRjk2g Docker and other container technologies continue to gain in popularity. We recently surveyed the broad community of NGINX and NGINX Plus users and found that two-thirds of organizations are either investigating containers, using them in development, or using them in production. Why? Because abstracting your applications from the underlying infrastructure makes developing, distributing, and running software simpler, faster, and more robust than ever before. But when you move from running your app in a development environment to deploying containers in production, you face new challenges – such as how to effectively run and scale an application across multiple hosts with the performance and uptime that your customers demand. The latest Docker release, 1.12, supports multihost container orchestration, which simplifies deployment and management of containers across a cluster of Docker hosts. In a complex environment like this, load balancing plays an essential part in delivering your container-based application with reliability and high performance. Join us in this webinar to learn: * The basic built-in load balancing options available in Docker Swarm Mode * The pros and cons of moving to an advanced load balancer like NGINX * How to integrate NGINX and NGINX Plus with Swarm Mode to provide an advanced load-balancing solution for a cluster with orchestration * How to scale your Docker-based application with Swarm Mode and NGINX Plus

Load Balancing Apps in Docker Swarm with NGINX

NGINX, Inc.

AstriCon 2017 - Docker Swarm & Asterisk

Evan McGee

OVS and DPDK - T.F. Herbert, K. Traynor, M. Gray

harryvanhaaren

Docker Swarm and Traefik 2.0

Jakub Hajek

Scalable networking in Apache CloudStack

Chiradeep Vittal

In recent releases, Apache CloudStack has been evolving towards richer support for Software Defined Networking (SDN) solutions. In ACS 4.18, we introduced integration with Tungsten Fabric SDN, which opened ACS to several long-awaited features such as overlay networks, BGP, MPLS and other sophisticated networking capabilities. We now are working towards integrating VMWare NSX 4 with CloudStack, which will enable agile software-defined infrastructure for building cloud-native micro-segmented application environments on VMWare using CloudStack. In this talk, Pearl and Alex delve into the expansion of ACS’s SDN ecosystem with the integration of VMWare NSX 4, thus enabling operators to make informed decisions regarding the right SDN platform for their CloudStack deployment. They also look into what it takes to create a new network provider in CloudStack. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...

ShapeBlue

Cloud stack overview

howie YU

MCSA 70-412 Chapter 09

Computer Networking

Ähnlich wie Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan (20)

DockerCon US 2016 - Docker Networking deep dive

Docker Networking Deep Dive

Docker 1.12 networking deep dive

Orchestrating Linux Containers while tolerating failures

Optimising nfv service chains on open stack using docker

Docker Networking : 0 to 60mph slides

DCUS17 : Docker networking deep dive

Dragonflow Austin Summit Talk

Integrating OpenStack To Existing Infrastructure

Building a sdn solution for the deployment of web application stacks in docker

Load Balancing Apps in Docker Swarm with NGINX

AstriCon 2017 - Docker Swarm & Asterisk

OVS and DPDK - T.F. Herbert, K. Traynor, M. Gray

Docker Swarm and Traefik 2.0

Scalable networking in Apache CloudStack

Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...

Cloud stack overview

MCSA 70-412 Chapter 09

Mehr von Docker, Inc.

Raymond Arifianto, AccelByte and Mark Mandel, Google - We have been deploying containerized micro-services for our Game Backend Services for a while. Now we are tackling the challenge to scale up fleets of game dedicated servers in multiple regions, multiple data centers and multiple providers - some in bare metal, some in Cloud. So we leverage docker containerization to deploy Game Servers to achieve Portability, Fast Deployment and Predictability, enabling us to scale up to thousands of servers, on demand, without a sweat.

Containerize Your Game Server for the Best Multiplayer Experience

Docker, Inc.

Nicholas Dille, Haufe-Lexware + Docker Captain - Docker continues to be the standard tool for building container images. For more than a year Docker ships with BuildKit as an alternative image builder, providing advanced features for secret and cache management. These features help to make image builds faster and more secure. In this session, Docker Captain Nicholas Dille will teach you how to use Buildkit features to your advantage.

How to Improve Your Image Builds Using Advance Docker Build

Docker, Inc.

Lukonde Mwila, Entelect - As the cloud-native approach to development and deployment becomes more prevalent, it's an exciting time for software engineers to be equipped on how to dockerize multi-container applications and deploy them to the cloud. In this talk, Lukonde Mwila, Software Engineer at Entelect, will cover the following topics: - Docker Compose - Containerizing an Nginx Server - Containerizing an React App - Containerizing an Node.JS App - Containerizing anMongoDB App - Runing Multi-Container App Locally - Creating a CI/CD Pipeline - Adding a build stage to test containers and push images to Docker Hub - Deploying Multi-Container App to AWS Elastic Beanstalk Lukonde will start by giving an overview of how Docker Compose works and how it makes it very easy and straightforward to startup multiple Docker containers at the same time and automatically connect them together with some form of networking. After that, Lukonde will take a hands on approach to containerize an Nginx server, a React app, a NodeJS app and a MongoDB instance to demonstrate the power of Docker Compose. He'll demonstrate usage of two Docker files for an application, one production grade and the other for local development and running of tests. Lastly, he'll demonstrate creating a CI/CD pipeline in AWS to build and test our Docker images before pushing them to Docker Hub or AWS ECR, and finally deploying our multi-container application AWS Elastic Beanstalk.

Build & Deploy Multi-Container Applications to AWS

Docker, Inc.

Kevin Jones, NGNIX - NGINX is one of the most popular images on Docker Hub and has been at the forefront of the web since the early 2000's. In this talk we will discuss how and why NGINX's lightweight and powerful architecture makes it a very popular choice for securing containerized applications as a sidecar reverse proxy within containers. We will highlight important aspects of application security that NGINX can help with, such as TLS, HTTP, AuthN, AuthZ and traffic control.

Securing Your Containerized Applications with NGINX

Docker, Inc.

Kathleen Juell, Digital Ocean - Containers are an essential part of today's microservice ecosystem, as they allow developers and operators to maintain standards of reliability and reproducibility in fast-paced deployment scenarios. And while there are best practices that extend across stacks in containerized environments, there are also things that make each stack distinct, starting with the application image itself. This talk will dive into some of these particularities, both at the image and service level, while also covering general best practices for building and running Node applications with database backends using Docker and Compose.

How To Build and Run Node Apps with Docker and Compose

Docker, Inc.

Hands-on Helm

Docker, Inc.

Jeff Hajewski, Salesforce - There is a wealth of information on building deep learning models with PyTorch or TensorFlow. Anyone interested in building a deep learning model is only a quick search away from a number of clear and well written tutorials that will take them from zero knowledge to having a working image classifier. But what happens when you need to deploy these models in a production setting? At Salesforce, we use TensorFlow models to help us provide customers with insights into their data, and we do this as close to real-time as possible. Designing these systems in a scalable manner requires overcoming a number of design challenges, but the core component is Docker. Docker enables us to design highly scalable systems by allowing us to focus on service interactions, rather than how our services will interact with the hardware. Docker is also at the core of our test infrastructure, allowing developers and data scientists to build and test the system in an end to end manner on their local machines. While some of this may sound complex, the core message is simplicity - Docker allows us to focus on the aspects of the system that matter, greatly simplifying our lives.

Distributed Deep Learning with Docker at Salesforce

Docker, Inc.

James Fuller, webcomposite s.r.o. - Curl is the venerable (yet very modern) 'swiss army knife' command line tool and library for transferring data with URLs. Recently we (the Curl team) decided to build a release for Docker Hub. This talk will outline our current development workflow with respect to the docker image and provide insights on what it takes to build a docker image for mass public consumption. We are also keen to learn from users and other developers how we might improve and enhance the official curl docker image.

The First 10M Pulls: Building The Official Curl Image for Docker Hub

Docker, Inc.

Fabian Stäber, Instana - In recent years, we saw a great paradigm shift in software engineering away from static monolithic applications towards dynamic distributed horizontally scalable architectures. Docker is one of the key technologies enabling this development. This shift poses a lot of new challenges for application monitoring, ranging from practical issues (need for automation) to technical challenges (Docker networking) to organizational topics (blurring line between software engineers and operations) to fundamental questions (define what is an application). In this talk we show how Docker changed the way we do monitoring, how modern application monitoring systems work, and what future developments we expect.

Monitoring in a Microservices World

Docker, Inc.

Clemente Biondo, Engineering Ingegneria Informatica - When the COVID 19 pandemic started, Engineering Ingegneria Informatica Group (1.25 billion euros of revenues, 65 offices around the world, 12.000 employees) was forced to put their digital transformation to the test in order to maintain operational continuity. In this session, Clemente Biondo, the Tech Lead of the Information Systems Department, will share how his company is reacting to this unforeseeable scenario and how Docker-driven digital transformation had paved the path for work to continue remotely. Clemente will discuss learnings moving from colocated teams, manual approaches, email based-business processes, and a monolithic application to a mature DevOps culture characterized by a distributed autonomous workforce and a continuous deployment process that deploys backward-compatible Docker containerized microservices into hybrid multi cloud datacenters an average of twice a day with zero-downtime. He will detail how they use Docker to unify dev, test and production environments, and as an efficient and automated mechanism for deploying applications. Lastly, Clemente shares how, in our darkest hour, he and others are working to shine their brightest light.

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...

Docker, Inc.

Chris Lauer, NOAA Space Weather Prediction Center - This is the story of how adopting a containerized workflow changed the way our small software team works at NOAA’s Space Weather Prediction Center. Our old architecture, a big ball of mud shared-database integration, just wasn’t cutting it - it was killing our agility. Over the past two years, our small team has adopted a microservice style architecture, using Docker with docker-compose and environment files as our deployment strategy for all new development. We’ve discovered the joys of using containers for identical dev, staging, and production environments. We work closely with scientists: much of the code we’re running has complicated and conflicting library dependencies. Docker captures these beautifully - we’ve even had some success teaching our scientists to use it! I’ll share what we’ve learned, some of the persistent challenges we face, and one place we really got it wrong. This talk builds off of a popular hallway track from DockerCon 2019.

Predicting Space Weather with Docker

Docker, Inc.

Brian Christner, 56k + Docker Captain - In this session, we will unlock the full potential of using Microsoft Visual Studio Code (VS Code) and Docker Desktop to turn you into a Docker Power User. When we expand and utilize the VS Code Docker plugin, we can take our projects and Docker skills to the next level. In addition to using VS Code, we streamline our Docker Desktop development workflow with less context switching and built-in shortcuts. You will learn how to bootstrap new projects, quickly write Dockerfiles utilizing templates, build, run, and interact with containers all from VS Code.

Become a Docker Power User With Microsoft Visual Studio Code

Docker, Inc.

How to Use Mirroring and Caching to Optimize your Container Registry

Docker, Inc.

Ashish Sharma, SS&C Eze - SS&C Eze provides various products in the stock market domain. We spent the last couple of years building Eclipse which is an investment suite born in cloud. The journey so far has been very interesting. The very first version of the product were a bunch of monolithic windows services and deployed using Octopus tool. We successfully managed to bring all the monolithic problem to the cloud and created a nightmare for ourselves. We then started applying microservices architecture principles and started breaking the monolithic into small services. Very soon we realized that we need a better packaging/deployment tool. Docker looked like a magical solution to our problem. Since its adoption, It has not only solved the deployment problem for us but has made a deep impact on different aspects of SDLC. It allowed us to use heterogeneous technology stacks, simplified development environment setup, simplified our testing strategy, improved our speed of delivery, and made our developers more productive. In this talk I would like to share our experience of using Docker and its positive impact on our SDLC.

Monolithic to Microservices + Docker = SDLC on Steroids!

Docker, Inc.

Ara Pulido, Datadog - Container technologies, although not new, have increased their popularity in the past few years, with container orchestrators allowing companies around the world to adopt these technologies to help them ship and scale microservices with precision and velocity. Kubernetes is currently the most popular container orchestration platform, and while many organizations are migrating their workloads to it, Kubernetes is still relatively immature. New corner cases, errors, and quirks are regularly discovered as users push the boundaries of size and scale. When Datadog adopted Kubernetes we discovered some of these boundaries the hard way, and we continuously challenge and modify our infrastructure decisions in order to fit our use case. Join me in this talk for our story on what we learned while we scaled our Kubernetes clusters, the contributions to Kubernetes we made along the way, and how you can apply those learnings when growing your Kubernetes clusters from a handful to hundreds or thousands of nodes.

Kubernetes at Datadog Scale

Docker, Inc.

Andy Clemenko, StackRox - One underutilized, and amazing, thing about the docker image scheme is labels. Labels are a built in way to document all aspects about the image itself. Think about all the information that the tags inside your clothing carry. If you care to look you can find out everything about the garment. All that information can be very valuable. Now think about how we can leverage labels to carry similar information. We can even use the labels to contain Docker Compose or even Kubernetes Yaml. We can even include labels into the CI/CD process making things more secure and smoother. Come find out some fun techniques on how to leverage labels to do some fun and amazing things.

Labels, Labels, Labels

Docker, Inc.

Patrick Deloulay, Micro Focus - Micro Focus started their digital transformation 3 years ago, moving the entire portfolio into hundreds of container images. Leveraging Docker Hub as our primary registry service, we will cover how we ended up building a simple but secure push/pull model to publish and deliver our premium assets to our customers and partners to both meet the high agility of our DevOps teams while greatly simplifying the deployment of our applications.

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model

Docker, Inc.

Lukonde Mwila, Entelect As the cloud-native approach to development and deployment becomes more prevalent, it's an exciting time for software engineers to be equipped on how to dockerize multi-container applications and deploy them to the cloud. In this talk, Lukonde Mwila, Software Engineer at Entelect, will cover the following topics: - Docker Compose - Containerizing an Nginx Server - Containerizing an React App - Containerizing an Node.JS App - Containerizing anMongoDB App - Runing Multi-Container App Locally - Creating a CI/CD Pipeline - Adding a build stage to test containers and push images to Docker Hub - Deploying Multi-Container App to AWS Elastic Beanstalk Lukonde will start by giving an overview of how Docker Compose works and how it makes it very easy and straightforward to startup multiple Docker containers at the same time and automatically connect them together with some form of networking. After that, Lukonde will take a hands on approach to containerize an Nginx server, a React app, a NodeJS app and a MongoDB instance to demonstrate the power of Docker Compose. He'll demonstrate usage of two Docker files for an application, one production grade and the other for local development and running of tests. Lastly, he'll demonstrate creating a CI/CD pipeline in AWS to build and test our Docker images before pushing them to Docker Hub or AWS ECR, and finally deploying our multi-container application AWS Elastic Beanstalk.

Build & Deploy Multi-Container Applications to AWS

Docker, Inc.

Elton Stoneman, Docker Captain + Container Consultant and Trainer How do you provide a SaaS offering when your product is a 10-year old Fortran app, currently built to run on Windows 10? With Docker and Kubernetes of course - and you can do it in a week (... to prototype level at least). In this session I'll walk through the processes and practicalities of taking an older Windows app, making it run in containers with Kubernetes, and then building a simple API wrapper to host the whole stack as a cloud-based SaaS product. There's a lot of technology here from a real world case study, and I'll focus on: - running Windows apps in Docker containers - building a .NET Core API which can run in Linux or Windows containers - running the stack in Kubernetes with Docker Desktop locally and AKS in the cloud - configuring AKS workloads in Azure to burst out to Azure Container Instances And there's a core theme to this session: Docker and Kubernetes are complex technologies, but they're the key to modern development. If you invest time learning them, they make projects like this simple, portable, fast and fun.

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...

Docker, Inc.

This virtual meetup introduces the concepts and best practices of using Docker containers for software development for the Arm architecture across a variety of hardware systems. Using Docker Desktop on Windows or Mac, Amazon Web Services (AWS) A1 instances, and embedded Linux, we will demonstrate the latest Docker features to build, share, and run multi-architecture images with transparent support for Arm.

Developing with Docker for the Arm Architecture

Docker, Inc.

Mehr von Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience

How to Improve Your Image Builds Using Advance Docker Build

Build & Deploy Multi-Container Applications to AWS

Securing Your Containerized Applications with NGINX

How To Build and Run Node Apps with Docker and Compose

Hands-on Helm

Distributed Deep Learning with Docker at Salesforce

The First 10M Pulls: Building The Official Curl Image for Docker Hub

Monitoring in a Microservices World

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...

Predicting Space Weather with Docker

Become a Docker Power User With Microsoft Visual Studio Code

How to Use Mirroring and Caching to Optimize your Container Registry

Monolithic to Microservices + Docker = SDLC on Steroids!

Kubernetes at Datadog Scale

Labels, Labels, Labels

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model

Build & Deploy Multi-Container Applications to AWS

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...

Developing with Docker for the Arm Architecture

Kürzlich hochgeladen

In an era where artificial intelligence (AI) stands at the forefront of business innovation, Information Architecture (IA) is at the core of functionality. See “There’s No AI Without IA” – (from 2016 but even more relevant today) Understanding and leveraging how Information Architecture (IA) supports AI synergies between knowledge engineering and prompt engineering is critical for senior leaders looking to successfully deploy AI for internal and externally facing knowledge processes. This webinar be a high-level overview of the methodologies that can elevate AI-driven knowledge processes supporting both employees and customers. Core Insights Include: Strategic Knowledge Engineering: Delve into how structuring AI's knowledge base is required to prevent hallucinations, enable contextual retrieval of accurate information. This will include discussion of gold standard libraries of use cases support testing various LLMs and structures and configurations of knowledge base. Precision in Prompt Engineering: Learn the art of crafting prompts that direct AI to deliver targeted, relevant responses, thereby optimizing customer experiences and business outcomes. Unified Approach for Enhanced AI Performance: Explore the intersection of knowledge and prompt engineering to develop AI systems that are not only more responsive but also aligned with overarching business strategies. Guiding Principles for Implementation: Equip yourself with best practices, ethical guidelines, and strategic considerations for embedding these technologies into your business ecosystem effectively. This webinar is designed to empower business and technology leaders with the knowledge to harness the full potential of AI, ensuring their organizations not only keep pace with digital transformation but lead the charge. Join us to map a roadmap to fully leverage Information Architecture (IA) and AI chart a course towards a future where AI is a key pillar of strategic innovation and business success.

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Earley Information Science

Explore 'The Codex of Business: Writing Software for Real-World Solutions,' a compelling SlideShare presentation that delves into digital transformation in healthcare. Discover through a detailed case study how Agile methodologies empower healthcare providers to develop, iterate, and refine digital solutions that address real-world challenges. Learn how strategic planning, user feedback, and continuous improvement drive success in deploying technologies that enhance patient care and operational efficiency. Ideal for healthcare professionals, IT specialists, and digital transformation advocates seeking actionable insights and practical examples of technology making a real difference.

The Codex of Business Writing Software for Real-World Solutions 2.pptx

Malak Abu Hammad

How to convert PDF to text with Nanonets

naman860154

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

Microsoft's Threat Matrix for Kubernetes helps organizations understand the attack surface a Kubernetes deployment introduces to their environments. This ensures that adequate detections and mitigations are in place. By covering over 40 different attacker techniques, defenders can learn about Kubernetes-specific mitigations and controls to deploy to their environments. In this session, we will explore the MS-TA9013 Host Path Mount technique, which is commonly used by attackers to perform privilege escalation in a Kubernetes cluster. Attendees will learn how attackers and defenders can: * Escape the container's host volume mount to gain persistence on an underlying node * Move laterally from the underlying node into the customer's cloud environment * Analyze Kubernetes audit logs to detect pods deployed with a hostPath mount * Deploy an admission controller that prevents new pods from using a hostPath mount

Breaking the Kubernetes Kill Chain: Host Path Mount

Puma Security, LLC

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Advantages of Hiring UIUX Design Service Providers for Your Business

Pixlogix Infotech

Scaling API-first – The story of a global engineering organization

Radu Cotescu

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Histor y of HAM Radio presentation slide

vu2urc

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

A Call to Action for Generative AI in 2024

Results

CNv6 Instructor Chapter 6 Quality of Service

giselly40

Kürzlich hochgeladen (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

The Codex of Business Writing Software for Real-World Solutions 2.pptx

How to convert PDF to text with Nanonets

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Boost Fertility New Invention Ups Success Rates.pdf

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Breaking the Kubernetes Kill Chain: Host Path Mount

Artificial Intelligence: Facts and Myths

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Finology Group – Insurtech Innovation Award 2024

Data Cloud, More than a CDP by Matt Robison

Powerful Google developer tools for immediate impact! (2023-24 C)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Advantages of Hiring UIUX Design Service Providers for Your Business

Scaling API-first – The story of a global engineering organization

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Histor y of HAM Radio presentation slide

Boost PC performance: How more available memory can improve productivity

A Call to Action for Generative AI in 2024

CNv6 Instructor Chapter 6 Quality of Service

Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan

1. Docker for Ops: Docker Networking Deep Dive Madhu Venugopal Jana Radhakrishnan

2. Overview What is libnetwork New features in 1.12 Agenda Deep Dive Multihost networking Secure Control Plane Secure Data plane Service Discovery Native Loadbalacing Routing Mesh Finish Demo Q&A

3. Overview

4. It is not just a driver interface • Docker networking fabric • Defines Container Networking Model • Provides builtin IP address management • Provides native multi-host networking • Provides native Service Discovery and Load Balancing • Allows for extensions by the ecosystem What is libnetwork?

5. New features in 1.12 swarm mode CNM Routing Mesh Multi-host Networking without external k/v store Service Discovery Secure Data-Plane Secure Control-Plane Load Balancing • Cluster aware • De-centralized control plane • Highly scalable

6. Macvlan driver • Out of experimental • Integrates with Underlay • Place containers in your existing vlans

7. MacVlan # Create a macvlan network $ docker network create -d macvlan --subnet=192.168.0.0/16 —-ip-range=192.168.41.0/24 --aux-address="favorite_ip_ever=192.168.41.2" --gateway=192.168.41.1 -o parent=eth0.41 macnet41 # First address is the specified gateway, second is aux $ docker run --net=macnet41 -it --rm alpine /bin/sh

8. Deep Dive

9. Multi-host networking Manager Network Create Orchestrator Allocator Scheduler Dispatcher Service Create Task Create Task Dispatch Task Dispatch Gossip Worker1 Worker2 Engine Libnetwork Engine Libnetwork • The VXLAN based data path remains unchanged • No external key-value store necessary • Central resource allocation • Improved performance • Highly scalable

10. • Gossip based protocol • Network scoped • Fast convergence • Secure by default • periodic key rotations • swarm native key-exchange • Highly scalable Network control plane Cluster Scope Gossip W1 W2 W3 W1 W5 W4 Network Scope Gossip Network Scope Gossip

11. • Available as an option during overlay network creation • Uses kernel IPSec modules • On-demand tunnel setup • Swarm native key-exchange • Periodic key rotations • Highly performant Secure dataplane Worker1 Worker2 Worker3 secure network secure network IPSec Tunnel IPSec Tunnel IPSec Tunnel secure network secure network non- secure network non- secure network Open UDP traffic

12. • Provided by embedded DNS • Highly available • Uses Network Control Plane to learn state • Can be used to discover both tasks and services Service Discovery engine DNS Server DNS Resolver DNS Resolver DNS requests

13. • Provided by embedded DNS • Highly available • Uses Network Control Plane to learn state • Can be used to discover both tasks and services • Minimal Overhead because of CNM • Can use DNS RR instead as an option Internal Load balancer Task1 Service A Task2 Service A Task3 Service A Client1 Client2 VIP LB VIP LB

14. • Builtin routing mesh for edge routing • Worker nodes themselves participate in ingress routing mesh • All worker nodes accept connection requests on PublishedPort • Port translation happens at the worker node • Same internal load balancing mechanism used to load balance external requests Routing mesh External Loadbalancer (optional) Task1 ServiceA Task1 ServiceA Task1 ServiceA Worker1 Worker2 Ingress Network 8080 8080 VIP LB VIP LB 8080->80 8080->80

15. Finish Demo and Q&A

16. Thank you!

Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan

Ähnlich wie Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan (20)

Mehr von Docker, Inc.

Mehr von Docker, Inc. (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooting by Madhu Venugopal and Jana Radhakrishnan