SlideShare ist ein Scribd-Unternehmen logo

Docker 1.11 Presentation

Als PPTX, PDF herunterladen
Sreenivas Makam
Sreenivas Makam

Overview of Docker 1.11 features(Covers Docker release summary till 1.11, runc/containerd, dns load balancing ipv6 service discovery, labels, macvlan/ipvlan)

Technologie
1 von 13
DOCKER 1.11 OVERVIEW Presenter Name: Sreenivas Makam Presented at: Docker Meetup Bangalore Presentation Date: June 4, 2016
About me • Senior Engineering Manager at Cisco Systems Data Center group • Author of “Mastering CoreOS” https://www.packtpub.com/networki ng-and-servers/mastering-coreos/ ) • Docker Captain(https://www.docker.com/co mmunity/docker-captains ) • Blog: https://sreeninet.wordpress.com/ • Code: https://github.com/smakam • Linkedin: https://in.linkedin.com/in/sreenivas makam • Twitter: @srmakam
Docker family Docker (Linux, Mac, Windows) Core(Docker engine, Network, Storage) Security(Dock er content trust, Docker security scan) Getting started(Toolbo x, Kitematic) Orchestration( Machine, Compose, Swarm) Registry(Dock er hub, Docker trusted registry) Deployment( Docker cloud, Docker data center)
Docker release Timeline 0.1 - March 2013 1.0 - June 2014 1.1 - July 2014 .dockerignore for Dockerfile Tail logs Bind mounting full filesystem into a container 1.2 - Aug 2014 Docker restart policy for container Capability flag in docker run Devices can be bind mounted without using privilege option 1.3 - (Compose 1.0) - Oct 2014 Experimental digital signature for container images Docker exec introduced Security options for selinux, apparmor introduced in Docker run 1.4 - Dec 2014 Overlayfs as experimental storage driver Can add labels to Docker daemon Security vulnerabilities addressed 1.5 - (Compose 1.1) - Feb 2015 IPV6 support Docker container statistics using event driven model Dockerfile specifying file name Note: Top 3 features were based on personal choice
Docker release Timeline (Contd) 1.6.0 (Compose 1.2, Swarm 0.2, Machine 0.2, Registry 2.0) - April 2015 Windows client Container and Image labels Logging drivers support 1.7.0 (Compose 1.3, Swarm 0.3, Machine 0.3, Registry 2.0) - June 2015 Docker networking and storage plugin as experimental libnetwork seperated out from Docker engine Swarm, Compose and multihost networking integrated 1.8.0 (Compose 1.4, Swarm 0.9, Machine 0.4, Registry 2.1) - August 2015 Docker content trust for image signing Docker toolbox for windows and mac Volume plugins going to production 1.9.0 (Compose 1.5, Swarm 1.0, Machine 0.5, Registry 2.2) - Nov 2015 Multihost networking with libnetwork Swarm going to production Build-time arguments to Dockerfile 1.10.0 (Compose 1.6, Swarm 1.1, Machine 0.6, Registry 2.3) - Feb 2016 Compose file with networks and volumes Security enhancement - user namespace, seccomp, authorization plugin Swarm HA(reschedule containers when node fails) 1.11.0 (Compose 1.7, Swarm 1.2, Machine 0.7, Registry 2.4) - May 2016 Runc and Containerd DNS round robin load balancing ipv6 service discovery Note: Top 3 features were based on personal choice
Docker 1.11 feature summary • Runc and Containerd plumbing • Built-in load balancing using DNS roundrobin • Service discovery for ipv6 • Experimental macvlan and ipvlan network plugins • Labels for networks and volumes • Yubikey based hardware signing of Container images moves from experimental to stable • Container rescheduling in Swarm moves from experimental to stable
Runc and Containerd • Docker Engine broken into base Docker engine, Containerd and Runc. • Runc is the Container runtime based on OCI specification. Containerd manages running Containers. • This makes Docker modular from developers perspective. • Future - Runc can be replaced by other Container runtime like runV, Clear Containers. • Future - Docker engine and Containerd can be restarted or upgraded without affecting running Containers. Process output running 2 busybox Containers: root 672 1 0 17:15 ? 00:00:11 /usr/bin/docker daemon --dns 8.8.8.8 --raw-logs root 695 672 0 17:15 ? 00:00:01 docker-containerd -l /var/run/docker/libcontainerd/docker-containerd.sock -- runtime docker-runc root 3694 695 0 21:22 ? 00:00:00 docker-containerd-shim cf0fe4c12041bbf737abe597805f6ea81da8d65b6d30587211f24c85573d2ef1 /var/run/docker/libcontainerd/cf0fe4c12041bbf737abe597805f6ea81da8d65b6d30587211f24c85573d2ef1 docker-runc root 3787 695 0 21:23 ? 00:00:00 docker-containerd-shim 009f939ef47f4a01f3e5fdcc18c0e7555f050c2ffea1e551c1171ee5bf110a59 /var/run/docker/libcontainerd/009f939ef47f4a01f3e5fdcc18c0e7555f050c2ffea1e551c1171ee5bf110a59 docker-runc Docker daemon Containerd daemon 2 Runc with Shim Picture source: Docker blog
DNS load balancing Create 3 Containers in “fe” network: docker run -d --name=nginx1 --net=fe -- net-alias=nginxnet nginx docker run -d --name=nginx2 --net=fe -- net-alias=nginxnet nginx docker run -ti --name=myubuntu --net=fe --link=nginx1:nginx1link -- link=nginx2:nginx2link ubuntu bash DNS by network alias: root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.852 ms root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.244 ms DNS by Container name: root@4d2d6e34120d:/# ping -c1 nginx1 PING nginx1 (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.112 ms root@4d2d6e34120d:/# ping -c1 nginx2 PING nginx2 (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.090 ms DNS by link name: root@4d2d6e34120d:/# ping -c1 nginx1link PING nginx1link (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.049 ms root@4d2d6e34120d:/# ping -c1 nginx2link PING nginx2link (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.253 ms ubuntu nginx1 nginx2
IPV6 Service Discovery • Create IPV6 network: docker network create --ipv6 --subnet=1111:2222:3333::/64 myipv6 • Create 2 Containers: docker run --rm -ti --net=myipv6 --name=u1 smakam/myubuntu:v4 bash docker run --rm -ti --net=myipv6 --name=u2 smakam/myubuntu:v4 bash Dig output from U2: # dig u1 AAAA ; <<>> DiG 9.9.5-3-Ubuntu <<>> u1 AAAA ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62676 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;u1. IN AAAA ;; ANSWER SECTION: u1. 600 IN AAAA 1111:2222:3333::2 U1: eth0 Link encap:Ethernet HWaddr 02:42:ac:18:00:02 inet addr:172.24.0.2 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: 1111:2222:3333::2/64 Scope:Global U2: eth0 Link encap:Ethernet HWaddr 02:42:ac:18:00:03 inet addr:172.24.0.3 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: 1111:2222:3333::3/64 Scope:Global Ping U2 from U1: # ping6 -c1 u2 PING u2(u2.myipv6) 56 data bytes 64 bytes from u2.myipv6: icmp_seq=1 ttl=64 time=0.136 ms # ping -c1 u2 PING u2 (172.24.0.3) 56(84) bytes of data. 64 bytes from u2.myipv6 (172.24.0.3): icmp_seq=1 ttl=64 time=0.100 ms
Labels for Networks and Volumes • Labels allows tagging and filtering of Container resources. • Before Docker 1.11, labels were supported for Containers, images, daemons. • Docker 1.11 added labels for Networks and Volumes. Compose will add this support soon. Create network with 2 labels: docker network create -d bridge --label tier=fe --label owner=dev mynet Display Docker network labels: docker network inspect mynet "Labels": { "owner": "dev", "tier": "fe" } Filter not working yet: docker network ls --filter "label=tier=fe" Error response from daemon: Invalid filter 'label' Create Volume: docker volume create --label name=ssd --name myvol Display Docker volume labels: docker volume inspect myvol "Labels": { "name": "ssd" } Filter not working yet: docker volume ls --filter "label=name=ssd" Error response from daemon: Invalid filter 'label'
Macvlan, ipvlan • Macvlan and ipvlan are new Docker network plugins like bridge and overlay. • Macvlan and ipvlan drivers are provided by Linux kernel. • Available in experimental Docker. • Allows Containers to use underlay networks natively. Useful for customers who want to reach Containers from external network without using NAT. • Macvlan interfaces have unique mac and IP address. Ipvlan interfaces have unique IP address, but share the same mac address as underlay interface.
Macvlan Example Host 1: docker network create -d macvlan --subnet=192.168.0.0/16 --ip-range=192.168.2.0/24 -o macvlan_mode=bridge -o parent=eth2.70 macvlan70 docker run --net=macvlan70 -it --name macvlan70_1 --rm alpine /bin/sh docker run --net=macvlan70 -it --name macvlan70_2 --rm alpine /bin/sh docker network create -d macvlan --subnet=192.169.0.0/16 --ip-range=192.169.2.0/24 -o macvlan_mode=bridge -o parent=eth2.80 macvlan80 docker run --net=macvlan80 -it --name macvlan80_1 --rm alpine /bin/sh docker run --net=macvlan80 -it --name macvlan80_2 --rm alpine /bin/sh Host 2: docker network create -d macvlan --subnet=192.168.0.0/16 --ip-range=192.168.3.0/24 -o macvlan_mode=bridge -o parent=eth2.70 macvlan70 docker run --net=macvlan70 -it --name macvlan70_3 --rm alpine /bin/sh docker run --net=macvlan70 -it --name macvlan70_4 --rm alpine /bin/sh docker network create -d macvlan --subnet=192.169.0.0/16 --ip-range=192.169.3.0/24 -o macvlan_mode=bridge -o parent=eth2.80 macvlan80 docker run --net=macvlan80 -it --name macvlan80_3 --rm alpine /bin/sh docker run --net=macvlan80 -it --name macvlan80_4 --rm alpine /bin/sh
References • Docker 1.11 release blog (https://blog.docker.com/2016/04/docker-engine-1-11- runc/ ) • Docker 1.11 Online meetup (https://blog.docker.com/2016/04/docker-online- meetup-37-docker-1-11/, https://blog.docker.com/2016/05/docker-sf-1-11- meetup/ ) • Runc (http://runc.io/) • Containerd(https://containerd.tools/) • Labels for non-Container resources(https://github.com/docker/docker/issues/20356) • Experimental Macvlan, ipvlan(https://github.com/docker/docker/blob/master/experimental/vlan- networks.md) • Blog on macvlan, ipvlan(https://sreeninet.wordpress.com/2016/05/29/docker- macvlan-and-ipvlan-network-plugins/, https://sreeninet.wordpress.com/2016/05/29/macvlan-and-ipvlan/) • Swarm Container rescheduling(https://docs.docker.com/swarm/scheduler/rescheduling/) • Docker Yubikey hardware signing(https://blog.docker.com/2015/11/docker- content-trust-yubikey/)

Empfohlen

Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
Docker security introduction-task-2016
Docker security introduction-task-2016Docker security introduction-task-2016
Docker security introduction-task-2016Ricardo Gerardi
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverSreenivas Makam
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
Devops in Networking
Devops in NetworkingDevops in Networking
Devops in NetworkingSreenivas Makam
 
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017Ranjith Rajaram
 
Intro- Docker Native for OSX and Windows
Intro- Docker Native for OSX and WindowsIntro- Docker Native for OSX and Windows
Intro- Docker Native for OSX and WindowsThomas Chacko
 

Empfohlen

Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
Docker security introduction-task-2016
Docker security introduction-task-2016Docker security introduction-task-2016
Docker security introduction-task-2016Ricardo Gerardi
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverSreenivas Makam
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
Devops in Networking
Devops in NetworkingDevops in Networking
Devops in NetworkingSreenivas Makam
 
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017Ranjith Rajaram
 
Intro- Docker Native for OSX and Windows
Intro- Docker Native for OSX and WindowsIntro- Docker Native for OSX and Windows
Intro- Docker Native for OSX and WindowsThomas Chacko
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production OverviewDelve Labs
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Docker, Inc.
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current StatusSreenivas Makam
 
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerDocker, Inc.
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarmMathieu Buffenoir
 
Docker Security Paradigm
Docker Security ParadigmDocker Security Paradigm
Docker Security ParadigmAnis LARGUEM
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsSreenivas Makam
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeAjeet Singh Raina
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker SecurityPatrick Kleindienst
 
Comprehensive Monitoring for Docker
Comprehensive Monitoring for DockerComprehensive Monitoring for Docker
Comprehensive Monitoring for DockerChristian Beedgen
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 Docker, Inc.
 
Docker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingDocker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingOpen Source Consulting
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking OverviewSreenivas Makam
 
Enhancing OpenShift Security for Business Critical Deployments
Enhancing OpenShift Security for Business Critical DeploymentsEnhancing OpenShift Security for Business Critical Deployments
Enhancing OpenShift Security for Business Critical DeploymentsDevOps.com
 
Docker orchestration
Docker orchestrationDocker orchestration
Docker orchestrationOpen Source Consulting
 
Docker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker, Inc.
 
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron GrattafioriThe Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron GrattafioriDocker, Inc.
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To RunningGiacomo Vacca
 
Docker toolbox
Docker toolboxDocker toolbox
Docker toolboxYonghwee Kim
 
Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707Clarence Ho
 
Orchestrating Docker with OpenStack
Orchestrating Docker with OpenStackOrchestrating Docker with OpenStack
Orchestrating Docker with OpenStackErica Windisch
 

Weitere ähnliche Inhalte

Was ist angesagt?

Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production OverviewDelve Labs
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Docker, Inc.
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current StatusSreenivas Makam
 
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerDocker, Inc.
 
Docker Security Paradigm
Docker Security ParadigmDocker Security Paradigm
Docker Security ParadigmAnis LARGUEM
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsSreenivas Makam
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeAjeet Singh Raina
 
Comprehensive Monitoring for Docker
Comprehensive Monitoring for DockerComprehensive Monitoring for Docker
Comprehensive Monitoring for DockerChristian Beedgen
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 Docker, Inc.
 
Docker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingDocker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingOpen Source Consulting
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking OverviewSreenivas Makam
 
Enhancing OpenShift Security for Business Critical Deployments
Enhancing OpenShift Security for Business Critical DeploymentsEnhancing OpenShift Security for Business Critical Deployments
Enhancing OpenShift Security for Business Critical DeploymentsDevOps.com
 
Docker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker, Inc.
 
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron GrattafioriThe Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron GrattafioriDocker, Inc.
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To RunningGiacomo Vacca
 

Was ist angesagt? (20)

Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production Overview
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current Status
 
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarm
 
Docker Security Paradigm
Docker Security ParadigmDocker Security Paradigm
Docker Security Paradigm
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing options
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm Mode
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker Security
 
Comprehensive Monitoring for Docker
Comprehensive Monitoring for DockerComprehensive Monitoring for Docker
Comprehensive Monitoring for Docker
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
 
Docker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingDocker on openstack by OpenSource Consulting
Docker on openstack by OpenSource Consulting
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking Overview
 
Enhancing OpenShift Security for Business Critical Deployments
Enhancing OpenShift Security for Business Critical DeploymentsEnhancing OpenShift Security for Business Critical Deployments
Enhancing OpenShift Security for Business Critical Deployments
 
Docker orchestration
Docker orchestrationDocker orchestration
Docker orchestration
 
Docker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF Meetup
 
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron GrattafioriThe Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To Running
 
Docker toolbox
Docker toolboxDocker toolbox
Docker toolbox
 

Ähnlich wie Docker 1.11 Presentation

Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707Clarence Ho
 
Orchestrating Docker with OpenStack
Orchestrating Docker with OpenStackOrchestrating Docker with OpenStack
Orchestrating Docker with OpenStackErica Windisch
 
The age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementThe age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementNicola Paolucci
 
Real World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionReal World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionBen Hall
 
Practical guide to Oracle Virtual environments
Practical guide to Oracle Virtual environmentsPractical guide to Oracle Virtual environments
Practical guide to Oracle Virtual environmentsNelson Calero
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzurePatrick Chanezon
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Patrick Chanezon
 
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...Atlassian
 
Introduction of Docker and Docker Compose
Introduction of Docker and Docker ComposeIntroduction of Docker and Docker Compose
Introduction of Docker and Docker ComposeDr. Ketan Parmar
 
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Ajeet Singh Raina
 
AstriCon 2017 - Docker Swarm & Asterisk
AstriCon 2017 - Docker Swarm & AsteriskAstriCon 2017 - Docker Swarm & Asterisk
AstriCon 2017 - Docker Swarm & AsteriskEvan McGee
 
廣宣學堂: 容器進階實務 - Docker進深研究班
廣宣學堂: 容器進階實務 - Docker進深研究班廣宣學堂: 容器進階實務 - Docker進深研究班
廣宣學堂: 容器進階實務 - Docker進深研究班Paul Chao
 
Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班Philip Zheng
 
Deploying Windows Containers on Windows Server 2016
Deploying Windows Containers on Windows Server 2016Deploying Windows Containers on Windows Server 2016
Deploying Windows Containers on Windows Server 2016Ben Hall
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceScaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceBen Hall
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container SecuritySuraj Khetani
 
Running .NET on Docker
Running .NET on DockerRunning .NET on Docker
Running .NET on DockerBen Hall
 
PostgreSQL and Linux Containers
PostgreSQL and Linux ContainersPostgreSQL and Linux Containers
PostgreSQL and Linux ContainersJignesh Shah
 

Ähnlich wie Docker 1.11 Presentation (20)

Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707
 
Orchestrating Docker with OpenStack
Orchestrating Docker with OpenStackOrchestrating Docker with OpenStack
Orchestrating Docker with OpenStack
 
The age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementThe age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster management
 
Real World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionReal World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and Production
 
Practical guide to Oracle Virtual environments
Practical guide to Oracle Virtual environmentsPractical guide to Oracle Virtual environments
Practical guide to Oracle Virtual environments
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
 
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
 
Introduction of Docker and Docker Compose
Introduction of Docker and Docker ComposeIntroduction of Docker and Docker Compose
Introduction of Docker and Docker Compose
 
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
 
AstriCon 2017 - Docker Swarm & Asterisk
AstriCon 2017 - Docker Swarm & AsteriskAstriCon 2017 - Docker Swarm & Asterisk
AstriCon 2017 - Docker Swarm & Asterisk
 
廣宣學堂: 容器進階實務 - Docker進深研究班
廣宣學堂: 容器進階實務 - Docker進深研究班廣宣學堂: 容器進階實務 - Docker進深研究班
廣宣學堂: 容器進階實務 - Docker進深研究班
 
Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班
 
Deploying Windows Containers on Windows Server 2016
Deploying Windows Containers on Windows Server 2016Deploying Windows Containers on Windows Server 2016
Deploying Windows Containers on Windows Server 2016
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceScaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container Service
 
Demystfying container-networking
Demystfying container-networkingDemystfying container-networking
Demystfying container-networking
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container Security
 
Running .NET on Docker
Running .NET on DockerRunning .NET on Docker
Running .NET on Docker
 
PostgreSQL and Linux Containers
PostgreSQL and Linux ContainersPostgreSQL and Linux Containers
PostgreSQL and Linux Containers
 
Docker Intro
Docker IntroDocker Intro
Docker Intro
 

Mehr von Sreenivas Makam

GKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringGKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringSreenivas Makam
 
GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run Sreenivas Makam
 
Kubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemKubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemSreenivas Makam
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
 
How Kubernetes helps Devops
How Kubernetes helps DevopsHow Kubernetes helps Devops
How Kubernetes helps DevopsSreenivas Makam
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingSreenivas Makam
 
Compare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloudCompare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloudSreenivas Makam
 
Service Discovery using etcd, Consul and Kubernetes
Service Discovery using etcd, Consul and KubernetesService Discovery using etcd, Consul and Kubernetes
Service Discovery using etcd, Consul and KubernetesSreenivas Makam
 
Container Monitoring with Sysdig
Container Monitoring with SysdigContainer Monitoring with Sysdig
Container Monitoring with SysdigSreenivas Makam
 
CI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and TutumCI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and TutumSreenivas Makam
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature OverviewSreenivas Makam
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
 

Mehr von Sreenivas Makam (13)

GKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringGKE Tip Series - Usage Metering
GKE Tip Series - Usage Metering
 
GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run
 
Kubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemKubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystem
 
My kubernetes toolkit
My kubernetes toolkitMy kubernetes toolkit
My kubernetes toolkit
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKE
 
How Kubernetes helps Devops
How Kubernetes helps DevopsHow Kubernetes helps Devops
How Kubernetes helps Devops
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
 
Compare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloudCompare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloud
 
Service Discovery using etcd, Consul and Kubernetes
Service Discovery using etcd, Consul and KubernetesService Discovery using etcd, Consul and Kubernetes
Service Discovery using etcd, Consul and Kubernetes
 
Container Monitoring with Sysdig
Container Monitoring with SysdigContainer Monitoring with Sysdig
Container Monitoring with Sysdig
 
CI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and TutumCI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and Tutum
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental Networking
 

Kürzlich hochgeladen

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 

Kürzlich hochgeladen (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 

Docker 1.11 Presentation

  • 1. DOCKER 1.11 OVERVIEW Presenter Name: Sreenivas Makam Presented at: Docker Meetup Bangalore Presentation Date: June 4, 2016
  • 2. About me • Senior Engineering Manager at Cisco Systems Data Center group • Author of “Mastering CoreOS” https://www.packtpub.com/networki ng-and-servers/mastering-coreos/ ) • Docker Captain(https://www.docker.com/co mmunity/docker-captains ) • Blog: https://sreeninet.wordpress.com/ • Code: https://github.com/smakam • Linkedin: https://in.linkedin.com/in/sreenivas makam • Twitter: @srmakam
  • 3. Docker family Docker (Linux, Mac, Windows) Core(Docker engine, Network, Storage) Security(Dock er content trust, Docker security scan) Getting started(Toolbo x, Kitematic) Orchestration( Machine, Compose, Swarm) Registry(Dock er hub, Docker trusted registry) Deployment( Docker cloud, Docker data center)
  • 4. Docker release Timeline 0.1 - March 2013 1.0 - June 2014 1.1 - July 2014 .dockerignore for Dockerfile Tail logs Bind mounting full filesystem into a container 1.2 - Aug 2014 Docker restart policy for container Capability flag in docker run Devices can be bind mounted without using privilege option 1.3 - (Compose 1.0) - Oct 2014 Experimental digital signature for container images Docker exec introduced Security options for selinux, apparmor introduced in Docker run 1.4 - Dec 2014 Overlayfs as experimental storage driver Can add labels to Docker daemon Security vulnerabilities addressed 1.5 - (Compose 1.1) - Feb 2015 IPV6 support Docker container statistics using event driven model Dockerfile specifying file name Note: Top 3 features were based on personal choice
  • 5. Docker release Timeline (Contd) 1.6.0 (Compose 1.2, Swarm 0.2, Machine 0.2, Registry 2.0) - April 2015 Windows client Container and Image labels Logging drivers support 1.7.0 (Compose 1.3, Swarm 0.3, Machine 0.3, Registry 2.0) - June 2015 Docker networking and storage plugin as experimental libnetwork seperated out from Docker engine Swarm, Compose and multihost networking integrated 1.8.0 (Compose 1.4, Swarm 0.9, Machine 0.4, Registry 2.1) - August 2015 Docker content trust for image signing Docker toolbox for windows and mac Volume plugins going to production 1.9.0 (Compose 1.5, Swarm 1.0, Machine 0.5, Registry 2.2) - Nov 2015 Multihost networking with libnetwork Swarm going to production Build-time arguments to Dockerfile 1.10.0 (Compose 1.6, Swarm 1.1, Machine 0.6, Registry 2.3) - Feb 2016 Compose file with networks and volumes Security enhancement - user namespace, seccomp, authorization plugin Swarm HA(reschedule containers when node fails) 1.11.0 (Compose 1.7, Swarm 1.2, Machine 0.7, Registry 2.4) - May 2016 Runc and Containerd DNS round robin load balancing ipv6 service discovery Note: Top 3 features were based on personal choice
  • 6. Docker 1.11 feature summary • Runc and Containerd plumbing • Built-in load balancing using DNS roundrobin • Service discovery for ipv6 • Experimental macvlan and ipvlan network plugins • Labels for networks and volumes • Yubikey based hardware signing of Container images moves from experimental to stable • Container rescheduling in Swarm moves from experimental to stable
  • 7. Runc and Containerd • Docker Engine broken into base Docker engine, Containerd and Runc. • Runc is the Container runtime based on OCI specification. Containerd manages running Containers. • This makes Docker modular from developers perspective. • Future - Runc can be replaced by other Container runtime like runV, Clear Containers. • Future - Docker engine and Containerd can be restarted or upgraded without affecting running Containers. Process output running 2 busybox Containers: root 672 1 0 17:15 ? 00:00:11 /usr/bin/docker daemon --dns 8.8.8.8 --raw-logs root 695 672 0 17:15 ? 00:00:01 docker-containerd -l /var/run/docker/libcontainerd/docker-containerd.sock -- runtime docker-runc root 3694 695 0 21:22 ? 00:00:00 docker-containerd-shim cf0fe4c12041bbf737abe597805f6ea81da8d65b6d30587211f24c85573d2ef1 /var/run/docker/libcontainerd/cf0fe4c12041bbf737abe597805f6ea81da8d65b6d30587211f24c85573d2ef1 docker-runc root 3787 695 0 21:23 ? 00:00:00 docker-containerd-shim 009f939ef47f4a01f3e5fdcc18c0e7555f050c2ffea1e551c1171ee5bf110a59 /var/run/docker/libcontainerd/009f939ef47f4a01f3e5fdcc18c0e7555f050c2ffea1e551c1171ee5bf110a59 docker-runc Docker daemon Containerd daemon 2 Runc with Shim Picture source: Docker blog
  • 8. DNS load balancing Create 3 Containers in “fe” network: docker run -d --name=nginx1 --net=fe -- net-alias=nginxnet nginx docker run -d --name=nginx2 --net=fe -- net-alias=nginxnet nginx docker run -ti --name=myubuntu --net=fe --link=nginx1:nginx1link -- link=nginx2:nginx2link ubuntu bash DNS by network alias: root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.852 ms root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.244 ms DNS by Container name: root@4d2d6e34120d:/# ping -c1 nginx1 PING nginx1 (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.112 ms root@4d2d6e34120d:/# ping -c1 nginx2 PING nginx2 (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.090 ms DNS by link name: root@4d2d6e34120d:/# ping -c1 nginx1link PING nginx1link (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.049 ms root@4d2d6e34120d:/# ping -c1 nginx2link PING nginx2link (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.253 ms ubuntu nginx1 nginx2
  • 9. IPV6 Service Discovery • Create IPV6 network: docker network create --ipv6 --subnet=1111:2222:3333::/64 myipv6 • Create 2 Containers: docker run --rm -ti --net=myipv6 --name=u1 smakam/myubuntu:v4 bash docker run --rm -ti --net=myipv6 --name=u2 smakam/myubuntu:v4 bash Dig output from U2: # dig u1 AAAA ; <<>> DiG 9.9.5-3-Ubuntu <<>> u1 AAAA ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62676 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;u1. IN AAAA ;; ANSWER SECTION: u1. 600 IN AAAA 1111:2222:3333::2 U1: eth0 Link encap:Ethernet HWaddr 02:42:ac:18:00:02 inet addr:172.24.0.2 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: 1111:2222:3333::2/64 Scope:Global U2: eth0 Link encap:Ethernet HWaddr 02:42:ac:18:00:03 inet addr:172.24.0.3 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: 1111:2222:3333::3/64 Scope:Global Ping U2 from U1: # ping6 -c1 u2 PING u2(u2.myipv6) 56 data bytes 64 bytes from u2.myipv6: icmp_seq=1 ttl=64 time=0.136 ms # ping -c1 u2 PING u2 (172.24.0.3) 56(84) bytes of data. 64 bytes from u2.myipv6 (172.24.0.3): icmp_seq=1 ttl=64 time=0.100 ms
  • 10. Labels for Networks and Volumes • Labels allows tagging and filtering of Container resources. • Before Docker 1.11, labels were supported for Containers, images, daemons. • Docker 1.11 added labels for Networks and Volumes. Compose will add this support soon. Create network with 2 labels: docker network create -d bridge --label tier=fe --label owner=dev mynet Display Docker network labels: docker network inspect mynet "Labels": { "owner": "dev", "tier": "fe" } Filter not working yet: docker network ls --filter "label=tier=fe" Error response from daemon: Invalid filter 'label' Create Volume: docker volume create --label name=ssd --name myvol Display Docker volume labels: docker volume inspect myvol "Labels": { "name": "ssd" } Filter not working yet: docker volume ls --filter "label=name=ssd" Error response from daemon: Invalid filter 'label'
  • 11. Macvlan, ipvlan • Macvlan and ipvlan are new Docker network plugins like bridge and overlay. • Macvlan and ipvlan drivers are provided by Linux kernel. • Available in experimental Docker. • Allows Containers to use underlay networks natively. Useful for customers who want to reach Containers from external network without using NAT. • Macvlan interfaces have unique mac and IP address. Ipvlan interfaces have unique IP address, but share the same mac address as underlay interface.
  • 12. Macvlan Example Host 1: docker network create -d macvlan --subnet=192.168.0.0/16 --ip-range=192.168.2.0/24 -o macvlan_mode=bridge -o parent=eth2.70 macvlan70 docker run --net=macvlan70 -it --name macvlan70_1 --rm alpine /bin/sh docker run --net=macvlan70 -it --name macvlan70_2 --rm alpine /bin/sh docker network create -d macvlan --subnet=192.169.0.0/16 --ip-range=192.169.2.0/24 -o macvlan_mode=bridge -o parent=eth2.80 macvlan80 docker run --net=macvlan80 -it --name macvlan80_1 --rm alpine /bin/sh docker run --net=macvlan80 -it --name macvlan80_2 --rm alpine /bin/sh Host 2: docker network create -d macvlan --subnet=192.168.0.0/16 --ip-range=192.168.3.0/24 -o macvlan_mode=bridge -o parent=eth2.70 macvlan70 docker run --net=macvlan70 -it --name macvlan70_3 --rm alpine /bin/sh docker run --net=macvlan70 -it --name macvlan70_4 --rm alpine /bin/sh docker network create -d macvlan --subnet=192.169.0.0/16 --ip-range=192.169.3.0/24 -o macvlan_mode=bridge -o parent=eth2.80 macvlan80 docker run --net=macvlan80 -it --name macvlan80_3 --rm alpine /bin/sh docker run --net=macvlan80 -it --name macvlan80_4 --rm alpine /bin/sh
  • 13. References • Docker 1.11 release blog (https://blog.docker.com/2016/04/docker-engine-1-11- runc/ ) • Docker 1.11 Online meetup (https://blog.docker.com/2016/04/docker-online- meetup-37-docker-1-11/, https://blog.docker.com/2016/05/docker-sf-1-11- meetup/ ) • Runc (http://runc.io/) • Containerd(https://containerd.tools/) • Labels for non-Container resources(https://github.com/docker/docker/issues/20356) • Experimental Macvlan, ipvlan(https://github.com/docker/docker/blob/master/experimental/vlan- networks.md) • Blog on macvlan, ipvlan(https://sreeninet.wordpress.com/2016/05/29/docker- macvlan-and-ipvlan-network-plugins/, https://sreeninet.wordpress.com/2016/05/29/macvlan-and-ipvlan/) • Swarm Container rescheduling(https://docs.docker.com/swarm/scheduler/rescheduling/) • Docker Yubikey hardware signing(https://blog.docker.com/2015/11/docker- content-trust-yubikey/)

Hinweis der Redaktion

  1. Plumbing – Runc, Containerd, Notary
  2. Microsoft Confidential