Post on 16-Apr-2017
DockerCon EU 2015 & Docker 1.9
WeCraft & Devops - What’s hot
Julien Garcia Gonzalez@jgsqware
jgonzalez@wemanity.com
juliengarcia.github.io
Jean-Marc Meessen @JM_Meessen
jean-marc@meessen-web.org
Agenda◇ DockerCon EU 2015
■ Breaking News■ CAAS: Container as a service
○ Tutum■ Universal Control Plane■ Signing and Content Trust■ What’s hot
◇ Break◇ Let’s Demo Docker 1.9
■ Swarm: Ready for production■ Networking■ Volumes■ Security
DockerCon EU 2015Breaking News
1
Positive Energy
What I’m going to does, whatever level of positivity I had, I’m going to double that… I’m thinking maybe you want to do that with me!
Solomon Hykes, CTO, Docker Inc.
Awesome Keynotes
A good sign of a technology becoming mature is that their user conference keynote focuses on boring things like security.
@cloud_opinion
Huge Eco-system
There is no platform without ecosystem!Solomon Hykes, CTO, Docker Inc.
Huge Eco-system
Great to see the new #Docker plug-in model; integration is critical for ecosystem uptake and viability. #DockerCon
@DanielKrook
Goodies,Goodies everywhere Sidekicks
Crazy party!
Probably the best conference in Europe
CAASContainer-as-a-Service
2
CAAS: Container-as-a-Service
CAAS in cloud: Tutum
CAAS in cloud: Tutum
CAAS on-premise: Universal Control Plane
Focus on “Docker in Production”Key aspect of this is Security
3
What’s the problem?
◇ Where the hell is this image/container coming from ?
◇ Has it been tampered with ?
◇ Are there any (new) vulnerabilities ?
Reminder...
Docker wants to be a “Tool of mass innovation”
Docker in production
(lack of) Security is like an industry that doesn’t care for pollution
Docker takes this responsibility seriously
but….
Docker in production
Docker in production
Hardware based signing
"We have a password manager? I haven't even met her…@aanand
Image scanning with Nautilus.
"Know your content. @docker Project Nautilus audits Official Repos with image scanning and vuln detection #dockercon
@BettyJunod
Image scanning with Nautilus.
Docker Doubles Down on Security w/ Nautilus, Hardware Encryption@yubico
Isolations supported by Docker Engine 0.1
Isolation supported by Engine/Swarm 1.9
Keep an eye on:Microsoft
Windows Server 2016Native support of Docker
UniKernelUnikernels, meet Docker! 2.1M Nginx Docker image zero attack surface
DockerCraftA simple Minecraft Docker client, to visualize and manage Docker containers.
BreakSee you in 15 min!
DockerCon EU 2015 & Docker 1.9
WeCraft & Devops - What’s hot
Multi-host NetworkOverlay network for Webapp stack with Swarm
1
Network: Overlay
DemoPray the demo’s gods!
VolumesLet’s add some persistent volume
2
SecurityNamespace locking & Content trust
3
DemoPray the demo’s gods!
Thanks!Any questions?
Bring it Home!Slide on Slideshare
Source on Github
Sources◇ Dockercon EU 2015 Photos - Slidedecks◇ Dockercon EU 2015 Day 1 - General Session◇ Dockercon EU 2015 Day 2 - General Session◇ Dockercon EU 2015 Day 1 - Black Belt◇ Dockercon EU 2015 Day 2 - Black Belt◇ Dockercon EU 2015 Day 1 - Wild Card◇ Dockercon EU 2015 Day 2 - Wild Card◇ Dockercon EU 2015 - Ecosystem◇ Dockercon EU 2015 Use cases
CreditsSpecial thanks to all the people who made and released these awesome resources for free:
◇ Presentation template by SlidesCarnival◇ Photographs by Unsplash