Download - Weave User Group Talk - DockerCon 2017 Recap
![Page 1: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/1.jpg)
Patrick Chanezon, @chanezon
Docker for Devs and Ops
What’s new and What’s next
May 2017
![Page 2: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/2.jpg)
French
Polyglot
Platforms
Software Plumber
San Francisco
Developer Relations
@chanezon
![Page 3: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/3.jpg)
Docker
![Page 4: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/4.jpg)
The world needs
tools of mass innovation
![Page 5: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/5.jpg)
A programmable Internet would be the ultimate
tool of mass innovation
![Page 6: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/6.jpg)
A commercial product,
built on
a development platform,
built on
infrastructure,
built on
standards.
Docker is building a stack to program the Internet
![Page 7: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/7.jpg)
Docker is building a stack to program the Internet
CE
EE
![Page 8: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/8.jpg)
Docker for Developers
![Page 9: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/9.jpg)
The best tools…
![Page 10: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/10.jpg)
1. Get out of the way
The best tools…
![Page 11: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/11.jpg)
1. Get out of the way
2. Adapt to you
The best tools…
![Page 12: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/12.jpg)
1. Get out of the way
2. Adapt to you3. Make the powerful
simple
The best tools…
![Page 13: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/13.jpg)
enterprise edition
Ubuntu
Fedora
Mac
Azure
CentOS
Windows 10
AWS
Debian
community edition
Ubuntu
Windows Server
Azure
CentOS
Suse
Red Hat
AWS
Oracle Linux
![Page 14: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/14.jpg)
Bettertools for developers
![Page 15: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/15.jpg)
Docker removes frictionin the development cycle
![Page 16: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/16.jpg)
How to remove developer friction in 3 easy steps
![Page 17: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/17.jpg)
Step 1.
Developer
complains
about detail
![Page 18: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/18.jpg)
Step 2.
Fix Detail
![Page 19: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/19.jpg)
Step 3.
Repeat
FOREVER
![Page 20: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/20.jpg)
In the developer experience, details add up...
![Page 21: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/21.jpg)
Example #1
My container images are too big!“My container images are too big!”
![Page 22: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/22.jpg)
Introducingmulti-stage builds
Example #1
“My container images are too big!”
![Page 23: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/23.jpg)
Build smaller images withmulti-stage builds
First stage: complete build environment
Second stage: minimal runtime environment
One Dockerfile, one build
![Page 24: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/24.jpg)
FROM big-buildbase……
FROM tiny-runbase
…COPY --from=0/artifact /run/app …
One Dockerfile,one build
Stage 0: large build environment
Stage 1: minimal run environment
Copy artifacts from one stage to the nextOnly copy what you need!
Build smaller images withmulti-stage builds
![Page 25: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/25.jpg)
MAC AWS
“I wish it was easier to
take my app from desktop
to cloud”
Example #2
![Page 26: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/26.jpg)
IntroducingDESKTOP-TO-CLOUD
“I wish it was easier to
take my app from desktop
to cloud”
Example #2
![Page 27: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/27.jpg)
Desktopintegration
27
![Page 28: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/28.jpg)
Built-in collaboration with Docker
Cloud & Docker ID
![Page 29: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/29.jpg)
docker.com/getdocker
edge channel
Available in an Edge release near you
![Page 30: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/30.jpg)
enterprise edition
Ubuntu
Fedora
Mac
Azure
CentOS
Windows 10
AWS
Debian
community edition
Ubuntu
Windows Server
Azure
CentOS
Suse
Red Hat
AWS
Oracle Linux
![Page 31: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/31.jpg)
Docker for Ops
![Page 32: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/32.jpg)
Going to Production is Hard
![Page 33: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/33.jpg)
Going to Production SECURELY is EXTREMELY Hard
![Page 34: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/34.jpg)
Challenges to a
secure production:
Distributed Systems1
![Page 35: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/35.jpg)
Challenges to a
secure production:
Distributed Systems1
Solutions:
Distributed systems are just
more systems.
Use the same tools.
![Page 36: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/36.jpg)
Solutions:
Challenges to a
secure production:
Distributed Systems1 Secure orchestration
![Page 37: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/37.jpg)
Orchestration
Container Runtime
OS
Infrastructure Management
Let’s talk about secure orchestration
Application Services
![Page 38: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/38.jpg)
Raft StoreNode
IdentitySecrets
Routing
MeshEncrypted Networking
Application Services
Core Orchestration Engine
Secure Orchestration with SwarmKit
![Page 39: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/39.jpg)
Secure Node
Introduction
SwarmKit
SWMTKN-1-mx8suomaom825bet6-cm6zts22rl4hly2
Known
Prefix
Token
Version
Hash
of Root CA
Random
Secret
![Page 40: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/40.jpg)
Cryptographic
Node Identity
SwarmKit
![Page 41: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/41.jpg)
MTLS
Between All
Nodes
SwarmKit
![Page 42: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/42.jpg)
Cluster
Segmentation
SwarmKit
![Page 43: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/43.jpg)
Encrypted
Networks
SwarmKit
![Page 44: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/44.jpg)
Secure
Secret
Distribution
SwarmKit
![Page 45: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/45.jpg)
Moby
![Page 46: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/46.jpg)
Orchestration
Container Runtime
OS
Infrastructure Management
Container Platform Layers
Application Services
![Page 47: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/47.jpg)
Docker is a platform made of components
Raft StoreNode
IdentitySecrets
Routing
Mesh
Overlay
Networking
Swarm Orchestration
Engine
Application Services
![Page 48: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/48.jpg)
12,000,000,000
11,000,000,000
10,000,000,000
9,000,000,000
8,000,000,000
7,000,000,000
6,000,000,000
5,000,000,000
4,000,000,000
3,000,000,000
2,000,000,000
1,000,000,000
Notary
runC
containerd
HyperKit , VPNKit, DataKit
SwarmKit
libcontainer
libnetwork
InfraKit
2013 2014 2015 2016 2017
1M2014
PULLS
1B2015
PULLS
6B2016
PULLS
12B2017
PULLS
linuxKit
![Page 49: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/49.jpg)
LinuxKitA toolkit for building secure, portable and lean operating systems for containers
![Page 50: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/50.jpg)
Taking Dockermulti-platform
“I want Docker for X”
![Page 51: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/51.jpg)
Desktop Server Cloud
I want Docker for…
![Page 52: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/52.jpg)
Not every platform provides a Linux subsystem
![Page 53: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/53.jpg)
Not every platform provides a Linux subsystem
Orchestration
Container Runtime
Linux Subsystem
Infrastructure Management
Application Services
![Page 54: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/54.jpg)
The container movement needs asecure, lean, portable subsystem
![Page 55: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/55.jpg)
The container movement needs
a secure, lean, portable Linux subsystem.
introducing
![Page 56: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/56.jpg)
Only works with
containers
- Smaller attack
surface
- Immutable
infrastructure
- Sandboxed system
services
- Specialized patches
and configuration
Incubator for
security innovations
- Wireguard,
Landlock, KSPP
- MirageOS type
safe system
daemons
Community-first
security process
- Linux is too big
for any one
company to
secure it
- Participate in
existing Linux
security efforts
1. LinuxKit: a SECURE Linux subsystem
![Page 57: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/57.jpg)
- Minimal size, minimal boot time
- All system services are containers
- Everything can be removed or
replaced
2. LinuxKit: a LEAN Linux subsystem
![Page 58: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/58.jpg)
- Desktop, server, IoT, mainframe
- Intel & ARM
- Bare metal & virtualized
3. LinuxKit: a PORTABLE Linux subsystem
![Page 59: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/59.jpg)
Docker and Microsoft collaborate to bringLinux containers to Windows
+ +
![Page 60: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/60.jpg)
https://github.com/linuxkit/linuxkit
Get Started with LinuxKit
![Page 61: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/61.jpg)
MobyAn open framework to assemble specialized container systems without reinventing the wheel.
![Page 62: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/62.jpg)
Pioneers 2013 - 2014
![Page 63: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/63.jpg)
Production Model: open-source!
![Page 64: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/64.jpg)
Use case: cloud native apps on Linux server
Early Adopters 2015 - 2016
![Page 65: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/65.jpg)
Production Model: OPEN COMPONENTS
![Page 66: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/66.jpg)
Mainstream 2017 - 2018Containers are spreading to every category of computing:
server, datacenter, cloud, IoT, desktop, mobile…
![Page 67: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/67.jpg)
Case study:
Specializing Docker for the mainstream
Desktop Server Cloud
![Page 68: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/68.jpg)
The open component model shows its limits…
![Page 69: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/69.jpg)
The auto industry has solved this problem: COMMON ASSEMBLIES.
![Page 70: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/70.jpg)
Scaling the Docker production model: share components AND
ASSEMBLIES.
![Page 71: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/71.jpg)
It’s time to take our ecosystem to the next level…
By collaborating on components AND COMMON ASSEMBLIES.
![Page 72: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/72.jpg)
![Page 73: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/73.jpg)
– Library of 80+ components
– Package your own
components as containers
– Reference assemblies
deployed on millions of nodes
– Create your own assemblies
or start from an existing one
A framework to assemble
specialized container
systems without
reinventing the wheel.
![Page 74: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/74.jpg)
Docker uses Moby for its
open-source
– Thousands of contributors,
hundreds of patches/week
– Component development
– Specialized assembly
development
– Integration tests
– Architecture design
– Integration with other projects
– Experimentation and bleeding
edge features
![Page 75: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/75.jpg)
Docker uses Moby for its
open-source...
and so can you!
– Community-run
– Open governance inspired by
the Fedora project
– Plays well with existing
projects - no donation
necessary!
![Page 76: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/76.jpg)
Moby and Docker
![Page 77: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/77.jpg)
What it means for you
Moby helps you
innovate without tying
you to Docker
System BuildersDocker Users
Docker will better leverage
the ecosystem to innovate
faster for you
![Page 78: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/78.jpg)
Moby transforms multi-month R&D projects into weekend projects.
![Page 79: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/79.jpg)
locked-down Linux with remote attestation
Weekend project #1:
Notary
![Page 80: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/80.jpg)
custom CI/CD stack
Weekend project #2:
Notary Registry Docker Builder
+
![Page 81: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/81.jpg)
custom CI/CD stack + Debian+ Terraform
Weekend project #3:
Notary Docker Builder
+
Registry
![Page 82: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/82.jpg)
“RedisOS”
Weekend project #4:
![Page 83: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/83.jpg)
"RedisOS"for Windows
"RedisOS"for Mac
"RedisOS"for bare metal
HyperKit
bare metal
![Page 84: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/84.jpg)
Etcd clustering on Google Cloud
Weekend project #5:
![Page 85: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/85.jpg)
SSHD
Kubernetes on the Mac
Weekend project #6:
HyperKit
![Page 86: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/86.jpg)
Getting Started
- Blog https://mobyproject.org/blog
- Twitter @moby
- Github moby/moby
![Page 87: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/87.jpg)
Let’s take containers mainstream!
![Page 88: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/88.jpg)
![Page 89: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/89.jpg)
InfraKitA toolkit for building declarative, self-healing infrastructure.
![Page 90: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/90.jpg)
What is it?
90
• Launched at LinuxCon, Berlin in October, 2016.
• Toolkit for building declarative, self-managing
distributed applications
• Active management with active controllers
• scaling groups, rolling updates
• monitoring / health checks
• connecting nodes to L4 / ingress
• Declarative infrastructure
![Page 91: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/91.jpg)
Architecture
CLI
API
![Page 92: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/92.jpg)
container orchestration
Where does it fit?
92
kubectl run nginx --image=nginx
gcloud container node-pools list --zone us-
central1-f --cluster MyWorkers
aws autoscaling update-auto-scaling-group
--auto-scaling-group-name MyWorkers
docker create service nginx …
infrakit group describe workers
az vmss create --resource-group vmss-
test-1 --name MyWorkers
container orchestration
infrastructure orchestrationinfrastructure orchestration
list, err :=
group.Controller.Describe(“workers”)
![Page 93: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/93.jpg)
App Opscontainer orchestrationApp Ops
One console across environments
93
kubectl run nginx --image=nginx docker create service nginx …
infrakit group describe workers
container orchestration
infrastructure orchestration
list, err :=
group.Controller.Describe(“workers”)
AWS RackHDAZ GCP OneVIEWMAASKVM VMW
Cloud Ops Hardware OpsCluster Ops
![Page 94: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/94.jpg)
Configuration
Example config file (zk.conf): Group configuration = Instance + Flavor
{"Properties": {
/* raw configuration */
}}
{"groups" : {
"my_zookeeper_nodes" : {"Properties" : {
"Instance" : {"Plugin": "instance-vagrant","Properties": {
"Box": "bento/ubuntu-16.04"}
},"Flavor" : {
"Plugin": "flavor-zookeeper","Properties": {
"type": "member","IPs": ["192.168.1.200", "192.168.1.201", "192.168.1.202"]
}}
}}
}}
![Page 95: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/95.jpg)
Current Status
![Page 96: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/96.jpg)
Support more platforms
96
• Compute:
• Bare-metal: HP OneView, MAAS, RackHD
• Public cloud: AWS, GCP
• MacOS X (HyperKit); Docker containers
• Coming soon: Azure, IBM, Digital Ocean,
Packet, libvirt
• Other resource types
• AWS - vpc, subnets, gateways, etc.
![Page 97: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/97.jpg)
Improve usability
97
• Templates
• Complex scripts and configuration in any format;
no more escape quotes in JSON
• Fetch templates from remote repositories
• Playbooks
• CLI - flags, prompts — config driven and
dynamic
• Share “playbooks” from remote repositories
![Page 98: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/98.jpg)
Improve core system
98
• High Availability — Swarm Mode or etcd
• New Plugin types — Metadata and Events
• Metadata: cluster-wide sysfs and reflection
• Events - publish / subscribe
• Remote client access: infrakit -H host:port to remote cluster
![Page 99: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/99.jpg)
Road Map
![Page 100: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/100.jpg)
Use Cases
100
• Support container orchestration
• bootstrapping + day N management
• API for cluster autoscaling
• k8s, Docker Swarm Mode
• Bare-metal + GPU provisioning
• IoT — LinuxKit integration / custom kernel
deployment
![Page 101: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/101.jpg)
Improve usability
101
• Finalize API / Schema for 1.0
• Make it easy to consume
• Simplify setup - fewer daemons and binaries
• Embeddable / vendor API
• Sensible CLI for stable / experimental features
• Make it easy to extend / contribute
• metadata / instance plugins
• playbooks / reusable templates
• community CI / compatibility testing
• Documentation
![Page 102: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/102.jpg)
Improve core system
102
• Provisioning of diverse resource types
• networks / proxies / load balancers
• GPU
• Stability / performance of core controllers
• Asynchronous messaging - mqtt, natsd, amqp
• Monitoring + Health check SPI
![Page 103: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/103.jpg)
Support more platforms
103
• Direct libvirt / KVM / CUDA
• Better bare-metal / hardware ops integration
• Kernel image build pipeline — LinuxKit
Build, test, and deploy clusters from infrastructure
definitions to kernel images
![Page 104: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/104.jpg)
Get involved
https://github.com/docker/infrakit
dockercommunity.slack.com: #infrakit
![Page 106: Weave User Group Talk - DockerCon 2017 Recap](https://reader034.vdocuments.us/reader034/viewer/2022052117/5a6477947f8b9afc4d8b47ef/html5/thumbnails/106.jpg)
THANK YOU