O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Patrick van der Bleek
Solutions Engineer NEMEA
How to containerize at speed and at scale with Docker
Enterprise Edition, m...
Internal External
LAMP Stack
Java
Linux
.NET
.NET IIS
Windows
No idea what the app
is made of
Original app authors are
no ...
Modernize Traditional Apps with Docker
Enterprise Edition to get
portability, security and efficiency of
apps without chan...
Linux Mainframe AWS Azure
Other
Public Clouds
Windows
Disparate IT Infrastructure
EnterpriseApplicationPortfolio
Tradition...
Linux Mainframe AWS Azure
Other
Public Clouds
Windows
Disparate IT Infrastructure
EnterpriseApplicationPortfolio
Tradition...
Docker EE Gives Legacy Applications Modern Capabilities
without any recoding or refactoring of the app
Efficient Portable ...
Docker EE saves time and money
Efficient
Optimize CapEx
and OpEx costs
Reduce Total IT Costs by 50%
• Consolidate infrastr...
Eliminate the outdated app runbook for a simple
Dockerfile
Before After
● VMs contain a full OS instance within each VM
● ...
Streamline configuration management
Before
100 Page Binder
● Replace the printed (often out of date) runbooks for
app depl...
Eliminate the outdated app runbook for a simple Dockerfile
Simplify app configuration management
● define app configs in D...
Improve asset management
● Centrally manage all container
images in a private registry
● Keep a record of all versions
(ta...
Improve app operations: deployments, rollback with built in
app reliability
● Copy and paste or single command to
deploy a...
Docker EE ensures hybrid cloud portability
Deploy any app anywhere
• Applications can move across
multiple infrastructures...
Containers abstract applications from infrastructure
• Eliminates the “works on my machine” problem
• Containers packages ...
Container architecture provides infrastructure agnostic
packaging and tooling
Disparate IT Infrastructure
Host OS
Docker E...
Get infrastructure flexibility and portability for legacy apps
Dev Test Prod
Developer can work in
whatever environment
th...
Reduce risk profile
• More secure environment
• Reduce surface area
• Vulnerability management
Secure
Reduce risk and
enfo...
http://blogs.gartner.com/joerg-fritsch/can-you-operationalize-docker-containers/
Reduce the attack surface area of legacy apps
• Reduce risk associated with older code
and components
• Default out of the...
Run apps on the most secure environment
• The most secure container runtime and
orchestration architecture
• Secure by def...
Make apps safer with vulnerability scanning and monitoring
• Security scanning performs binary level
scanning of applicati...
Leverage a secure and automated software supply chain
• Establish chain of trust with apps as they move across environment...
Granular access control for users, apps and nodes
• Restrict access to apps and resources
• Leverage predefined or custom ...
24
Recap: Docker Enterprise Edition Capabilities
Policy Management
Image Scanning and
Monitoring
Secure Access and
User Ma...
Getting started
https://github.com/docker/communitytools-image2docker-win
https://github.com/docker/communitytools-image2d...
How to containerize at speed and at scale with Docker Enterprise Edition, moving your existing applications to the Cloud b...
Próximos SlideShares
Carregando em…5
×

How to containerize at speed and at scale with Docker Enterprise Edition, moving your existing applications to the Cloud by Patrick van der Bleek, Solutions Engineer at Docker #OPEN18

43 visualizações

Publicada em

Containers are meant to be used for modern application architectures is a commonly heard misconception.
During this talk we'll explain how you can benefit from containerizing your existing applications to reduce infrastructure footprint, make your application more portable and manage your existing application in a cloud native way. All without changing one line of code in your application itself.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

How to containerize at speed and at scale with Docker Enterprise Edition, moving your existing applications to the Cloud by Patrick van der Bleek, Solutions Engineer at Docker #OPEN18

  1. 1. Patrick van der Bleek Solutions Engineer NEMEA How to containerize at speed and at scale with Docker Enterprise Edition, moving your existing applications to the Cloud
  2. 2. Internal External LAMP Stack Java Linux .NET .NET IIS Windows No idea what the app is made of Original app authors are no longer around When was it last updated? Don’t change it! Don’t break it Common Challenges Of A Legacy App
  3. 3. Modernize Traditional Apps with Docker Enterprise Edition to get portability, security and efficiency of apps without changing the code You have to cut into the 80% To Fuel The Innovation
  4. 4. Linux Mainframe AWS Azure Other Public Clouds Windows Disparate IT Infrastructure EnterpriseApplicationPortfolio Traditional & ISV PaaS Platforms Virtualization Public Clouds Microservices/ Cloud Native The bimodal IT myth
  5. 5. Linux Mainframe AWS Azure Other Public Clouds Windows Disparate IT Infrastructure EnterpriseApplicationPortfolio Traditional & ISV PaaS Platforms Virtualization Public Clouds Microservices/ Cloud Native Docker Enterprise Edition The only Containers-as-a-Service platform for IT that manages and secures diverse applications across disparate infrastructure, both on-premises and in the cloud Docker Enterprise Edition
  6. 6. Docker EE Gives Legacy Applications Modern Capabilities without any recoding or refactoring of the app Efficient Portable Secure Optimize CapEx and OpEx costs Infrastructure Independent Apps Reduce risk and enforce new controls Size of Infrastructure 50% Reduction Deployment Speed MTTR for Patching up to 90% Faster up to 90% Faster
  7. 7. Docker EE saves time and money Efficient Optimize CapEx and OpEx costs Reduce Total IT Costs by 50% • Consolidate infrastructure • Reduce software costs • Gain operational efficiency
  8. 8. Eliminate the outdated app runbook for a simple Dockerfile Before After ● VMs contain a full OS instance within each VM ● Containers share the kernel of a single OS instance on the physical or virtual server ● Average infrastructure consolidation is 50%
  9. 9. Streamline configuration management Before 100 Page Binder ● Replace the printed (often out of date) runbooks for app deployment and ops documentation ● Dockerfile contains all commands to assemble a Docker container ● Define instructions including: ports, volumes, environment variables, healthchecks and more After Single Text File ● Dockerfile containing all the instructions to deploy your app. ● Enables consistent deployments across multiple environments, and eliminates the problem of “snowflake infrastructure"
  10. 10. Eliminate the outdated app runbook for a simple Dockerfile Simplify app configuration management ● define app configs in Dockerfile (single container) or Compose file (multi-container) Eliminate configuration drift ● No more patching in place, deploy new ● New deployment = new container image and tag in registry ● `docker diff` command shows exactly what’s changed in the container compared to the dockerfile
  11. 11. Improve asset management ● Centrally manage all container images in a private registry ● Keep a record of all versions (tags) of images available for
  12. 12. Improve app operations: deployments, rollback with built in app reliability ● Copy and paste or single command to deploy apps and define state ● Rolling updates reduce the risk of new deployments ● Easy roll back to previous known container ● Built in health checks continually monitor containers ● Automatic rescheduling of containers in the event of a failure
  13. 13. Docker EE ensures hybrid cloud portability Deploy any app anywhere • Applications can move across multiple infrastructures • Infrastructure agnostic properties Portable Infrastructure Independent Apps
  14. 14. Containers abstract applications from infrastructure • Eliminates the “works on my machine” problem • Containers packages code and dependencies together into an isolated process • Containers standardize any workload: legacy, microservices, ISV apps (Windows and Linux) • App configurations “travel” with the app, are not built to the infrastructure • Easy app composition of simple to complex apps with security, networks, storage, env variables, ports
  15. 15. Container architecture provides infrastructure agnostic packaging and tooling Disparate IT Infrastructure Host OS Docker EE Container App A Bins/Lib Linux Mainframe AWS Azure Other Public Clouds Windows Container App B Bins/Lib Container App C Bins/Lib Container App D Bins/Lib Container App E Bins/Lib
  16. 16. Get infrastructure flexibility and portability for legacy apps Dev Test Prod Developer can work in whatever environment they're used to Application gets moved into Test/QE environment Application can then be promoted to production on any public, private, or hybrid infrastructure Security Scan Security Scan
  17. 17. Reduce risk profile • More secure environment • Reduce surface area • Vulnerability management Secure Reduce risk and enforce new controls Docker EE enhances application security
  18. 18. http://blogs.gartner.com/joerg-fritsch/can-you-operationalize-docker-containers/
  19. 19. Reduce the attack surface area of legacy apps • Reduce risk associated with older code and components • Default out of the box settings provide greater security • Configurable settings allow admins to further isolate the app • Eliminate all unnecessary syscalls, process, and access to host resources pid namespace mnt namespace net namespace uts namespace user namespace pivot_root uid/gid drop cap drop all cgroups selinux apparmor seccomp 1. Out of the box default settings and profiles 2. Granular controls to customize settings
  20. 20. Run apps on the most secure environment • The most secure container runtime and orchestration architecture • Secure by default with out of the box configurations • Cryptographic node identity • Automatic mutual TLS across all nodes within the Docker cluster • Transparent and automatic cert rotation • External CA integration • Optionally encrypt container to container traffic Certificate Authority TLS Certificate Authority TLS Certificate Authority TLS TLS TLSTLS
  21. 21. Make apps safer with vulnerability scanning and monitoring • Security scanning performs binary level scanning of application • Detailed BOM provides security profile of application packages • Make informed decisions before deployment • BOM is maintained and continuously monitored against leading CVE databases
  22. 22. Leverage a secure and automated software supply chain • Establish chain of trust with apps as they move across environments • Digitally sign containers and only run verified containers • Freshness guarantee ensures no tampering and latest container is running • Automate workflow with immutable repos and automated image promotion
  23. 23. Granular access control for users, apps and nodes • Restrict access to apps and resources • Leverage predefined or custom roles available to manage access and permissions • Create logical or physical isolation between apps and teams
  24. 24. 24 Recap: Docker Enterprise Edition Capabilities Policy Management Image Scanning and Monitoring Secure Access and User Management Content Trust and Verification Application and Cluster Management Image Management Security Distributed State Network Container Runtime Volumes Orchestration Application Composition, Deployment and Reliability Certified Containers Certified Plugins Certified Infrastructure Enterprise Edition Optimized Container Engine Integrated App and Cluster Management Certification and Support
  25. 25. Getting started https://github.com/docker/communitytools-image2docker-win https://github.com/docker/communitytools-image2docker-linux

×