This document discusses solutions for operating and managing containers at scale in an enterprise environment. It describes Docker EE, Windows Containers, Pivotal Container Service, Project Kubo, and Harbor - an open source container registry. Project Kubo allows instantiating and managing highly available Kubernetes clusters on any cloud. Pivotal Container Service provisions managed Kubernetes clusters for application teams. Harbor provides an on-premise registry with features including role-based access control, image scanning, and integration with LDAP/AD.
1. CC BY NC-SA 4.0
Enterprise Technologies
saifi@acm.org
2. CC BY NC-SA 4.0
Containers in the Enterprise
Problem Statement
how to operate and manage
an environment in which
containers can
run securely at scale.
“
“
3. CC BY NC-SA 4.0
Solution Offerings
● Docker EE
● Windows Containers
● Pivotal Container Service
14. CC BY NC-SA 4.0
Project Kubo
● A Uniform Way to
– Instantiate
– Deploy, and
– Manage Highly Available K8s clusters
– On any cloud.
● https://pivotal.io/partners/kubo
● OSS project
15. CC BY NC-SA 4.0
Pivotal Container Service
● a platform that allows application teams to
– self-serve provision Kubernetes clusters that
are fully managed on their behalf,
– focus on the workloads rather than the
substrate needed to run those workloads.
18. CC BY NC-SA 4.0
By vmware
https://github.com/vmware/harbor
19. CC BY NC-SA 4.0
● Role based access control: Users and
repositories are organized via 'projects' and a
user can have different permission for images
under a project.
● Policy based image replication: Images can
be replicated (synchronized) between multiple
registry instances, with auto-retry on errors.
Great for load balancing, high availability, multi-
datacenter, hybrid and multi-cloud scenarios.
● Vulnerability Scanning: Harbor scans images
regularly and warns users of vulnerabilities.
20. CC BY NC-SA 4.0
● LDAP/AD support: Harbor integrates with
existing enterprise LDAP/AD for user
authentication and management.
● Image deletion & garbage collection: Images
can be deleted and their space can be
recycled.
● Notary: Image authenticity can be ensured.
21. CC BY NC-SA 4.0
● Graphical user portal: User can easily
browse, search repositories and manage
projects.
● Auditing: All the operations to the repositories
are tracked.
● RESTful API: RESTful APIs for most
administrative operations, easy to integrate with
external systems.
● Easy deployment: Provide both an online and
offline installer.
●
23. CC BY NC-SA 4.0
● The copyright for the
images belongs to the
respective creator /
websites
● The content
aggregated is purely
for educational
purpose
● Only URL links to
public git repo for
projects mentioned
Acknowledgements
● Demo
● Q & A