Tuesday, November 17, 2015

DockerCon EU Day 2 Keynote "Live Blog"

This was a "Live Blog" from the keynote this morning. Took me a bit to get it somewhat cleaned up and get access out to post this.

Ben on stage:

Recap of Day 1:
- #dockercon - #2 worldwide trending item on Twitter yesterday
- Keynote (using the Power of AND as a theme)


- Lessons learned on the path to production: custom scripts rarely scale, developers do not adopt locked down platforms, end to end matters for both dev and ops, build management & orchestration enables portability
- Ben talking about “Containers as a Service” - Build (Docker Toolbox) -> Ship (Registry Service) -> Run (Control Plane)
- Call back to yesterday and four layers of solutions - talking about creating a solution as an end to end flow
- Interesting that Run is called out as a Control Plane (and references Tutum on the next slide)
- 20% of all content pulled from Docker Hub is “official images”, but what about all the others? You know you can trust an official image. Project Nautilus was brought out to address this other 80%.
- Showing output of a Project Nautilus scan on the screen. It breaks down line by line each library used in a container


Docker Automated Builds:
- Talking about Automated Builds - 60k automated builds per week, 300% growth since January 2015. Automated Builds 2.0 is a rearchitecture of the system to address time and quality issues.
- New Build System uses per-Repo Dedicated Builders (you don’t share a build queue with anybody else anymore), starting a fresh build environment every time. This increasing time of parallel builds as well as guaranteed quality of a clean environment.
- Dynamic Matching is the other feature. Static mapping used before (you had to manually tag your builds), dynamic matching allows for variable based builds and more flexibility in the system over time

Docker Tutum:
- Now talking about Run phase (using Tutum) - Tutum guys on stage
- What is Tutum? - a cloud that allows code to production rapidly
Demo Time:
Talking about code from laptop into production - SaaS demo from yesterday (voting app)
- What will happen? Modify a feature, image created via Docker Hub autobuild, Image deployed in Tutum
- Showing Tutum visualizer - shows a visual representation of the app (both dev version and production version)
- The production version is deployed across regions in AWS as well in a private datacenter (balanced across both)
- Before they make a change to the app, showing the automated build in Docker Hub connected to GitHub
- Now modifying the application, commit to git repo, push to remote repo
- Showing Docker Hub changes and dynamic changes reflected from git
- Docker Hub builds the image and redeploys the image to production in automated fashion
- Take Away: Push to git and the automated workflow takes care of everything else in the build and push
- Now - to push to production from staging, Tutum shows a visual representation of the containers being upgraded. Production is upgrading in a rolling fashion automatically. “One click upgrade to production"
- What about resiliency in production? What is we take down a datacenter in production?
- Using the Tutum interface, wipe out a datacenter, Tutm redeployed the containers in a different datacenter and scaled back up to support the load (was actually a really cool demo)

- 3DExperience Company customer story slide on the screen now
- Customer on stage - Talking about consistency between development and production, simplification of tools for dev and ops, ability to deploy on their cloud, and the scalability and increased high availability provided by moving to Docker containers. This is a sneak preview of the results they have achieved.
- Showing a video of their product called HomeByMe (online 3D modeling of home improvements and planning) fully running on the new system
- The system has gone from concept to production in less than a year

Docker Universal Control Plane:
Scott Johnston (SVP, Product) on stage now
- Asked for raised hands on DockerCon - the vast majority (probably 80-90%) are first time attendees
- Asked for show of hands of who can’t put data in the clouds or can’t put control planes in the cloudss
- Production in the Cloud? Not for everyone due to compliance and security
- quoted Adrian Cockcroft “speed is the market share"


- Developers will always find a way to go fast, it’s their job
- We want Agility and Portability WITH Control
- This starts at the app level - How doe we know which images to trust, who signed an image and when, how to automate, etc.
- To support this, Docker Content Trust ad Docker Trusted Registry are now in sync with each other
- What about the Run aspect of all of this? What about the control plane?
- ANNOUNCMENT: Docker Universal Control Plane
- This was Project Orca - Integrated Stack for application deployment
- Self-Service App Deploys & Updates, Provisioning & Config of Heterogeneous Clusters, LDAP/AD Integration with Docker Trusted Registry, Native Docker API’s and CLI, Monitoring, Logging.
- Completes the end to end aspect of Containers as a Service

DEMO of Docker Universal Control Plane
- login to Docker Trusted Registry
- sign the app with Docker Content Trust
- push the app to the registry - show the app has been signed
- Now how to push it out and deploy it
- Flip over to Docker Universal Control Plane and login
- control plane sits on top of Swarm and integrated with Native API (to use Compose, etc.)
- Use Docker Compose to run the app - The control plane gives access based on LDAP credentials
- Control Plane auto detects the new build and adds it into the control plane dashboard
- Shows how many resources are being consumed per account, ops dashboard basically
- Now scale up the app by adding more containers to the voting app (from command line)
- Now talking about secret management to control variables and info
- Showing that secrets are based on the access control groups in LDAP (production is locked down vs. dev which is wide open)
- Now redeploy of the app using the secret to use that vs. the environment variables
- Control Plane allows you to roll credentials incase they are compromised, now do a docker compose restart
- Restrart and they showed the password has been changed and rotated

Docker Trusted Registry 1.4 is GA and Docker Universal Control Plane is 1.0 Beta as of today