agenda

The DockerCon Agenda Builder is live so you can start planning away! Check out the schedule, filter based on your interests, experience, job role, and, for those with a DockerCon Account, get recommendations based on your profile and marked interests.

Build Your Agenda

Agenda

Docker for Devs

John Zaccone, IBM

In this talk John Zaccone will present tips and best practices for developing dockerized applications. We will start with the simple question: "Why Docker?" Then we will dive into practical knowledge for developers to apply on their own. John will cover best practices concerning Dockerfiles and the best tools to use for developing. We will also talk about the "hand-off" between developer and operations and how the two roles can work together to address broad issues such as CI/CD and security. After John's talk, stay tuned for Scott Coulton's talk that will dive deeper into Docker for Ops.

Docker for Ops

Scott Coulton, Puppet

In this talk, Scott Coulton will take you through Docker's cluster solution Swarm mode with his operations hat on. We will start from the beginning by describing what swarm mode is, what it does, and how it works behind the scenes. From there, we will look at very basic configurations of Swarm mode from the point of view of the operations team as well as a production-ready workflow including deployments of the cluster, logging and CD best practices. Attendees will be able to apply their learnings to their use cases.

Creating Effective Images

Abby Fuller, AWS

Sick of getting paged at 2am and wondering ""where did all my disk space go?"" This has actually happened to me, and you can learn from my mistakes! New Docker users often start with a stock image in order to get up and running quickly, but that isn't always the right answer. Creating efficient images is overlooked, but important. Beyond saving resources, using minimal images also delivers important security benefits: include only what you need, and not a whole runtime that might have security vulnerabilities.

In this session, I'll talk about how to create effective images, and lessons I've learned from running containers in production at a number of startups. I'll also cover topics like ""how do layers work?"", and some things you should think about when creating your images, such as; choosing or creating the right base image; ordering your statements correctly for caching; using RUN statements conservatively; and cleaning up as you install dependencies. I'll also address best practices; both at a high level (like using dual container builds - one to build an artifact, and one to build from base); and some language-specific best practices, for example, tips and tricks for creating containers for Node.js vs Go

Docker for Java Developers

Arun Gupta, Couchbase | Fabiane Nardon, Tail Target |

Docker provides PODA (Package Once Deploy Anywhere) and complements WORA (Write Once Run Anywhere) provided by Java. It also helps you reduce the impedance mismatch between dev, test, and production environment and simplifies Java application deployment. In this talk, Arun Gupta, Java Champion and Docker Captain and Fabiane Nardon, Java Champion, will explain how to run and package your Java application with Docker including sharing your Java application using Docker Hub. In addition, they will cover:

  • Deploy your Java application using Maven
  • Deploy your application using Docker for AWS
  • Scaling Java services with Docker Engine swarm mode
  • Package your multi-container application and use service discovery
  • Monitor your Docker + Java applications
  • Build a deployment pipeline using common tools

Docker for .NET Developers

Michele Bustamante, Solliance

Millions of developers use .NET to build high-performance apps, from Enterprise to hobbiests. Docker enables .NET developers to build containerized applications that can be deployed natively to Windows or Linux. Windows containers support applications that leverage the full .NET Framework. And with AspNetCore on Linux developers can target both Linux-based Docker containers or Windows containers. In both cases you can develop your applications on Windows using your favorite .NET developer tools - then build Docker images and run them as containers on Windows Server or Linux machines.

In this session, you will learn how to build or migrate full .NET Framework applications and deploy them as Windows Containers. Then you will learn to build AspNetCore applications that can target either Windows or Linux containers, without any changes to your code.

Journey to Docker Production: Evolving Your Infrastructure and Processes

Bret Fisher, Independent Cloud Sysadmin and DevOps Engineer

DevOps in the Real World is far from perfect, and we're all somewhere on the path to one-day writing that "Amazing-Hacker-News-Post about your chat-bot fully-automated micro-service infrastructure." But until then, how can you *really* start using containers today, in meaningful ways that impact yours and your customer's productivity? This session is designed for practitioners who are looking for ways to get started now with Docker and Swarm in production. No Docker 101 here, this is for helping you be successful on your way to Dockerizing your production systems. Attendees will get tactics, example configs, real working infrastructure designs, and see the (sometimes messy) internals of Docker in production today.

Troubleshooting Tips from a Docker Support Engineer

Jeff Anderson, Docker

Docker makes everything easier. But even with the easiest platforms, sometimes you run into problems. In this session, you'll learn first hand from someone whose job is helping customers fix these problems. Using Docker and Docker Data Center, you can keep your apps running smoothly with minimal downtime.

In this session, you'll learn:

  • How to apply your troubleshooting skills in the Docker ecosystem
  • Identification and characterization of the problem
  • Command line tools to inspect networking and namespaces
  • Applying these skills to your workloads on OSS Docker and on DDC

Escape From Your VMs with Image2Docker

Elton Stoneman, Docker | Jeff Nickoloff, All in Geek Consulting

Migrating apps out of Virtual Machines is difficult, especially distributed apps with multiple components, and even more so when the components run on different operating systems. But with the Docker platform and the Image2Docker tools - which extract Linux and Windows apps from existing VMs into containers - it's easy.

In this session, we'll take a PHP front-end application running in a Linux VM, which connects to a .NET Web Service running in a Windows VM, and convert the whole stack to Docker automatically. Then we'll run the app on a hybrid Docker Datacenter cluster, where we can manage the Windows and Linux components from a single pane of glass.

Building a Secure App with Docker

Ying Li, David Lawrence, Docker | Docker

Built-in security is one of the most important features in Docker. But to build a secure app, you have to understand how to take advantage of these features. Security begins with the platform, but also requires conscious secure design at all stages of app development. In this session, we'll cover the latest features in Docker security, and how you can leverage them. You'll learn how to add them to your existing development pipeline, as well as how you can and streamline your workflow while making it more secure.

What's New in Docker

Victor Vieux, Docker

It’s the first breakout after the keynote and you need to know more about all the latest and greatest Docker announcements. We've got you covered! In this session, Victor Vieux will go deeper, looking into what's new with Docker, demoing the latest features and answering your questions.

Under the Hood with Docker Swarm Mode

Drew Erny, Nishant Totla, Docker

Join SwarmKit maintainers Drew and Nishant as they showcase features that have made Swarm Mode even more powerful, without compromising the operational simplicity it was designed with. They will discuss the implementation of new features that streamline deployments, increase security, and reduce downtime. These substantial additions to Swarm Mode are completely transparent and straightforward to use, and users may not realize they're already benefiting from these improvements under the hood.

Docker Networking: From Application-Plane to Data-Plane

Madhu Venugopal, Docker

Docker containers wrap a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries – anything that can be installed on a server. This guarantees that the software will always run the same, regardless of its environment. By default, containers isolate applications from one another and the underlying infrastructure, while providing an added layer of protection for the application.

What if the applications need to communicate with each other, the host, or an external network? How do you design a network to allow for proper connectivity while maintaining application portability, service discovery, load balancing, security, performance, and scalability? In this session, you'll learn about these network design challenges, the latest tools available to you from Docker, and common deployment patterns

Infinit's Next Generation Key-value Store

Julien Quintard, Quentin Hocquet, Docker | Docker

Key-value store projects have been widely adopted as a way to store metadata, but also as a low-level construct on top of which can be built more advanced storage solutions from file systems, object storage APIs and more. Unfortunately, most key-value store constructs suffer the same limitations when it comes to scalability, performance, and resilience. Infinit's key-value store takes a different approach, relying on a decentralized architecture rather than a master/slave model while offering strong consistency.

Secure Substrate: Least Privilege Container Deployment

Diogo Mónica, Riyaz Faizullabhoy, Docker

The popularity of containers has driven the need for distributed systems that can provide a substrate for container deployments. These systems need the ability to provision and manage resources, place workloads, and adapt in the presence of failures. In particular, container orchestrators make it easy for anyone to manage their container workloads using their cloud-based or on-premise infrastructure. Unfortunately, most of these systems have not been architected with security in mind.Compromise of a less-privileged node can allow an attacker to escalate privileges to either gain control of the whole system, or to access resources it shouldn't have access to. In this talk, we will go over how Docker has been working to build secure blocks that allow you to run a least privilege infrastructure - where any participant of the system only has access to the resources that are strictly necessary for its legitimate purpose. No more, no less.

Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise

Vivek Saraswat, Daniel Hiltgen, Docker | Patrick Devine, Docker | Docker

Learn from the development team as we dive into some of the latest and upcoming features in Docker EE, our enterprise container management solution. We will focus on the architecture and configuration of the features and how they can be used with both modern apps and containerized legacy apps. Stay for some tips on monitoring and troubleshooting to help you prevent your production environment from going sideways.

Plug-ins: Building, Shipping, Storing, and Running

Nandhini Santhanam, Tibor Vass, Docker | Docker

At Docker, we are striving to enable the extensibility of Docker via "Plugins" and make them available for developers and enterprises alike. Come attend this talk to understand what it takes to build, ship, store and run plugins. We will deep dive into plugin lifecycle management on a single engine and across a swarm cluster. We will also demonstrate how you can integrate plugins from other enterprises or developers into your ecosystem. There will be fun demos accompanying this talk!

This will be session will be beneficial to you if you:

  • Are an ops team member trying to integrate Docker with your favorite storage or network vendor
  • Are Interested in extending or customizing Docker; or
  • Want to become a Docker partner, and want to make the technology integration seamless.

Automation and Collaboration Across Multiple Swarms Using Docker Cloud

Fernando Mayo, Marcus Martins, Docker | Docker

Discover how Docker Cloud can help you and your team easily deploy and manage multiple Swarms across different Cloud providers in a secure and platform agnostic way. We will cover how we provide a secure authentication framework for Swarms backed by Docker Cloud and how that enables seamless collaboration across your team.

Docker Store: The New Destination for Enterprise Software

Alfred Landrum, Lily Guo, Docker | Docker

Docker Store is the place to find trusted community and enterprise content. Independent software vendors, startups and developers alike now have a marketplace to create and distribute Enterprise-ready content through the Store. Join Chinmayee and Alfred from the Docker Store team to learn how ISVs, big and small, are using Docker Store. They will cover:

  • How to publish and distribute high quality, reusable containers and plugins; and
  • How Enterprise customers can simplify procurement and management of their software assets using Docker Store.

Cilium: Network and Application Security with BPF and XDP

Thomas Graf, Cilium Project

This talk will start with a deep dive and hands on examples of BPF, possibly the most promising low level technology to address challenges in application and network security, tracing, and visibility. We will discuss how BPF evolved from a simple bytecode language to filter raw sockets for tcpdump to the a JITable virtual machine capable of universally extending and instrumenting both the Linux kernel and user space applications. The introduction is followed by a concrete example of how the Cilium open source project applies BPF to solve networking, security, and load balancing for highly distributed applications. We will discuss and demonstrate how Cilium with the help of BPF can be combined with distributed system orchestration such as Docker to simplify security, operations, and troubleshooting of distributed applications.

Moby's Secret Session

What is this session about? Only Moby knows!

Everything You Thought You Already Knew About Orchestration

Laura Frank, Codeship

Do you understand how quorum, consensus, leader election, and different scheduling algorithms can impact your running application? Could you explain these concepts to the rest of your team? Come learn about the algorithms that power all modern container orchestration platforms, and walk away with actionable steps to keep your highly available services highly available.

What Have Namespaces Done For You Lately?

Liz Rice, Microscaling Systems

Containers are made with namespacing and cgroups, but what does that really mean? In this talk we'll write a container from scratch in Go, using bare system calls, and explore how the different namespaces affect the container's view of the world and the resources it has access to.

Monitoring, the Prometheus Way

Julius Volz, Prometheus

Prometheus is an opinionated metrics collection and monitoring system that is particularly well suited to accommodate modern workloads like containers and micro-services. To achieve these goals, it radically breaks away from existing systems and follows very different design principles. In this talk, Prometheus founder Julius Volz will explain these design principles and how they apply to dockerized applications. This will provide insight useful to newcomers wanting to start on the right foot in the land of container monitoring, but also to veterans wanting to quickly map their existing knowledge to Prometheus concepts. In particular, a demo will show Prometheus in action together with a Docker Swarm cluster.

Securing Containers, One Patch at a Time

Michael Crosby, Docker

Responsible disclosure is a key ingredient of any solid security strategy. In this session, Docker maintainer Michael Crosby will explain the ins and outs of CVE-2016-9962: how it was discovered, how it could even happen in the first place, and how it was addressed. A vertiginous abseil at the boundaries of the kernel, in the fascinating land of system calls and randomized address space. You will think twice before leaking a file descriptor again.

Container Performance Analysis

Brendan Gregg, Netflix

Containers pose interesting challenges for performance monitoring and analysis, requiring new analysis methodologies and tooling. Resource-oriented analysis, as is common with systems performance tools and GUIs, must now account for both hardware limits and soft limits, as implemented using resource controls including cgroups. The interaction between containers can also be examined, and noisy neighbors either identified of exonerated. Performance tooling can also need special usage or workarounds to function properly from within a container or on the host, to deal with different privilege levels and name spaces. At Netflix, we're using containers for some microservices, and care very much about analyzing and tuning our containers to be as fast and efficient as possible. This talk will show how to successfully analyze performance in a Docker container environment, and navigate differences encountered.

Securing the Software Supply Chain with TUF and Docker

Justin Cappos, New York University

If you want to compromise millions of machines and users, software distribution and software updates are an excellent attack vector. Using public cryptography to sign your packages is a good starting point, but as we will see, it still leaves you open to a variety of attacks. This is why we designed TUF, a secure software update framework. TUF helps to handle key revocation securely, limits the impact a man-in-the-middle attacker may have, and reduces the impact of repository compromise. We will discuss TUF's protections and integration into Docker's Notary software, and demonstrate new techniques that could be added to verify other parts of the software supply chain, including the development, build, and quality assurance processes.

Deep Dive in Docker Overlay Networks

Laurent Bernaille, D2SI |

The Docker network overlay driver relies on several technologies: network namespaces, VXLAN, Netlink and a distributed key-value store. This talk will present each of these mechanisms one by one along with their userland tools and show hands-on how they interact together when setting up an overlay to connect containers.

The talk will continue with a demo showing how to build your own simple overlay using these technologies.

Beyond Chicken Nuggets: 1 Year and 1,000+ Containers Later at ADP

Jim Ford, ADP |

Ice Cream cones and Chicken Nuggets, help us visualize the break up of the monolith. The challenge becomes about how far do we need to go…. Don’t be fooled by the 12 factor crowd or the cloud nativists, there are benefits for cloud immigrants. This session discusses container adoption in an established enterprise with legacy code and unique challenges from paying clients. It presents an overview of the progress to date, the idealized automation pipeline and the desired end state.

Activision's Skypilot: Delivering Amazing Game Experiences Through Containerized Pipelines

Thomas Shaw, Activision

Technologies that are going to affect our lives in the next decade are being tested and developed in the video game sphere. In January 2016 Activision approved a pilot project to build a containerised continuous delivery pipeline using Docker. This project spanned multiple devops teams and would culminate in launching a production title "Skylanders Imaginators" in October 2016.

Our mission is to deliver an amazing build, test and deploy pipeline that aims to be so reliable, effective and easy to use that our product and title departments will end up writing high value gaming services all day long without giving a second thought to how they may reliably deliver these in record time.

This talk will discuss the cultural and technical challenges faced throughout the pilot. Spoiler alert: Not everyone was happy with the decision to use Docker. The talk will cover the concerns and how we handled them. It will cover why it is important, especially in the games industry, to be evaluating and integrating technologies like Docker in order to remain relevant.

Cool Genes: The Search for a Cure Using Genomics, Big Data, and Docker

James Lowey, TGEN

The Translational Genomics Research Institute (TGen) is a non-profit organization dedicated to using genomic and other -omic generated information to provide a greater understanding of the underlying biological defects that cause diseases and disorders.

The bioinformatics industry is undergoing a sea change, driven by advances in biological research and gains in computational power that accelerates the ability to find treatments and cures. While inexpensive compute infrastructure made this work possible, managing those enormous workloads was a massive headache, until science found a cure: Docker!

This talk will describe how TGen uses Docker and the Docker storage plugins API to run a large-scale, big data compute cluster to push the limits of biological science.

The Tale of Two Deployments: Greenfield and Monolith Apps with Docker Enterprise Edition at Cornell University

Shawn Bower, Brett Haranin, Cornell University

Docker use at Cornell University has been increasing steadily over the last 3 years in our central departments and various colleges - particularly as we move more workloads to the cloud. In this talk, we’ll give an overview of our Docker use cases across campus, featuring in detail two specific projects that highlight the versatility of this technology: Containerizing our central financial system (a traditional monolithic system); and building new researcher-focused financial tools natively in Docker (a microservice architecture built with the cloud in mind). We’ll discuss the design and implementation of both projects in detail. We’ll also describe how Docker has enabled us to develop consistent DevOps and CI practices spanning these two very different architectures.

Taking Docker From Local To Production at Intuit

JanJaap Lahpor, Intuit | Harish Jayakumar, Docker |

In this talk we will share how a small team at Intuit moved Docker from local to production serving real and critical workloads. We will share how we addressed the organization challenges of running Docker at large enterprises by building a business case for a pilot project to prove the value of containers and its real world application. Next, we will share how we solved the technical challenges that present themselves when taking Docker from local to production in a corporate data center. We will share the blueprint for the business case and the associated pilot which laser focused on running stateless back-end services throughout the entire SDLC. Finally, we will highlight our crawl-walk-run approach that allowed us to make inexpensive mistakes before investing in the right areas as our Docker knowledge increased. We will share the major technical issues we encountered, how we overcame them and the lessons we learned.

Docker 0 to 60 in 5 Months: How a Traditional Fortune 40 Company Turns on a Dime

Tim Tyler, MetLife

Docker and microservices allowed our development teams to create what once was inconceivable; a unified front-end application for our customers, employees and agents connecting them to over 400 legacy back-end systems of record.  On the engineering side, our challenge was identifying the right infrastructure approach to deliver this new solution on a global scale. In our exploration of solutions; we threw out the book on our traditional design approach and brought our first Docker environment and Microservice app to production in 5 months from start to finish. This talk discusses some of the key changes we made to ensure our success, from tossing out waterfall, to quickly establishing design standards, and finally rallying around test driven engineering. We had successes and obstacles to overcome along the way, and want to share a few of them.

Back to the Future: Containerize Legacy Applications

Brandon Royal, Docker | Rob Tanner, Northern Trust | Rohit Tatachar, Microsoft IT | Docker

People typically think of Docker for microservices and try to make the smallest container they can. There are tremendous benefits to a microservices model but those are not the only apps that qualify for containers. Traditional, homegrown, monolithic apps are also great candidates for Docker - why? By containerizing these apps, many of the same agility, portability, security and cost savings benefits can be applied to the hundreds (if not thousands) of apps in your datacenters. But where to begin? Attend this session to learn how to approach modernizing traditional apps (MTA), considerations, the available tools and possibilities.

Docker Networking in Production at Visa

Sasi Kannappan, Visa | Mark Church, Docker |

Docker has developed a new way of delivering applications, and with that, containers have also changed some aspects of how we approach networking. Visa will detail how they use Docker networking to connect applications in a dynamic environment by using Swarm overlays, service discovery, and load balancing. By switching to overlay networking they will show that they were able to reduce complexity and increase performance. By the end of the talk, you'll learn about the different Docker networking drivers and how you can use Docker networking to architect dynamic and resilient networks.

Global Operations with Docker for the Enterprise

Nico Kabar, Docker |

Enterprises often have hundreds or even thousands of applications spread across thousands of development teams, business units and geographies. This presents challenges to IT teams as they architect an environment to run Docker apps on globally distributed hybrid cloud infrastructure, developed by distributed dev teams and consumed by customers around the world. Docker Datacenter provides the technology and framework to implement a global software supply chain. This session will dig into the design considerations, tools and best practices to address this type of environment with Docker Datacenter. And there will be data! Results from various performance tests will be presented in conjunction with recommendations for HA configurations, content cache use cases for faster developer workflow and scheduling strategies for improving application resilience.

Configuration Management and Transforming Legacy Applications in the Enterprise: Société Générale's Story

Cedric Coroir, Société Générale | Gilles Philippart, Société Générale | Lee Namba, Docker |

Share the continuity of Societe Generale's journey with Docker Enterprise from different points of view, from executives to devops, with CD platform as an enabler. Creating a Dockerfile that runs a container on a developer's laptop is pretty straightforward. But extending that to stacks of containers running on a dozen environments (development, integration, testing, staging, production, etc.) with different configuration and topologies can be a challenge. This talk will cover aspects of our journey to Docker Enterprise:

  • What configuration should go in an image?
  • Where to put different types of configuration? Images, environment variables, entrypoint, ...?
  • How to store assets for building images and configuration for deployment in version control.

We will discuss how Societe Generale has implemented these, and what we plan next for Docker Enterprise deployment.

Beyond \ - the path to Windows and Linux parity in Docker

Taylor Brown, Microsoft | Dinesh Govindasamy, Microsoft

Bringing Docker to Windows has been an awesome project - while at times challenging or frustrating the overwhelming majority of the times it's just been fun. This talk will focus on the work it took to bring Windows and Docker together, some of the areas where gaps remain between the Windows and Linux platform (specific to Docker) and the roadmap towards convergence.  We will discuss some of the tradeoffs and choices we made as well as some of the lessons we took from the Linux ecosystem and how we applied them as we built out Windows support.

Docker?!?! But I'm a SysAdmin

Mike Coleman, Docker

Your developers just walked into your cube and said "here's the new app, I built it with Docker, and it's ready to go live". What do you do next? In this session we'll talk about what containers are and what they are not. And we'll step through a series of considerations that need to be examined when deploying containerized workloads - VMs or Container? Bare Metal or Cloud? What about capacity planning? Security? Disaster Recovery? How do I even get started?

Leveraging the Power of containerd Events

Evan Hazlett, Docker

containerd provides the low-level functionality that enables the Docker Engine to run containers. containerd events provide a simple, yet powerful mechanism to integrate with virtually any other system with minimal effort. This talk will cover what containerd events are and how to use them for integration with systems ranging from monitoring and logging to container networking using CNI (Container Network Interface) plugins.

Open Container Initiative: Container Standards

Chris Aniszczyk, Cloud Native Computing Foundation | Rob Dolin, Microsoft | Aleksa Sarai, Suse | Michael Crosby, Docker |

With the proliferation and rapid growth of container-based solutions over the past few years-- including container-based solutions from almost all major IT vendors, cloud providers and emerging start-ups-- the industry needed a standard on which to support container formats and runtime. Enter the Open Container Initiative (OCI), established to help promote a set of common, minimal open standards and specifications around container formats and runtime. OCI is working towards v1.0 of its runtime and image format specifications, to be followed by the launch of a certification program. Hear from OCI technical experts on how these new specs can be implemented in various container environments, the importance of industry standards and how the OCI is addressing those needs, and how integration and open development of these specifications furthers innovation and benefits the industry as a whole.

You Don't Have to Start Over! A Practical Guide for Adopting Docker in the Enterprise.

Chris Ciborowski, Nebulaworks |

So you are looking to adopt docker, but receive feedback and commentary such as "our development pipeline won't support containers" or "the applications aren't micro services, so I don't see a benefit." You are not alone, these and other statements are common misconceptions when considering using docker in the enterprise. Perhaps having a real enterprise use case with some tips on objection handling would support your goal of adopting docker in your organization? In this presentation, Chris Ciborowski, CEO and Principal Consultant at Nebulaworks and Docker Captain will discuss ways that you can leverage docker in existing enterprise environments providing tangible benefits to both developers and operations teams and accelerate DevOps adoption. He will also provide a few insider tips on objection handling learned while working on enterprise container adoption in enterprise clients.

Industry Q & A: Media & Analyst Perspective on Docker

Sean Michael Kerner, eweek/internetnews | Charlotte Dunlap, GlobalData Technology | Donnie Berkholz, 451 Research | Serdar Yegulalp, InfoWorld |

Bring your questions and join a panel of top media and analysts covering containers for what is expected to be a truly informative and interesting perspective on Docker, the container ecosystem, and best (and worst) practices when talking containers. You will hear about the present and future of Docker from the perspective of those who have seen many a technology wave, and have heard from hundreds of companies building on, with, or for Docker. The session will also talk about the evolving community, the role of open source, container standards, and what we should prepare for in 2017.

FROM Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm

Christy Perez, IBM | Chris Jones, IBM

We live in a multi-platform world, and who doesn't want their project to run on all of them? The last few DockerCon events have covered the introduction of multi-platform image capabilities into the Docker registry and engine releases. Now it's time to put these features to good use building applications across architectures and running them all in a heterogeneous Docker Swarm!

In this talk we'll cover the new `docker manifest` command for making multi-architecture images; how to emulate architectures in docker containers on your own machine; and give a live demonstration of these capabilities with a Docker Swarm consisting of workers of different CPU architectures, including armhf, ppc64le, s390x, and x86_64. We'll also share some pointers for making sure your project is mulit-platform ready!

The Future is Cloud Native: How Projects Like Kubernetes, containerd, Prometheus, OpenTracing, and gRPC Will Help Shape Modern Infrastructure

Chris Aniszczyk, Cloud Native Computing Foundation | Jayant Kolhe, gRPC | Julius Volz, Prometheus | Ben Sigelman, LightStep | Aparna Sinha, Google |

Many of today’s software-defined organizations, like Ticketmaster, ShowMax and VSCO, look to cloud native projects for crucial management and maintenance within their ever-changing infrastructures. For the 2017 DockerCon audience, Chris Aniszczyk, COO of the Cloud Native Computing Foundation, will moderate an introspective panel – featuring cloud native insiders like Ben Sigelman, lead author of OpenTracing; Jayant Kolhe, engineering director on gRPC; Aparna Sinha, product lead for Kubernetes; and Fabian Reinartz, core Prometheus developer – to discuss how these thriving open source projects will help shape modern infrastructure. This expert panel will also address what it takes to develop meaningful cloud native systems, how these technologies fit into the overall stack, how to foster committed maintainers for emerging cloud native projects, and much more.

Containers aren’t just for Microservices: Migrating Legacy Workloads to Docker

Oscar Renalias, Accenture

There is a growing demand to leverage containers not only as a platform to run microservices and greenfield applications, but also to run legacy workloads and have them participate in some of the benefits provided by container platforms. In this session, we will openly discuss Accenture’s real-world experience with legacy workload migration to containers and Docker Datacenter, where we succeeded, and where the container ecosystem still has room to improve.

Evolution for Container Orchestration in Alibaba Cloud

Yi Li, Alibaba

Container orchestration is critical for cloud native applications. In this session, we will introduce the patterns and practice to extend the Docker swarm mode for better support for workloads in cloud. E.g. building distributed machine-learning infrastructure on top of GPU-Accelerated clusters with Docker to streamline the continuous learning; provide diverse delivery model enhancement (i.e. blue-green deployment etc.) to allow users to treat elastic web application delivery more controllable and repeatable. And all of them are supported in declarative way by Docker Compose template

Containerized Continuous Delivery with Bitbucket Pipelines

Matt Ryall, Atlassian

Teams today struggle with the overhead of maintaining complex build and release systems. Atlassian Bitbucket recently introduced Pipelines to solve this problem, bringing the benefits of Docker containers to teams working in the cloud with a brand new CI/CD tool. Matt will explain how Docker containers in Bitbucket Pipelines enable a faster build/test feedback loop for thousands of teams, and show how newly released Docker support can accelerate microservices development and enable great DevOps practices for you.

Containerized Microservices on AWS – A How To

Abby Fuller, AWS

So what exactly is needed to get containerized microservices to run in production at scale?

In this talk, we will briefly explore the concepts behind microservices and Amazon EC2 Container Service (ECS) can be used to simplify the deployment and management of microservices. We will dive deep into some of the challenges of running microservices, such as load balancing, service discovery, and secrets management, and we’ll see how Amazon ECS can help address them. We will also demo how you can easily deploy complex microservices applications using Amazon ECS.

Winter is Coming for Microservice Complexity

Mark Emeis, Yipee.io | Ankur Agarwal, Qubeship.io | Nishant Kabra, CA Technologies

Let’s face it, developers encounter about as much adversity throughout the development lifecycle as the Stark’s of Winterfell do in Game of Thrones.

Finding the right solutions for microservice applications is a painful process. Modeling is time consuming, error prone, and specific to a single orchestration environment. Continuously deploying containerized apps brings its own set of challenges, as industry-standard best practice templates do not exist. And once deployed, ensuring exceptional end user experience becomes critical – services don’t live in a vacuum and abnormal phenomenon make understanding, triaging and guarding against issues, very difficult.

What if…
- Intelligent modeling lowered the barriers to microservice application success?
- Out-of-the-box opinioned CI/CD workflows produced higher quality apps, faster?
- Analytics-driven monitoring predicted and triaged issues before they impacted users?

During this session we will demo how CA is uniquely solving these issues, so that you can easily build, test, deploy and monitor containerized applications at scale.

What do you say to microservice complexity? “Not today!”

Networking for your Docker Applications – from Dev/Test to Production

Pradeep Padala , Cisco | Rohit Agarwalla, Cisco

Docker gives you an isolated environment to run your applications, but most likely your apps would need to communicate to other apps, or components running across different containers, hosts, or even datacenters. Your apps may also need to connect to VMs or bare-metal deployments. You need a consistent and unified networking fabric for comprehensive addressability and connectivity. In this session, you will learn about Contiv , 100% open source container networking fabric, and a series of practical solutions to express application intent that matches with operational policies to ensure your application requirements are met. Accelerating DevOps practices, Contiv enables operations teams to create and manage group based policies such as micro-segmentation, traffic isolation, bandwidth prioritization etc. and developers to seamlessly apply those policies to the applications.

Enterprise-class Container-native load balancing

Chiradeep Vittal, Citrix

How do you add the secure and high performance load balancing that you trust and love to your container cluster - with the lightning speed and agility of containers? We will explore how an application built on container clusters can gain from a container-native load balancer like Citrix NetScaler CPX.

Building Microservices with gRPC

Abhishek Kumar, Google

-gRPC is a general RPC framework focused on performance and interoperability across a wide range of programming environments. gRPC was initially developed at Google as a successor to an internal RPC platform called Stubby — a general application platform at the heart of many Google products and services. gRPC seeks not only to replicate the success of Stubby, but improve upon it, in the open, around modern standards such as HTTP/2 and proven technologies such as Protocol Buffers.

In this session we will demonstrate, through a series of live demos and code walkthroughs, how to design, build, and deploy a collection of microservices using gRPC from the ground up. Key gRPC concepts will be covered including authenticating gRPC services and clients, service discovery, monitoring, and troubleshooting.

After attending this session attendees will understand:

How to use modern authentication flows to authenticate gRPC clients and servers
How to effectively leverage common service discovery backends to register and locate gRPC services
How to define messages and gRPC services using the Protocol Buffers 3 IDL and generate Go service stubs using the go-grpc plugin
How to generate client libraries for non-Go languages for increased interoperability
How to deploy gRPC services using containers and clusters manager management tools such as Kubernetes

Getting containers into production: best practices from CoreOS

Euan Kemp, CoreOS

Moving to container infrastructure is complex, involving developing technologies over multiple components. It can be tricky to get everything right for each component of your stack, and for your own security, it’s important that you do. In this session, we will walk through some best practices that will ease your deployment of containers into production. Notably:

Reduce/eliminate technical debt associated with moving to production
The OS matters: Container Linux
The role of a registry in the container supply chain
Deploying a distributed app using orchestration in any environment
Portability and a hybrid deployment environment

Monitoring the Docker Developer Lifecycle

Matt Williams, Datadog

Docker is an incredible platform for the application developer. But getting visibility into the intricacies of what you are building can be a challenge. You need to understand the performance of not only your code but the infrastructure your application relies on. In this session, you will see how you can start monitoring all of the components to give you a fuller picture of the entire system. We will start by monitoring the database and server. Then we instrument the code so we can understand the bottlenecks. From there we optimize the code before deployment and continue to monitor while in production. You will see how easy it can be all in this 20 minute session.

Making Application Monitoring a Cloud Native Platform Feature

Alois Mayr, Dynatrace

With the transformation towards Cloud Native platforms, we are seeing a paradigm shift in how self-sufficient teams develop and deploy applications. Microservice teams leverage built-in platform features to run, scale, rollback and upgrade their app deployments. Monitoring helps them to understand if their apps are performing properly and interacting correctly with other apps in production. But how do they know if poor cluster performance impacts application health, and how the overall performance of all apps deployed to a cluster look? In this session, Alois Mayr will explore how monitoring can be made a platform feature to help application teams monitor and maintain application and cluster health. Alois will explain why automatic discovery of dependencies across cluster nodes, containers and services is critical to pinpoint the root cause of degraded application response times and failure rates.

Docker Changes Lives – Enterprise Use Case of How Docker Helps to Accelerate Genomics Research and More

David Ferdandez, HPE | Peyton McNully, Hudson Alpha

Apps do a million things, at Hudson Alpha, they save lives, literally; by moving genomics research forward, finding cures for rare diseases, and creating one of the world’s first end-to-end genomic medicine programs. They do this with thousands of diverse Research-centric web applications across 38 facilities, connected to a single platform powered by Docker Containers and HPE Synergy. Join this session to hear the CIO of Hudson Alpha talk about their experiences and learnings throughout their container journey, and how they:

  • Achieve Portability with their hybrid infrastructure to migrate workloads across their private data center and public cloud service providers.
  • Deliver apps faster while spending less with reduced spend on hypervisor licenses, and reduced costs on third party tools
  • Eradicated all dependency issues with a single robust platform for all applications across the institute

Hardware secured Docker with Intel® Clear Containers: Status, challenges and future

Manohar Castelino, Intel

While Linux* containers offer speed and agility advantages, they could raise security concerns. Within the typical namespace isolated and cgroup constrained container model, all containers in a given environment share the same kernel instance. If the kernel is compromised or crashes, so will all the containers running on top of it, making them potentially vulnerable to malicious software-based attacks. We will be discussing Intel’s open source project, Clear Containers, and how this technology augments the Docker model by isolating all container workloads through Intel® Virtualization Technology (Intel® VT). By running Docker containers within their dedicated, fast-booting and low-footprint virtual machines, we will explain how Clear Containers keep the high performance, low overhead promise of Linux containers while complementing software isolation with a fully hardware-assisted one. We will then describe the technical challenges we have to overcome in order to seamlessly integrate hardware virtualization into the larger container ecosystem, from networking plugins up to the containers orchestration layers like Docker Swarm or Kubernetes. Finally we will briefly go through the project next steps. After closing many compatibility and stability gaps with the Clear Containers 2.1 release, we are now focusing on components factorization and performance improvements that the whole container ecosystem should benefit from.

Trust your containers in Production - Online or Offline

Baruch Sadogursky, JFrog

Docker containers provide unprecedented speed and simplicity to build, run and ship microservices and applications, but how do you manage images as they progress from development to production? Do you version and monitor them the same way as any other build, and can you manage them with other package types through a single point of universal control? Are you always sure they are secure before deployment? If you want to trust your containers in production, join us and learn how to implement an end-to-end management and security pipeline for Docker images

Simplify container orchestration with a turbocharged Docker Compose

Casey Bisson, Joyent

Getting started with container orchestration and scheduling systems, like Kubernetes, is relatively simple, but as your deployment grows it gets complicated fast. We will share a few “Kubernetes complexity” war stories, and then present a simpler approach, which leverages Docker Compose (in ways you may not know are possible) and the Autopilot Pattern for application micro-orchestration. The Autopilot Pattern works with any container scheduler, but for many applications and use cases we’ve found that this design pattern, combined with smart use of Docker Compose, provides the most elegant and scalable solution.

Docker + Microsoft – Investing in the Future of your Applications

Anand Chandramohan, Mircrosoft | Taylor Brown, Microsoft | Steve Lasker, Microsoft

When you combine Docker’s cross platform support of Linux and Windows containers and Microsoft cloud technologies, you get a supercharged portfolio that can support virtually every enterprise workload. Whether you host your workloads in private datacenters, public cloud or hybrid we offer great end-to-end solutions or individual components from the developer’s keyboard to cloud. Azure Container Service is the simplest way to deploy your container orchestration environment such as Docker Swarm so your developers can deploy their apps more quickly. Windows Server Containers are “just” Docker containers. You use the same Docker tooling to build and run those containers as you do your Linux containers and with the tooling you choose - Eclipse, Visual Studio, Jenkins, Visual Studio Team Service. Microsoft + Docker empowers you, the developer to build cutting edge apps – quickly!

Decades of storage innovation … itty bitty living space!

Garrett Mueller, NetApp

As containers have matured, we have found more uses cases for persistent storage by stateful applications to benefit from container technology. Users are looking for easy ways to get the right storage for the task at hand on demand, storage that is as flexible as the containers that are consuming it, with advanced capabilities that can span infrastructures, without having to worry about how the infrastructure gets the job done. Operators want to provide the right services to their users to enable more agile practices while still protecting the business and generally staying out of the way. The storage industry is working hard to meet this challenge by providing the right abstractions to balance it all out. Let's take a deeper look at the general approach the industry is taking, how it's coming together so far, and where we go from here. Key Takeaways • Persistence presents unique challenges to the container ecosystem • Storage industry is making strides getting their capabilities into your hands • Take advantage of statefulness in containers; expect the same flexibility that you get with the rest of your app

Advanced Data Services for Docker from Nimble Storage

Michael Mattsson, Nimble Storage

Whether you work with micro-services or traditional applications, data matters. Reliable data delivery from configuration files, databases, repositories or unstructured data is key to container and application performance. How and why should you containerize data-intensive workloads and what trade-offs do you need to consider in the process? Attend this talk to:

  • Learn how to improve quality of your build pipeline & smoke tests with real data attached to your containers
  • Get an overview of performance, protection, and data reduction capabilities you can get with a Docker Volume Plugin and enterprise SAN
  • See a live demo using Docker Datacenter, Docker Swarm and command line with Docker Volumes for high performance agile data management

Solving Container Storage: From Dev to Production

Chris Brown, Nutanix

Docker containers bring incredible power and agility to developers but underlying storage solutions built for development often fall apart when moving to production environments. Nutanix Acropolis Container Services provide native storage support for containers, giving operations teams production-ready storage, purpose-built for containers. In this technical deep dive we will cover how the Docker-certified Nutanix Volume Plugin works, show how easy it is to integrate with your containers and demonstrate the new unique workloads this enables.

Three Developers Walk into a Bar - Getting Lost and Finding Your Way on Container Road

Bob Quillin, Oracle | Jon Reeve, Oracle

The containerization journey can be a long and winding road. In this presentation, we meet three weary developers who stop along their way to swap stories, perspectives, and lessons learned. One is a skilled enterprise Java developer just beginning her container quest. The second is a seasoned cloud-native Docker developer well-versed in the ways of Kubernetes and martial arts. The third is a DevOps engineer more comfortable with Puppet and Chef - knee deep in trying to deploy and manage Docker apps in production.

Solving the Storage Problem for Cloud-Native Applications

Goutham Rao, Portworx
Container technology is booming, but tools to run containers in production have not kept pace – until now. Join Portworx CTO Gou Rao as he shows you how to address the five most common problems DevOps faces when running containerized apps in production. You’ll learn how to:
  • Get volume persistence so you don’t lose data when containers fail
  • Achieve high availability with smart provisioning, replication, and failover
  • Automate data management with the most popular container schedulers
  • Run applications using cloud-native deployment patterns
  • Deploy any containerized app with any scheduler on any infrastructure
Gou Rao is co-founder and CTO of Portworx. Previously, he was CTO and Executive Director of Dell’s Data Protection division, joining through the acquisition of Ocarina Networks. Gou, who holds 40+ patents, earned a B.Eng. degree from Bangalore University and an MS in computer science from the University of Pennsylvania.

Peering into Black Boxes: What’s Really Inside Your Containers?

Kenaz Kwa, Puppet | Tyler Pace, Puppet

Some of the power of container orchestrators comes from the ability to treat containers as an immutable black box, to abstract the orchestrator away from the messy reality of the operating system and implementation details inside. But what’s inside a container still matters for other operations tasks - like meeting audit or license requirements, troubleshooting or keeping up-to-date with patching. This talk will look at ways of adding an inventory to all of your Docker images, and using that inventory to provide greater visibility into your infrastructure. We’ll demo: * Automatically adding an inventory to existing Docker images * Querying information about a running container without knowing anything about it * Reducing the attack surface area by identifying unneeded software in your images

Using Containers in Production shouldn’t be this Hard

Darren Shepherd, Rancher

Container technology existed for quite a while in relative obscurity. It wasn’t until Docker introduced an easier, much more simplified approach and optimized workflow that containers really took off. It was Docker’s ease of use that sparked the creativity of users, and lead to its abundant adoption for development and testing. As users have pushed to leverage these technologies in production, however, the story has become anything but simple. Users are bombarded with new techniques and technologies such as orchestration, scheduling, service discovery, and many more, resulting in a steep learning curve for using and managing containers. In this session will we explore how you can leverage containers in production with the same ease of use experienced on the desktop. We will talk about the key benefits of containers and how you can benefit from them with little effort. We’ll also discuss when more complex technologies and customizations are needed as your container usage matures and scales.

Containers - Part of a Balanced Diet for Successful IT

Joe Brockmeier, Red Hat

We all know how healthy kale is, but a diet of only kale would leave us nutritionally imbalanced. (And grumpy.) Likewise, containers are a great innovation for IT, but only one part of the successful organization's IT "food pyramid." In this session, we'll talk about the role of containers as part of a larger digital transformation, and how we build on and integrate Linux containers as part of a successful solution. In this session you'll not only gain insight into Linux containers, but also how the standards allow us to build larger solutions that we can depend on to deliver applications faster, more reliably, and with greater flexibility for the business.

How a Large Media Company Uses Splunk for Analytics-Driven Container Performance and Logging

Christian Ruschke, Axelspringer | Marc Chéné, Splunk

In every industry, development and operations teams are moving to containers. While they are excited at the ability to scale and continuously update these applications, they are also challenged at getting the same logging and monitoring insight they once had. Developer and Operations teams not only need insight to logs and metrics with their containers, but with the entire stack in order to deliver great application performance. In this session, you will hear how BILD GmbH, Europe’s largest news portal, monitors and rapidly triages and troubleshoots application and infrastructure issues. You will also hear how you can use Splunk to provide visibility into your container environment, seamlessly allows you to index and analyze logs from your container-based applications, and also, gain visibility across applications and infrastructure by indexing and analyzing machine data across your entire stack.

Swarm Monitoring : Best Practices

Loris Degioanni, Sysdig

Pushing container-based applications into production will radically change the way you monitor & troubleshoot your environment. You'll have to adapt to both a new set of technologies and a new set of practices in order to effectively complement your Docker strategy with a new monitoring approach. In this session we'll cover the key elements of your new monitoring strategy, including: *How do you instrument Swarm managed containers effectively, taking into account best practices and the dynamic nature of containers? You need to monitor application components, not just Docker containers. How will you make that happen within a unified monitoring approach? *How should you monitor services built on top of containers? what metrics become more relevant in docker-based environments? *How do you construct alerts most effectively? how do you troubleshoot containers that are rapidly coming and going? *How do you isolate data for particular teams for the purposes of more effective monitoring and greater security? The session will focus on demonstrating both open source and commercial tools that can help you solve these new challenges. You'll walk away with concrete recommendations that you can immediately put to work in any scale environment.

Software-Defined Storage for Enterprise Containers

Chad Thibodeau, Veritas Technologies | Abhijit Dey, Veritas Technologies

Many IT teams are enamored with adopting microservices architecture and using containers. However, the love often fades as they continue through the CI-CD process and look to move from development and test to production, due in part to the lack of needed storage services. While some open source alternatives are available, they only go part way to addressing the needs and enterprises are often looking for the same performance assurance and data protection that they have come to expect and rely upon. We will discuss a novel approach to providing predictable and reliable performance along with enterprise-grade data availability and protection in a cost-effective manner.

Self-service Provisioning of Docker Datacenter on VMware vSphere

Ivan Porto Carrero, Ben Corrie, VMware | VMware

See how new self-service provisioning capabilities in vSphere will allow developers and cloud admins to deploy and operate Docker Datacenter in a ticketless manner. This demo will give a sneak preview of current development work aimed at giving developers access to container frameworks on demand – while at the same time leveraging the advanced performance, availability, and security capabilities of vSphere. This session will highlight how features like DRS, SDRS, HA, and NSX micro-segmentation can be used to make your container deployments more highly available, secure, performant and maintainable.

Prometheus with Docker Swarm for Application Metrics and Monitoring

Luke Marsden, Weaveworks

This talk will take you through a hands on examples of how to monitor an application running on Docker Swarm with Weaveworks' Prometheus service. We'll discuss our recommended monitoring philosophy, show you how to instrument your application with Prometheus libraries and how to construct useful PromQL expressions.

Finally! An Open Solution to Solve Persistent Storage

Clinton Kitson, {code} by Dell EMC

Storage implementations are changing every few months. From driver interfaces to managed plugins and the store, code is continually being updated to adhere with new attempts at solving "the storage problem". Good thing for you, there is an option that allows you to focus on your platform while ensuring interoperability with cloud native platforms. Get a deep-dive into REX-Ray that brings Docker Plugin compatibility to your platform, takes advantage of built-in features such as high availability and a CLI for operations, and solves the persistent storage problem for all.

Turn-Key Orchestration of Docker Container at Scale

Matt Baldwin, StackPointCloud, Inc.

Docker-based infrastructure represents an evolution in the way applications are developed, deployed, and scaled in production. But, as organizations begin to leverage public cloud infrastructure, building and managing these environments becomes complex and challenging. In this session, Matt Baldwin, CEO and Chief Architect of StackPointCloud, Inc., will explain how 1&1 and StackPointCloud are providing a turn-key container orchestration solution which enables developers and operators to focus on their core projects instead of building and maintaining multi-node clusters and containers. He will talk about autoscaling these environments based on load, moving failed workloads to different nodes, redundancy, and how load-balancing is accomplished with HAProxy

Using Docker and Watson for Extreme ChatOps

Jason McGee, IBM Fellow, VP and CTO, Cloud Platform, Containers/Blueprints Tribe Leader | Dan Berg, Distinguished Engineer, Containers Architect IBM

Chatbots help eliminate manual tasks from SRE (Site Reliability Engineer) with extreme automation combined with Watson artificial intelligence. Each bot has a persona and a specific task. These bots work together and chat together to communicate potential security threats or unusual patterns. Have a live conversation with one of chatbots using Watson Conversation Service, Watson Text to Speech service and see how fun it is to interact with the bots!Chatbots help eliminate manual tasks from SRE (Site Reliability Engineer) with extreme automation combined with Watson artificial intelligence. Each bot has a persona and a specific task. These bots work together and chat together to communicate potential security threats or unusual patterns. Have a live conversation with one of chatbots using Watson Conversation Service, Watson Text to Speech service and see how fun it is to interact with the bots!

Run your Docker apps in Production on Google Cloud with Kubernetes

William Denniss, Google
Docker has fundamentally changed the way people run applications. Kubernetes offers rich primitives for deploying and managing distributed, containerized apps. It helps you reach new levels of availability and utilization, while lowering your ops burden. In this talk we'll explore some of the concepts in Kubernetes and take a look at how Kubernetes 1.6 advances the efforts of cloud native computing.