DockerCon 2017 Europe recap
This is the second edition of DockerCon in Europe. Last year DockerCon was only hosted in the United States. DockerCon, the conference part, was on Tuesday and Wednesday but on Monday you could attend workshops, hallway track sessions and hands on labs. Monday evening was the Welcome reception during which you visit the expo.
I arrived Monday afternoon at the Bella Center, the venue where DockerCon is hosted, to pickup my badge and backpack. After that I checked into my hotel. In the evening I went to the Welcome Reception and visited amongst others the booths of VMware, AWS, Atlassian, CoScale, Amazic and of course Docker.
The next day started with a breakfast in the expo hall. At 9.00 the keynote started. Steve Singh, the CEO of Docker, who started with welcoming everybody to DockerCon. After that he talked about the way that the Docker platform, is the platform to run your application. Digital containers can help you manage enterprise software supply chain. Image how the world should work. Do not limit yourself how it works now. Next he talked about modernizing your traditional applications, not by recoding but by using the tools, like Docker Application Converter or image to Docker. This approach focuses on moving your application to a Docker container which results in application that can be run everywhere. When you are in the process of choosing the application to start with, you should go for the less complex applications first and get experience with conversions to Docker containers. During this session Kristie and Ben, from Docker, gave a live demo of the conversion of a tar backup file to Docker container. One of the next speakers was Solomon Hykes, the founder of Docker. He was making the announcement of DockerCon.
Docker will support in the new version two orchestration tools, next to Docker Swarm there will be also native support for Kubernetes. Kubernetes can be managed from Docker UCP. The nice thing of the Kubernetes integration is that you don't need any Kubernetes knowledge about setting up a Kubernetes cluster.Kubernetes will also be part of the Docker Community edition, so you can test the Kubernetes part also on your local Linux, Windows or MAC based workstation.
Kubernetes in Docker for Mac/Windows features:
- Automatically installs single-node vanilla Kubernetes cluster on your desktop
- Test your apps locally before pushing to a production cluster
- Docker CLI and Kubernetes CLI bundled and work in parallel in your client
- Kubernetes NodePort Services exposed on Mac/Windows host
The product will be launched in Q1 2018, but if you already want to play with the Kubernetes integration within Docker you can sign up at this url. You can choose if you want to enroll in the beta for Docker for Mac or Windows or for Docker EE. After the keynote, I attended the session What's new in Docker. This session gave an update around Docker Enterprise edition, Docker Community Edition and Docker for Mac/Windows
Docker Enterprise Edition (EE)
- Integrated orchestration, security and management
- Stable releases with minimum 1 year of support and maintenance
- Security patches and hotfixes backported to all supported versions
- Enterprise class support (9am-6pm or 24x7x365)
- Certified Infrastructure, Containers and plugins
Docker EE now also supports mixed Windows and Linux clusters. Here's an overview of the features:
- Manage both your Linux and Windows applications from a single cluster console
- Linux managers, mixed Windows/Linux worker nodes
- EE features (e.g. RBAC, LDAP/AD, signing, scanning, secrets) work on both Windows and Linux
- Support for IBM Z mainframes running Linux workers
Docker CE 17.09 New Features
- Support for Compose format v3.4
- 'docker service rollback'
- Overlay2 over aufs as preferred filesystem
- '--chown' added to Add/Copy in Dockerfile
- Experimental support for docker trust (view, revoke, sign)
Docker EE integration with Kubernetes
- Today's UCP with additional orchestrator
- Multi-orchestrator configuration
- Allocate nodes to each orchestrator
- "Vanilla"CNCF kube, no wrapping
- Opinionated stack with "batteries included" networking and storage
- Support for Docker and Swarm API's
- Support for Kubernetes API
- EE features including LDAP/AD, RBAC, Scanning, Signing Enforcement, Security Policies
Stacks for Kubernetes features:
- Use the same CLI to run Stacks on Swarm or Kubernetes
- Supports all Docker Compose versions
- Stack is a 1st class citizen to Kubernetes thanks to API Aggregation and Custom Resource Definitions (CRD)
- Support updates, rollbacks, logs, scaling
During the day I also attended different quick talks around different subjects. After the lunch I attended a Hallway track with the subject OpenFAAS serverless with Docker and after that the session From zero to serverless in 60 seconds. Both were hosted by Alex Ellis, the founder of OpenFaas. Very interesting product. If you want read more about it go to Openfaas.com The last session of the day for me was Back to the future: Containerize Legacy Applications by Brandan Royal. In this session talked about the MTA program of Docker. They defined 4 steps in the process: Assess -> Containerize -> Deploy -> Measure
The second day of the conference started with a general session. On stage was Scott Johnston, COO of Docker.
This sessions was mostly focussed on the MTA program of Docker. He was joined on stage by Finnish Rail and Accenture who went together through a MTA journey. Docker also announced that IBM was added to the Docker MTA partners. After that IBM announced that they were together with Docker working on Docker on IBM Cloud and that IBM applications like Websphere and MQ are now Docker certified. They also mentioned that Watson is running in Docker containers. After the general session I attended the Docker EE deepdive. This session went into more detail on:
- Image Scanning (now available)
- Scans at a binary level
- Not just looking at package versions
- Works both online and offline
- New vulnerability database released daily
- Great for air gapped scenarios (sneaker net!)
- Scans both Linux (x86_64) and Windows
- Coming soon for IBM z Series
- Scans at a binary level
- Image Signing (now available)
- Docker Content Trust built in to DTR
- Enforcement can be done in UCP
- Only valid signers can deploy containers
- docker trust makes things easier then ever (coming soon)
- Image content cache
- Image promotion
- Image mirroring (coming soon)
In the afternoon I took some time to take some of the hands on labs below.
- Docker 101 - Linux
- Docker 101 - Windows
- Docker Trusted Registry Deep Dive
- Managing the Application Lifecycle with Docker EE
- Managing Application Access with Docker EE
- Deploying Hybrid-OS Applications with Docker EE
- Modernizing ASP.NET Applications - for Developers
- Modernizing ASP.NET Applications - for IT Pros
- Modernize Java Apps
If you also want to try go here Last session of the day was Tips and Tools for Running Container Workloads on AWS, hosted by Abby Fuller and Tiffany Jernigan.
All good things come to an end. What I really liked at DockerCon was the number of live demo's that were part of as well the keynote sessions as the breakout sessions. Very nice to see that it is possible to give a working live demo. Also liked the Hallway track concept and the possibility to interact with the Docker people based in the Netherlands.