DockerCon 2018 Recap

Welcome to DockerCon 2018 in San Francisco, June 12th-15th.

It all started with Franco Fin the hype-man for the Golden State Warriors to get the 5000+ crowd going.

Keynote speakers:

Steve Singh (CEO):

     5 years ago, we bonded over an idea of how software is built and utilized. This brought on containers. 50 Billion containers are shared because of Docker community today. We have just scratched the surface of containers. From a Linux, Windows and Cloud perspective the sky is the limit.
The changes that I’ve seen are creating intelligent applications. Where technology happens is also changing. Over the next 40 years software will come from everyone else other than software companies alone.

Sharing innovations is the key. We see a world where communities will share information across the board for better production and faster innovation. Docker and its community will change the world and drive unbelievable change. Docker keeps to the same ideals that encompasses choice, security, and agility. Your data will exist wherever you want it to exist. What does Docker work for? Make things simple and deploy your innovations at whatever speed and agility you require. Docker will be there for you every step of the way; Docker wants you to think big.

Gareth RushGrove (Docker Product Manager):

     It’s all about the tools. The average developer uses 3 different editors. One size does not fit all. Docker wants to know how you can embrace us. Be part of that is Docker Desktop. We’ve seen 1 million users using Docker Desktop. We want to make containers easier consistently. User interface is important. Imagine an easy interface to build and share your work. Docker Desktop makes it easier and much faster than the old command line. It’s all about collaboration.

Scott Johnston (Chief Product Officer):

     See the whale, be the whale. This is the time to share stories. Choice is one of the core promises of Docker. Any application, any language on any workload type on any platform. That is choice and always use the right tool for the right job.


The container technology has become so advanced that NASA and Dart can utilize containers to pilot a space vehicle to hit an asteroid in space, take a look:

Day One re-broadcast:

Day Two re-broadcast:

DockerCon also offered extreme break-out sessions that covered the following:

Black Belt

A Vision of Persistence

Pull, push, clone, it is all in your daily workflow. But what if this wasn’t your source code or your container, but the state of your whole computer? Push your production database over to another machine? No problem!


Container Orchestration from Theory to Practice

Laura Frank and Stephen Day explain and examine technical concepts behind container orchestration systems, like distributed consensus, object models, and node topology. These concepts build the foundation of every modern orchestration system, and each technical explanation will be illustrated using SwarmKit and Kubernetes as a real-world example. Gain a deeper understanding of how orchestration systems work in practice and walk away with more insights into your production applications.


Deep Dive in Container Service Discovery

Service discovery and traffic load-balancing in the container ecosystem relies on different technologies, such as IPVS and iptables, and container orchestrators use different approaches. This talk will present in detail how Docker Swarm and Kubernetes achieve this. The talk will continue with a demo showing how applications that are not managed by Kubernetes can take advantage of its native load-balancing. Finally, it will compare these approaches to service-mesh solutions.


Istio: Managing, Securing, and Observing Microservices

With the rapid adoption of microservices, Istio has become the de facto framework to load-balance, route, secure and monitor the traffic that flows between microservices. Istio provides a common networking, security, policy and telemetry substrate for services that we call a ‘Service-Mesh’. Come learn how the service-mesh helps with the transition to microservices, to empower operations teams, to adopt security best-practices and much more. We’ll also cover the state and ecosystem of the project, where it’s headed and how you can get involved.


Java in a World of Containers

Container technologies such as Docker are rapidly becoming the de-facto way to deploy cloud applications, and Java is committed to being a good container citizen. This session will explain how OpenJDK fits into the world of containers, specifically how it fits with Docker images and containers.


Kubernetes Extensibility

Kubernetes is designed to be an extensible system. But what is the vision for Kubernetes Extensibility? Do you know the difference between webhooks and cloud providers, or between CRI, CSI, and CNI? In this talk we will explore what extension points exist, how they have evolved, and how to use them to make the system do new and interesting things. We’ll give our vision for how they will probably evolve in the future, and talk about the sorts of things we expect the broader Kubernetes ecosystem to build with them.


Kubernetes with Docker

Since last DockerCon, Kubernetes has been integrated into both the Desktop and Enterprise editions of the Docker Platform. In this deep dive session, we’ll showcase live demos and explore where Kubernetes fits in the architecture of both the Desktop and the Enterprise editions and which community tools make this integration possible. We’ll be covering topics ranging from hypervisor control, storage and networking all the way to the integration of a custom RBAC system, native Compose file support and providing a rich user interface for Kubernetes.


Windows Container Security

Much of this container security discussion revolves around containers on Linux while the security of containers in Windows is left as a mystical black box. In this talk they peel back the curtain and dive in to how Windows containers are secured.


Contribute & Collaborate

Cloud Native Projects SIG Session

Contributing 101

Docker Platform Internals SIG


Docker, Docker, Docker

Considerations for Operating Docker at Scale

Scale happens along 3 different aspects: (1) applications and their services scale up and down leading to (2) the infrastructure scaling up to meet the needs of the applications, and finally (3) sites scale across multiple locations, including movement to public cloud. In this session, we will talk about how Docker EE scales along all three of these dimensions to give you a consistent platform for running your applications:


Docker Enterprise Edition: An Architecture and Operations Overview

Docker Enterprise Edition (EE) is much more than just an application packaging format and run-time. It is an enterprise-ready container platform that automates the delivery of applications using an agile operating model with integrated security. Join members of the Docker product team as we walk through how you can leverage Docker EE to construct a pipeline to create new apps on Docker Desktop or modernize traditional apps using Docker Application Converter, move apps through a secure supply chain with Docker Trusted Registry, and deploy and monitor the apps at scale in Universal Control Plane.


Docker for Developers on Mac and Windows

The whole Docker ecosystem exists today because of every single developer who found ways of using Docker to improve how they build software; whether streamlining production deployments, speeding up continuous integration systems, or standing up an application on your laptop to hack on. In this talk we want to take a step back and look at where Docker sits today from the software developers point of view – and then jump ahead and talk about where it might go in the future. In this talk, they discuss:

  • Making Docker an everyday part of the developing software on the desktop, with Docker for Windows and Docker for Mac
  • Docker Compose, and the future of describing applications as code
  • How Docker provides the best tools for developing applications destined to run on any Kubernetes cluster

This session should be of interest to anyone who writes software; from people who want to hack on a few personal projects, to polyglot open source programmers and to professional developers working in tightly controlled environments. Everyone deserves a better developer experience.


Docker Storage: Designing a Platform for Persistent Data

Docker containers have popularized the concept of read-only/immutable infrastructure and lead to changes in system and application architecture across the IT industry. However nearly every application generates some data that will need to persist long after the life-span of the container that generated it. This talk will look at the best practices around persistent storage with containers, from providing design advice around the construction of your application/container to the functionality provided from storage vendors through the Docker Volume driver plugins.


How to Build Your Containerization Strategy

In this talk they cover topics such as different types of workloads (legacy, microservices, FaaS, big data, etc …), how your org chart can influence whether you deploy a CaaS (Containers as a Service) vs CLaaS (Clusters as a Service), how “shifting left” can determine if you can outsource, centralized vs distributed CI/CD and how containers play a role, transforming your pets into cattle, how giant whale balloons are used for on-boarding, and a prescriptive and comprehensive methodology for successfully deploying Docker in your enterprise.


Docker in Production

All Roads Lead to the Cloud: Liberty Mutual’s Journey with Docker EE


Modernizing Traditional Applications with Docker

Modernizing Traditional Apps with a Docker is a great way to start your containerization strategy and to prove to your leadership there is value.

In this session you’ll hear more about how MetLife has built their strategy to go forward, and you’ll learn how Docker’s strategic approach to containerization and transformation can be applied in your company, too.


Networking in Docker Enterprise Edition with Kubernetes and Swarm

In this talk, we will review the pros and cons of each approach and how they co-exist in the Docker container platform. We will then show you how to achieve your application networking design goals under either model in the Docker platform, including segmentation, multi-tenancy, isolation and security.


Troubleshooting Tips from Docker Support Engineers

In this session, you’ll learn how to:
Ask better questions & identify the real problems you want to solve
Use command line tools to inspect internal Swarm and Kubernetes components
Debug and troubleshoot interactions between Enterprise Edition components
Troubleshoot Docker Enterprise Edition Windows nodes
Apply these skills to troubleshooting Docker Enterprise Edition

  • Building your NoSQL ship: How an Enterprise transitioned from a RDBMS to NoSQL DB using Agile and Docker
  • Disruption from Within– Innovation at Franklin American
  • Docker on Docker: Leveraging Kubernetes in Docker EE to Power Infrastructure at Docker
  • Faster, Safer and 100% User-Centric Application at Equifax with Docker
  • How to Accelerate Docker Adoption With a Simple and Powerful User Experience



Accelerating Development Velocity of Production ML Systems with Docker

This talk will feature tips and tricks for Dockerizing a large-scale legacy production service and discuss how an architectural change like this can change how an ML team works.


Accessible High-Performance Computing for Everyone with Docker and Containers

This session will introduce High Performance Computing and outline the challenges when trying to fit those workloads into containers. Afterwards the community solutions are touched on before an approach based on proper Docker is shown. The talk will wrap-up with an outlook how containers can foster scientific discoveries by allowing HPC to be used by everyone.


Automated Hardware Testing Using Docker for Space


Best Practices and Standards for Container Security

The panel will discuss the best practices that are being developed within and for security-conscious enterprises. We will consider where additional work is still to be done in collaboration between the container ecosystem and enterprise customers and how existing guidance may evolve. Finally, we will address how to make the best and safest practices, the default practices.


Democratizing Machine Learning on Kubernetes

One of the largest challenges facing the machine learning community today is understanding how to build a platform to run common open-source machine learning libraries such as Tensorflow. Both Joy and Lachie are both passionate about making machine learning accessible to the masses using Kubernetes. In this session they’ll share how to deploy a distributed Tensorflow training cluster complete with GPU scheduling on Kubernetes. We’ll also share how distributed Tensorflow training works, various options for distributed training, and when to choose what option. We’ll also share some best practices on using distributed Tensorflow on top of Kubernetes, based on our latest performance tests performed on public cloud providers. All work presented in this session will be accessible via a public Github repository.


Docker, Microservices, and the Service Mesh

The nature of containerized, cloud-native applications is rapidly advancing with a fundamentally different architecture that will rely on service meshes with smarter proxies, traffic management, and enhanced observability for cooperating microservices, serverless functions, and complex workflows. In this session we will highlight the features that characterize this architectural transformation in the Docker cloud-native ecosystem.


Packaging Software for the Distribution on the Edge with Docker and Windows Server

At GE Digital, in the Asset Performance Management space, we need to supply an edge solution that impacts both on-premise and data transmission to the cloud. Our current edge solutions are relatively simplistic, but as our technologies mature along with our customers’ needs, we’re finding that we need to grasp a more fog computing-based approach where we include more intelligence, and more computing power at the edge. Along with this computative power, we need to better remotely manage these systems – to be able to monitor progress and diagnose problems – a technology that would enable us to containerize, and to better manage our software bundlings and deployments.

We found that Windows Docker seemed to fit the bill — much of the technologies that live at our edge solutions are Windows OS based (as the customers’ main platforms are Windows OS based). This presentation reviews the approach that we took to repackage one of our main APM on-premise solutions using Docker on Windows. We’ve created a prototype which we’re looking forward to productize and enable the capability of remote management to thousands of deployments.

The presentation also contains a video demo of the running system. The on-prem APM system will demonstrate the usage of Docker networking along with docker volumes and three (3) docker containers – will discuss the construction of the images and nuances of execution of the running docker containers.


Serverless Panel Discussion

This panel will feature leaders from the top 5 container based serverless frameworks: Galactic Fog, Nuclio, Fn, OpenWhisk, and OpenFaaS. And from the Gloo project which aims at gluing together all serverless applications with legacy and cloud workloads to discuss the state of portable serverless frameworks on container platforms.


5 Practices for Better, Cheaper, Faster Service Delivery

In this session Rob Schoening, VP of TechOps for Lending Club, will outline some of the guiding principles that he’s instilled in his organization to be able to embrace DevOps. These principles have allowed the company to grow from $1B in loans issued by 2012 to $33.6B of loans issued by the end of 2017. He’ll cover some of the decisions the organization had to make along the way and how they approach DevOps today, including where Docker fits into this.


A Strong Belief Loosely Held: Bringing Empathy to IT

In this talk, the conversation centers around how to use behavioral economics and other processes to assist in getting IT organizations to adopt DevOps practices. This talk fosters thought and dialogue on how to address the people and IT cultural needs as organizations transform.


Building a Docker Center of Excellence: Panel Discussion with MetLife, PayPal, and Splunk


Depend on Docker (DoD) – Imagine a world where the only dependency you need is Docker!


Using Docker

5 Patterns for Success for Application Transformation

This session shows you how to bring your old apps into the modern world, and integrate them with Docker – without changing code. We’ll cover patterns for all the core application concerns:

  • logging

  • configuration

  • monitoring

  • health

  • dependency management

The sample apps will be in .NET and Java, and will show you how to turn your existing apps into good Docker citizens.


Building Your Production Tech Stack for Docker Container Platform

This session will cover:

Which OS/Distro and Kernel to use
VM’s or Bare Metal
Recommended Swarm architectures
Tool stacks for “pure open source”, “cloud-service based”, and “Docker EE” scenarios
Demos of these tools working together including InfraKit, Docker, Swarm, Flow-Proxy, ELK, Prometheus, REX-Ray, and more.


Creating Effective Docker Images

How layers work
Choosing a base image vs. creating your own
The basics of building minimal images and the importance of choosing a base image vs. creating your own
The basics for building minimal images and the importance of caching
High level best practices for Linux containers (in general, and some language specific examples).
High level best practices for Windows container images.
New and improved: multi-stage builds
Good vs. not so good Dockerfile examples
Docker Image Scanning, and other friends
What’s up next? Looking to the future for more optimization


Demystifying Container Connectivity with Kubernetes in Docker

This session provides an illustrative walkthrough of these core concepts by going through common deployment architectures providing design, operations, and scale considerations based on experience from numerous production deployments. The session will also showcase how to complement application and operations workflows with policy-driven business, compliance, and security controls typically required in enterprise production deployments.


Don’t Have A Meltdown! Practical Steps For Defending Your Apps

In this talk we will look at risks and preventative measures related to:

  • authentication
  • injection
  • updates
  • sensitive data
  • configuration

By the end of the talk you should understand the most important security risks in your applications, and how to go about mitigating them.


Gordon’s Secret Session: Kubernetes on Windows with Docker Enterprise Edition


Message–Based Microservices Architectures Driven with Docker

Microservices are not for everyone, but there are some incredible benefits to employing microservice architecture principles to enable co-evolution of services and features and reduce friction during the DevOps cycle.


Proactive Ops for Container Orchestration Environments

This talk lays out a proactive Ops model for container infrastructure. By focusing on event monitoring, infrastructure state monitoring, trend analysis, and distributed log collection, a proactive Ops model delivers observability for distributed apps that was not possible before. Using real-world examples from Swarm and Kubernetes, we’ll demonstrate the tools used and how we relieve Ops pain in container orchestration.


Production SecOps with Kubernetes in Docker

In this talk, Scott Coulton will walk through how to build a container as a service platform with Docker EE.

He will also share various automation solutions to deploy your cluster into production. Once the cluster is up and running, Scott will delve into sec ops and discuss security best practices – including signing images in DTR (Docker Trusted Registry) and CVE scanning to provide a secure supply chain into production. You’ll leave this talk with the knowledge needed to build your own container platform in production. And did I mention it will all be done live, step-by-step?


Tips and Tricks of the Docker Captains

Topics covered will include:
– Build Processes
– Security
– Volumes
– Databases
– Orchestration
– Debugging and Maintenance
– Calling Docker from Docker

This talk will make your daily life with Docker easier!


About the Author: