Right on the heels of DockerCon Europe, the Docker team was excited to be a part of KubeCon in Seattle last week for great conversations and collaboration with the Kubernetes community. In addition to our commitment to delivering a simple, integrated experience with Kubernetes in our Docker Desktop and Docker Enterprise products, we’re also excited by our work with the community at the very foundation of Kubernetes with projects like containerd and Notary/TUF and to talk container standards with the members of the Open Container Initiative (OCI). KubeCon is an opportunity for project maintainers to explain the status and roadmap of projects, but also to meet face to face and collaborate with contributors to determine what is next for cloud native applications.
Giving Back to the Kubernetes Community
The Docker and Kubernetes communities have been working together closely since Kubernetes was announced at DockerCon 2014. In line with our commitment to continue to make containerization technology like Kubernetes easier to use: a few weeks ago we open sourced Docker Compose on Kubernetes, a project that provides a simple way to define cloud native applications with a higher-level abstraction, the Docker Compose file. Docker Compose is a tool for defining and running multi-container Docker applications is already used by millions of Docker users.
Docker is also working on solutions that address challenges that the broader Kubernetes community is facing as more applications embrace cloud-native design and more applications are distributed applications. As announced during DockerCon Europe, Docker and Microsoft are teaming up to deliver the Cloud Native Application Bundle (CNAB) specification – an open source, cloud-agnostic specification for packaging and running distributed applications. With CNAB, organizations can package Helm charts, Kubernetes YAML files and Docker Compose files in a single format that is easily shareable and distributed in Docker Hub and Docker Trusted Registry. The format also extends to things like Terraform and Ansible scripts and any number of other configuration and automation formats. Here is a video of CNAB in action.
In one of these very productive gatherings of maintainers at KubeCon, CNAB team members from Microsoft and Docker joined the OCI maintainer meeting to discuss CNAB joining OCI.
— chanezon (@chanezon) December 13, 2018
At the Heart of Kubernetes: containerd and Notary
It’s been about 2 years since containerd was donated to CNCF and the project has had tremendous momentum in that short time. Today, containerd 1.2 is the industry-standard container runtime that can be used with different technologies including gVisor, Kata containers, Firecracker and Balena, and is extensible to various platforms through it’s plugin model. Containerd is being widely adopted by the major cloud platforms including Alibaba, AWS, Azure, GKE and IBM Cloud. We’re excited by the maturity and direction we’re headed in and looking forward to graduation of containerd within CNCF.
You can watch the Intro and Deep Dive sessions on containerd here:
One thing I love about KubeCon is the impromptu maintainer meetings after talks: after the Intro to containerd talk, we all went to AWS office with @containerd and Firecracker maintainers from @Docker @awscloud @Microsoft @GCPcloud @alibaba_cloud @IBM to talk about Firecracker containerd integration. The AWS team demoed their firecracker-containerd proof of concept to check that their architecture was sound.
One thing I love about #KubeCon is impromptu maintainer meetings after talks: here at Amazon with @containerd & Firecracker maintainers from @Docker @awscloud @Microsoft @GCPcloud @alibaba_cloud @IBM to talk about Firecracker containerd integrationhttps://t.co/rlvAYOxBox pic.twitter.com/pSuDPWv4Ss
— chanezon (@chanezon) December 12, 2018
Notary with TUF
Docker has implemented The Update Framework (TUF) in Notary as a way to protect and sign your container images and secure your environment with Docker Hub or Docker Trusted Registry. Notary is also a project within CNCF with maintainers from many different companies and the framework can be extended to other use cases.
Yesterday in @CloudNativeFdn board meeting one topic that came up was that security should be an important focus for cncf: good example today #KubeCon @justincormack & Pr Cappos from @nyutandon present TUF and Notary. pic.twitter.com/O2HT3CWHuY
— chanezon (@chanezon) December 11, 2018
You can watch the session on Notary here:
Docker and Kubernetes: The Road Ahead
Docker is driving Kubernetes forward from two ends. We continue to invest and collaborate from the foundational side through projects like containerd and Notary and standards like OCI and CNAB. And we continue to drive adoption in the enterprise through easy-to-use tools like Docker Desktop and Docker Enterprise which package conformant Kubernetes distributions with Docker tooling. Docker will continue to collaborate with the Kubernetes community with a focus on making Kubernetes easier to use and accessible to a larger set of users.
Here are other sessions from KubeCon Seattle 2018 from the Docker team:
- Building Container Images on Your Kubernetes Cluster with Knative Build with Gareth Rushgrove
- How to Choose a Kubernetes Runtime with Justin Cormack
- How Standards, Specifications and Runtimes Make for Better Containers with Patrick Chanezon (Docker), Chris Aniszczyk (The Linux Foundation/CNCF), Jeffrey Borek (IBM) and Rithu Leena John (CoreOS/Red Hat)
— Rithu Leena John (@rithu_john) December 14, 2018
- Securing Application Telemetry & Tracing with SPIFFE and Envoy with Sabree Blackmon