Diogo Mónica

Least Privilege Container Orchestration

The Docker platform and the container has become the standard for packaging, deploying, and managing applications. In order to coordinate running containers across multiple nodes in a cluster, a key capability is required: a container orchestrator. Orchestrators are responsible for critical clustering and scheduling tasks, such as: Managing container scheduling and resource allocation. Support service discovery and hitless application deploys. Distribute the necessary resources that applications need to run. Unfortunately, the distributed nature of orchestrators and the ephemeral nature of resources in this environment makes securing orchestrators a challenging task. In this post, we will describe in detail the less-considered—yet vital—aspect of the security model of container orchestrators, and how Docker Enterprise Edition with its built-in orchestration capability, Swarm mode, overcomes these difficulties. Motivation and threat model One of the primary objectives of Docker EE with swarm mode is to provide Continue reading…

Lisa McNicol

Docker & Prometheus Joint Holiday Meetup Recap

Last Wednesday we had our 52nd meetup at Docker HQ, but this time we joined forces with the Prometheus user group to host a mega-meetup! There was a great turnout and members were excited to see the talks on using Docker with Prometheus, OpenTracing and the new Docker playground; play-with-docker. First up was Stephen Day, a Senior Software Engineer at Docker, who presented a talk entitled, ‘The History of Metrics According to Me’. Stephen believes that metrics and monitoring should be built into every piece of software we create, from the ground up. By solving the hard parts of application metrics in Docker, he thinks it becomes more likely that metrics are a part of your services from the start. See the video of his intriguing talk and slides below. ‘The History of Metrics According to me’ by Stephen Day Continue reading…

Lisa McNicol

Docker San Francisco Meetup #50: Swarm Mode

Last Wednesday was Docker’s 50th meetup in San Francisco! There was an awesome turnout from the local Docker community to see Docker’s own Nishant Totla and Dongluo Chen and their talk on Swarm Mode. Nishant and Dongluo gave a talk entitled ‘Using Docker Swarm Mode and healthchecks to Deploy Applications Without Loss’ where they demonstrated how to do service upgrades without impacting your application.   They explained that Docker swarm mode enables users to manage their applications with service primitives and the healthcheck feature provides health indications for a container. Coming up in the Docker 1.13 release, Docker Swarm can connect healthcheck results with load balancers to implement no-loss service upgrade. Check out the talk including Nishant’s demo in the video below.     Want to learn more about the Docker platform and Docker’s open source projects? Join us for the next Docker Online Meetup (Wed, Nov 9th Continue reading…

Karen Bajza

Docker Online Meetup #42: Docker Captains Share Tips & Tricks for Using Docker 1.12

For this week’s Docker Online Meetup, Docker Captains Ajeet Singh Raina, Viktor Farcic and Bret Fisher shared their tips and tricks for built In Docker orchestration. Ajeet talked about the best ways to use Docker 1.12 Service Discovery and shared key takeaways. Viktor talked about best practices for setting a Swarm cluster and integrating it with HAProxy. Bret concluded the meetup with a presentation on Docker 1.12 command options and aliases including cli aliases for quick container management; the shortest path to secure production-ready swarm; how to use cli filters for easier management of larger swarms; and docker remote cli security setup.     Best ways to use Docker 1.12 Service Discovery by Docker Captain Ajeet Raina Scaling and clustering with Docker Swarm by Docker Captain Viktor Farcic Docker cli Tips and Tricks by Docker Captain Bret Fisher Want to learn more about Continue reading…

Get the Latest Docker News by Email

Docker Weekly is a newsletter with the latest content on Docker and the agenda for the upcoming weeks.

Docker Core Engineering

Docker Built-in Orchestration Ready for Production: Docker 1.12 Goes GA

We wanted to thank everyone in the community for helping us achieve this great milestone of making Docker 1.12 generally available for production environments. Docker 1.12 adds the largest and most sophisticated set of features into a single release since the beginning of the Docker project. Dozens of engineers, both Docker employees and external contributors, have made substantial contributions to every aspect of 1.12 orchestration including core algorithms, integration into the Docker Engine, documentation and testing. We’re very grateful to the community, which has helped us with feedback, bug reports and new ideas. We couldn’t have done it without the help in particular of the tens of thousands of Docker for Mac and Windows beta users who have been testing our 1.12 features since DockerCon in June. We’ve seen contributions ranging from bash tab completion to UX up-and-down votes that Continue reading…

Weekly Roundup: Top 5 Most Popular Blog Posts

This week, our readers have enjoyed Docker thought leadership on various topics. As we begin a new week, let’s recap our top 5 most-read blog posts for the week of July 17, 2016.

Vivek Saraswat

Docker Datacenter @ DockerCon 2016: Image security, Engine 1.12 and Burning Man…

Interested in learning more about our plans for Docker in the Enterprise and getting involved in an upcoming Docker Datacenter beta? Let’s take a deeper look. On the second day of DockerCon, the keynote used different situations to discuss enterprise use of Docker. Our CEO Ben Golub broke down several fallacies in IT, CTO Keith Fulton of ADP painted a delicious picture of microservices as chicken nuggets, and Lily and I… well, we averted a massive security disaster and got our costumes ready for Burning Man. Aside from shiny sequined jackets (not my normal wardrobe, I promise) and Ben’s enthusiastic “business guy” cameo, we presented a prototype of a future version of Docker Datacenter, our commercial solution for running containers-as-a-service (CaaS) in an on-premises or public cloud enterprise environment. Docker Datacenter is an integrated CaaS platform to securely ship, orchestrate and manage Dockerized Continue reading…

Theo Platt

Biogen: Data Science and Docker Swarm

written by Theo Platt, Associate Director, Biogen and Karl Gutwin, Senior Data Architect, Biogen The Data Sciences department at Biogen has been using Docker and watching the (r)evolution for a couple of years. Last year, as our experience with Docker grew and the use cases expanded, we built our own early Docker Swarm cluster with homegrown orchestration capabilities. Through cutting-edge science and medicine, Biogen discovers, develops and delivers worldwide innovative therapies for people living with serious neurological, autoimmune and rare diseases. Founded in 1978, Biogen is one of the world’s oldest independent biotechnology companies and patients worldwide benefit from its leading multiple sclerosis and innovative hemophilia therapies.