docker federal summit 2017 general session

Docker Federal

Summit 2017

Docker 2017 - Confidential

Thank You Sponsors

Platinum

Gold

Silver

Lunch Happy Hour


Thank You to our Federal Agency and Community Speakers

Thank You Docker Community

• Summit Attendees

• Summit Speakers

• Summit Sponsors

• Meetup Organizers

• Mentors

• Docker Team

• Customers

• Partners

• Docker Captains

• Contributors & Maintainers


Driving Docker Momentum in the Industry

Docker

Hosts

14MGrowth in Docker

job listings

77K%Image pulls

Over 390K%

Growth

12BDocker

apps

900KProject

Contributors

3300


Building a New Industry

Docker Pulls


Communities Helping Communities


Healing heroes one

family at a time

www.bouldercrestretreat.org


Thank you for your

participation today.

Together we are sending

two families to Boulder

Crest for a weekend of

healing.

Visit their table on the 8th

floor to learn more


Give Back Together

www.bouldercrestretreat.org


Federal Summit Logistics

• All meals and happy hour

• General session

• Platinum sponsor talks

• Sponsor expo

7th Floor

• Coffee Break

• Learning Lab: Hands on Tutorials

• Gold sponsor talks

• Sponsor expo

8th Floor


Iain Gray

SVP Customer Success


Docker In Every Industry

Service

ProviderTec

h

Public

SectorInsurance

Healthcare

& Science

Financial

Services


Being Used for Critical Apps

To keep planes in the air

To keep soldiers away

from landmines

To cure

diseases

To process $ billions in

transactions per day

To keep the largest ecommerce

websites running

To power the largest

financial institutions

To monitor fire

alarms

To keep healthcare systems

running smoothly


Docker in Public Sector


The Myth of Bi-Modal IT

MICROSERVICES TRADITIONAL APPS

Cloud or New

InfrastructureYou are either here..

Old Infrastructure …or here


There is only one mode

FAST


Enabling a Journey

…you should be past AND future proof

MICROSERVICESAGILE TRADITIONAL

APPSTRADITIONAL APPS

Cloud or New

Infrastructure

Old

Infrastructure


The Reality Is Diverse

Virtual

IT Ops

Windows

Cloud

Microservices

Bare Metal

Developers

Traditional

Linux

On Premises


What is Required for Modern IT

1

2

3

A secure and reliable base platform

Security across the entire supply chain

Leverage an ecosystem that

extends these principles


The IT Reality is Diverse Apps and Infrastructure

Traditional

Third Party

Microservices

Applications Infrastructure


Start With a Secure Base and Containerize Apps

Traditional

Third Party

Microservices

DEVELOPERS IT OPERATIONS


Standardize and Secure the Supply Chain from Dev

Image RegistrySecurity scan& sign

Traditional

Third Party

Microservices

docker store

DEVELOPERS


Secure the Software Supply Chain to Production


Traditional

Third Party

Microservices

docker store


Control Plane


Nathan McCauley

Director Security Engineering

Usable

SecuritySecure defaults with tooling that is native to both dev

and ops

The Key Components of Container Security

2

5

Infrastructure

Independent

Trusted

Delivery

Safer Apps

Everything needed for a full functioning app is delivered

safely and guaranteed to not be tampered with

All of these things in your system are in the app

platform and can move across infrastructure without

disrupting the app

+

+

=

What is Least

Privilege

Infrastructure?

What is Least

Privilege?

A process must be able to access

only the information and

resources that are necessary for

its legitimate purpose. Principle of Least Privilege

Infrastructure that follows the

principle of least privilege in the

strictest manner possible.

Least Privilege Infrastructure

Why Least Privilege?

Blast Radius

Reduction

My Apartment

Neighbor’s Apt

Garage

Neighbor’s Car

How do we achieve

Least Privilege

Infrastructure?

Reduced Privilege

Neighbor’s Car

Cryptographically

Signed Artifacts

Garage

Segmentation

Neighbor’s Apt

Garage

Minimal

Dependencies

Immutable

Infrastructure

Thank

you


What is Required for Modern IT

1

2

3

A secure and reliable base platform

Security across the entire supply chain

Leverage an ecosystem that

extends these principles


A Reliable Platform Available Everywhere

On every Major CloudIn the Datacenter On every Major OS


Certified & Trusted Ecosystem Technology

Docker Enterprise Edition


A Global Network for Support and Success

Global NetworkProduct & Support

39

47

18

GSI/FSI


Beginning the JourneyGet started by modernizing legacy apps with Docker

Enterprise Edition without changing the the source code


Double click on the apps you already have

Third Party

Microservices

Gartner estimates

that over 90% of an application TCO

is incurred AFTER

it is initially deployed

Traditional


Docker Brings Immediate Value to Existing Apps

Efficient

Secure

Portable Enable workload portability across hybrid cloud

Reduce the attack surface of legacy apps with inherent

container properties

Optimize infrastructure costs and streamline operations


Savings and Speed

Optimize Infrastructure Accelerate Deployments

February 2017: HPE and Docker Reference Configuration for infrastructure optimization using Docker containers on HPE infrastructure

25% savings on VMs

47% savings on bare metal

50% savings on cloud

Provision, deploy and scale

apps up to 75% faster


How: Modernize traditional apps approach

Existing

Application

Convert to

containerModern

InfrastructureMove to cloud or

refresh HW

Modern

MicroservicesAdd new services

or start peeling off

services from

monolith code base

Modern

MethodologiesIntegrate to CI/CD

and automation

systems

APP


• Accelerate portability, security and efficiency for existing apps without modifying source code

• Turnkey program includes professional services, Docker Enterprise Edition and hybrid cloud infrastructure

• Available from our partner:

Modernize Traditional Apps Program

Learn More

www.docker.com/boozallen

www.docker.com/boozallen


Banjot Chanana

Senior Director Enterprise Product


Recap: Docker EE Secure Supply Chain


Traditional

Third Party

Microservices

docker store


Control Plane


Docker Enterprise Edition (EE) Values

Efficient

Secure

PortableApplication composition and configuration portability

across any infrastructure

Safer applications and infrastructure

Optimize infrastructure costs and streamline operations


Key Capabilities of Docker EE

Container App Lifecycle Workflow

Private Image Registry

Image Scanning and

Monitoring

Secure Access and

User Management

Content Trust and

Verification

Application and

Cluster Management

Policy Management

Integrated Lifecycle

Management

Security

Distributed State

Network

Container Runtime

Volumes

Orchestration

Container Engine

Application Composition, Deployment and Reliability


•Built in orchestration:

clustering and scheduling

•Automatic cluster security

TLS, CA, and rotation

•Container centric networking

•Pluggable platform

Secure and Reliable Base

Security

Distributed State

Network

Container Runtime

Volumes

Orchestration


•One supply chain for all

applications

•App composition from dev

deploys direct to production

•Secure access with RBAC

and LDAP/AD support

•Integrated content security

End to End Container Lifecycle

Container App Lifecycle Workflow

Private Image Registry

Image Scanning and

Monitoring

Secure Access and

User Management

Content Trust and

Verification

Application and

Cluster Management

Policy Management

Application Composition, Deployment and Reliability


Demo


Thank You and Enjoy the Day Next Up

Agency Panel Discussion

by Booz Allen Hamilton

featuring GSA, JIDO, USCIS

Titled “Lessons Learned in Adopting

Containers in Production”

7th Floor

Learning Lab

Featuring Docker Orchestration

Taught by Docker Captains Bret Fisher and Phil Estes

8th Floor

THANK YOU
