Integrating Docker EE into Société Générale's Existing Enterprise IT Systems

Stéphan DechouxThomas Boussardon

Société Générale

Integrating Docker EE into Société Générale's Existing Enterprise IT Systems

Stéphan DechouxDevOps Architect

Thomas BoussardonMiddleware specialistSociété Générale

Agenda! Société Générale quick introduction

! Context of the project

! Platform power up(s)

! Sum up

! Questions ?

Société GénéraleQuick introduction

Some figures of our IT …Ø If we stack all our datacenters equipment, what will

be the height of this tower ?

8xHint : Think in Eiffel Tower size instead of

meter

Some figures of our IT …Ø Storage

Ø Network

Ø CPU Power

We can store more than 200 yearsof HD videos

Our global fiber network cancover the « Tour de France » raceOur grid computing can forecast

weather faster than « Meteo-France »

Context of the projectWhen, Where, Why, How …

Context of the Project!All type of Application: legacy, soa, API REST, monolithic, distributed …

!Mutualized infrastructure, worldwide, secure

!Integrate existing services and layers of infrastructure

!Hybrid: Private / Public Cloud

!Ready for API, Open Banking, Blockchain

!Improve User Experience (PaaS and APaaS)

Platform power up(s)Level Up Time line

6 1510 30NowStart Months

PlatformLevel 0

! Existing services in Société Générale

6 1510 30NowStart Months

Level 0 – Existing servicesContinous

Delivery/Integration Source control Artifact repository

6 1510 30

Persistent storage Data lake

Service registryKV store

Secrets management

Development stacks

6 1510 30

PlatformLevel 1

! Docker EE

! CD/CI pipeline

6 1510 30NowStart Months

Level 1Continous

Delivery/Integration Source control Artifact repository

6 1510 30

EE

UCP

Engine

DTR

Level 1 - Build

Source control Artifact repository

Build application

Docker ImageJenkins Master Jenkins Slave

BuildImage

Testing

Push in DTR

6 1510 30

Level 1 - Deploy

Source control

Jenkins Master

Docker Images

Docker HRM

Jenkins Slave Docker UCP

Docker WorkersApps DescriptionØ ScheduledØ TrigerredØ ManualDeploy Order

6 1510 30

PlatformLevel 2

! Statefulcontainers

! Logging

! Monitoring6 1510 30

NowStart Months

Level 2Continous

Delivery/Integration Source control Artifact repository

Monitoring/Alerting

New

Persistent storage

New

Data lake

New

6 1510 30

EE

UCP

Engine

DTR

Level 2 – Persistence!Stateful containers are a real thing …

Jenkins Master ELK stack Batches

6 1510 30

Level 2 - Storage!Integrate with existing storage

EnterprisePlugins

NFS

CIFS

DedicatedNAS

Existingshares

6 1510 30

Level 2 - Monitoring!Need a new way to monitor containers

!Introspect what is happening in the container

!Provide dashboard to track activity, alerting

!Send metrics and logs to data lakes

Monitoring/Alerting

New

6 1510 30

PlatformLevel 3

! Micro services

! Parallel run

! Monitoring+

Here weare !

6 1510 30NowStart Months

Level 3Continous

Delivery/Integration Source control Artifact repository

EE

UCP

Engine

DTR

Monitoring/Alerting Persistent storage

Service registryKV store

New

Data lakes

Lvl 2

Dynamic L7 loadbalancer

New

Secrets management

New

6 1510 30

Level 3!X-platform services

!Store/generate secrets, certificates

!Service registry and discovery for micro-services

!K/V store for container’s configuration

!Dynamic load-balancer / Parallel run

Dynamic L7 loadbalancer

New

Service registryKV store

New

Secrets management

New

6 1510 30

Level 3 - Typical Worker

Consul agentDNSMasqSysdig agent

Netapp pluginCIFS plugin

SyslogFabio

HRM

Docker EEWorker

Persistent storage

Data lakes

VM

Service registryKV store

Secrets management

Monitoring/Alerting

Apps

Apps

6 1510 30

Level 3 - Secure deployment!Scan images for vulnerabilities (Docker EE - DSS)

!Scan Dockerfile and compose file to respect best practices (Linter in house development)

!Manually promote images to PROD DTR (Ops)

!Jenkins pipeline provided to dev to deploy in PROD

6 1510 30

PlatformLevel 4

! Public cloud

! X-platform apps

! Perfs, securityQ4 18

6 1510 30NowStart Months

Level 4 – On goingSoftware DefinedNetwork

Software DefinedStorage

Bare MetalServers

Dedicatednodes for specificneeds

Security Policies

Enforcement

Advanced configuratio

n management

Public cloud hybridation

6 1510 30

PlatformNext level ?

Next level ?

Sum upJust a few thoughts…

Sum up: Just a few thoughts…Ø Clearly define priorities before each step

Ø Select with care your candidates

Ø Never forget to discuss with all teams

Sum up: Achievements!!Ø Create enthusiasm for new technologies and

new offers

Ø 10 applications in Prod / 50 in Dev / 400 developers

Ø Easy integration with our actual infrastructure

Ø Secure and rapid deployment in Production

Questions ?

Thank you !