integrating docker ee into société générale's existing enterprise it systems
TRANSCRIPT
Integrating Docker EE into Société Générale's Existing Enterprise IT Systems
Stéphan DechouxThomas Boussardon
Société Générale
Integrating Docker EE into Société Générale's Existing Enterprise IT Systems
Stéphan DechouxDevOps Architect
Thomas BoussardonMiddleware specialistSociété Générale
Agenda! Société Générale quick introduction
! Context of the project
! Platform power up(s)
! Sum up
! Questions ?
Some figures of our IT …Ø If we stack all our datacenters equipment, what will
be the height of this tower ?
8xHint : Think in Eiffel Tower size instead of
meter
Some figures of our IT …Ø Storage
Ø Network
Ø CPU Power
We can store more than 200 yearsof HD videos
Our global fiber network cancover the « Tour de France » raceOur grid computing can forecast
weather faster than « Meteo-France »
Context of the Project!All type of Application: legacy, soa, API REST, monolithic, distributed …
!Mutualized infrastructure, worldwide, secure
!Integrate existing services and layers of infrastructure
!Hybrid: Private / Public Cloud
!Ready for API, Open Banking, Blockchain
!Improve User Experience (PaaS and APaaS)
Level 0 – Existing servicesContinous
Delivery/Integration Source control Artifact repository
6 1510 30
Persistent storage Data lake
Service registryKV store
Secrets management
Level 1Continous
Delivery/Integration Source control Artifact repository
6 1510 30
EE
UCP
Engine
DTR
Level 1 - Build
Source control Artifact repository
Build application
Docker ImageJenkins Master Jenkins Slave
BuildImage
Testing
Push in DTR
6 1510 30
Level 1 - Deploy
Source control
Jenkins Master
Docker Images
Docker HRM
Jenkins Slave Docker UCP
Docker WorkersApps DescriptionØ ScheduledØ TrigerredØ ManualDeploy Order
6 1510 30
Level 2Continous
Delivery/Integration Source control Artifact repository
Monitoring/Alerting
New
Persistent storage
New
Data lake
New
6 1510 30
EE
UCP
Engine
DTR
Level 2 – Persistence!Stateful containers are a real thing …
Jenkins Master ELK stack Batches
6 1510 30
Level 2 - Storage!Integrate with existing storage
EnterprisePlugins
NFS
CIFS
DedicatedNAS
Existingshares
6 1510 30
Level 2 - Monitoring!Need a new way to monitor containers
!Introspect what is happening in the container
!Provide dashboard to track activity, alerting
!Send metrics and logs to data lakes
Monitoring/Alerting
New
6 1510 30
Level 3Continous
Delivery/Integration Source control Artifact repository
EE
UCP
Engine
DTR
Monitoring/Alerting Persistent storage
Service registryKV store
New
Data lakes
Lvl 2
Dynamic L7 loadbalancer
New
Secrets management
New
6 1510 30
Level 3!X-platform services
!Store/generate secrets, certificates
!Service registry and discovery for micro-services
!K/V store for container’s configuration
!Dynamic load-balancer / Parallel run
Dynamic L7 loadbalancer
New
Service registryKV store
New
Secrets management
New
6 1510 30
Level 3 - Typical Worker
Consul agentDNSMasqSysdig agent
Netapp pluginCIFS plugin
SyslogFabio
HRM
Docker EEWorker
Persistent storage
Data lakes
VM
Service registryKV store
Secrets management
Monitoring/Alerting
Apps
Apps
6 1510 30
Level 3 - Secure deployment!Scan images for vulnerabilities (Docker EE - DSS)
!Scan Dockerfile and compose file to respect best practices (Linter in house development)
!Manually promote images to PROD DTR (Ops)
!Jenkins pipeline provided to dev to deploy in PROD
6 1510 30
Level 4 – On goingSoftware DefinedNetwork
Software DefinedStorage
Bare MetalServers
Dedicatednodes for specificneeds
Security Policies
Enforcement
Advanced configuratio
n management
Public cloud hybridation
6 1510 30
Sum up: Just a few thoughts…Ø Clearly define priorities before each step
Ø Select with care your candidates
Ø Never forget to discuss with all teams
Sum up: Achievements!!Ø Create enthusiasm for new technologies and
new offers
Ø 10 applications in Prod / 50 in Dev / 400 developers
Ø Easy integration with our actual infrastructure
Ø Secure and rapid deployment in Production