CNA1699BE Running Docker on your Existing Infrastructure with vsphere Integrated Containers VMworld 2017 Content: Not for publication Martijn Baecke, Robbie Jerrom #vmworld #CNA1699BE
VMworld 2017 Robbie @robbiej Content: Not for publication Martijn @baecke #CNA1699BE CONFIDENTIAL 2
Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment from VMware to deliver these features in any generally available product. Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind. Technical feasibility and market demand will affect final delivery. Pricing and packaging for any new technologies or features discussed or presented have not been determined. #CNA1699BE CONFIDENTIAL 3
Agenda 1 Why are containers relevant? 2 What is Docker? 3 Containers on SDDC Use Cases 4 Developer Self-Service 5 Live Demo 6 Q&A #CNA1699BE CONFIDENTIAL 4
Not Too Long Ago Life Was Easy Apps! VMworld 2017 Content: Not for Access to virtual machine for coding! publication Users Developers #CNA1699BE CONFIDENTIAL 5
Digital Transformation Drives Change Apps! Apps! More Apps! Apps! New Apps! features! Apps! NOW! VMworld 2017 Content: Not for APIs! Access DevOps! to virtual Containers! machine for Control coding! the infrastructure! publication Users Developers #CNA1699BE CONFIDENTIAL 6
Developers Pyramid of Needs Functional Differentiation Performance Scalability Availability VMworld 2017 Content: Not for Security What the developer today care about i.e. functional differentiation What the platform should provide to applications - i.e. the things that deliver service level publication Manageability #CNA1699BE CONFIDENTIAL 7
Digital Transformation Business Applications Infrastructure DevOps #CNA1699BE CONFIDENTIAL 8
The Speed of This Makes a Competitive Advantage Analysis App Data #CNA1699BE CONFIDENTIAL 9
The Perfect Storm : Confluence of Four Forces #CNA1699BE CONFIDENTIAL 10
Docker 101 : The Basics #CNA1699BE CONFIDENTIAL 11
Docker Adoption #CNA1699BE CONFIDENTIAL 12
What is Docker? Docker is an open-source project that automates the deployment of applications inside software containers VMworld 2017 ~# docker build my_app ~# docker push my_app ~# Content: Not for publication #CNA1699BE CONFIDENTIAL 13
Why Developers Love Docker?! Portable Lightweight Fast Standard Format That Integrates with Developer Tooling #CNA1699BE CONFIDENTIAL 14
Docker Architecture Docker Toolbox docker (cli) docker-machine c c c c docker (engine) Linux VMworld 2017 Content: Not for publication docker images Docker Hub (Registry) #CNA1699BE CONFIDENTIAL 15
From Nothing to Running App in 3 Commands Docker Toolbox docker (cli) docker-machine 1 n g i n x docker (engine) Linux VMworld 2017 Content: Not for 3 nginx docker images 2 nginx publication Docker Hub 1 2 3 docker-machine env default docker pull nginx docker run -d -p 8000:80 nginx #CNA1699BE CONFIDENTIAL 16
But What Does Ops Need? Security & Isolation Data Governance Rich Guaranteed SLAs Resources Management Tooling #CNA1699BE CONFIDENTIAL 17
Virtual Machine the Foundation for Containers Solution for Dev Problem Solution for Ops Problem Container App OS Virtual Machine vsphere Best of both worlds Isolated & Secure Flexibility Manageable Separation of duties or distribution Hardware #CNA1699BE CONFIDENTIAL 18
#CNA1699BE CONFIDENTIAL 19
+ #CNA1699BE CONFIDENTIAL 20
vsphere Integrated Containers Management Security / Registry Micro-segmentation Security Virtual Container Hosts Docker Container Hosts C C Linux Kernel Linux Kernel C Linux Kernel Provisioning / Scheduling NSX ESXi vsan C C Docker Engine Linux Kernel C Physical Infrastructure Docker API Compliant Containers run as VMs Application repackaging use case Self Service Docker Hosts Simple micro services development and deployment #CNA1699BE CONFIDENTIAL 21
Consumers & Providers in IT Application Developers Platform Services IaaS Virtual Infrastructure Physical Infrastructure Docker Endpoint Consumer Provider Virtual Container Host Net Sec Ops Visibility #CNA1699BE CONFIDENTIAL 22
vsphere Integrated Containers Enabling the Best of Both Worlds Docker compatible interface Container management portal Enterprise-class container registry vsphere Integrated Containers Familiarity of vsphere No new tooling or technologies Full enterprise-grade power of Software-Defined Data Center #CNA1699BE CONFIDENTIAL 23
vsphere Integrated Containers Operating Model vic-machine-linux create vcenter Server Container Endpoint C-VM C-VM docker run d p 80:80 nginx Container VM nginx process Linux Kernel VCH vsphere Cluster VM VM VM VM ESXi ESXi ESXi ESXi ESXi ESXi ESXi ESXi VSAN NSX 24
Containers on SDDC Use Cases
Containers on SDDC: Use Cases Application Repackaging Modernize traditional apps No refactoring Cloud Native Develop new 12-factor apps App refactoring Developer Sandbox Enable developer agility Self-service portal #CNA1699BE CONFIDENTIAL 26
Use Case Example: Developer Sandbox Use Case Description: Ticketless development environment with IT governance and control Customer Benefits: Enable developer agility Faster application time to market Docker and Kubernetes VMware Value Proposition: Enable developer agility on vsphere Efficient utilization via resource pools Simplified container framework deployment Enterprise-class registry (AD/LDAP, replication, content trust, scanning) Unified enterprise tooling with logging, monitoring 27
Developer Sandbox Real-world Example Developer self-service with VI Admin governance Developer consumes resources via Docker API/CLI Provides developers with self-service for applications not yet in the enterprise service catalog Rapid prototyping Run a full-fledged docker engine as a ContainerVM using vsphere Integrated Containers and the Docker API/CLI DCH are packaged in a docker image and can be instantiated on VIC like any other container DCH provides command-line options to enable/disable features of the docker engine All DCH packages are based on PhotonOS Source, dockerfiles and documentation available at github.com/vmware/vic-product Docker Container Host C C Docker Engine Linux Kernel VIC Engine docker run p 12375:2375 d vmware/dch-photon C #CNA1699BE CONFIDENTIAL 28
Live Demo End-user (developer) workflow
Questions? #CNA1699BE CONFIDENTIAL 31