Docker Inc has carried out a Roadshow in order to show interested people how Docker enables a modern supply chain for the enterprise. The Roadshow was sponsored by HPE (Hewlett Packard Enterprise), took place at the InterContinental Hotel Frankfurt and was free to attend. So I decided to travel to Frankfurt and see what the guys have to show. In this short article I will share my impressions of the Roadshow.
I arrived in Frankfurt one day before the Roadshow, because it started on 8:30 in the morning. Luckily, both my Hotel and the InterContinental were about 5 minutes away from the Main Train Station.
As I arrived in the InterContinental, I first got my Badge and had a quick look around to see what kind of people were attending. I knew that it was going to be more of a business event than a tech event, but I was a little bit disappointed that there were almost no techies but mostly suited business guys.
Anyway I grabbed a cup of coffee and a smoothie and joined some guys of Deutsche Bahn and had a smooth conversation about DevOps before the talks began.
Modern Application Architecture for the Enterprise
The opening talk was held by Marc Verstaen (@verstaen), EVP Product Development at Docker. He started talking about the history of Docker, that Solomon Hykes (@solomonstre) started it all and the first the focus was on building a PaaS using Containers.
Inspired by Heroku they built DotCloud, but supporting all Stacks increased the complexity and even big companies began to left. So they decided to open source Docker and to help Developers focus on a Product instead of Technology Stacks.
He talked about why Docker is successful and how it supports the software engineering process.
After that he talked about why Docker is successful and how it supports the software engineering process. First of all, he stated that it supports breaking a Monolith into Microservices. Also the Problem of Developer vs Operation silos can be tackled using Docker. He says that Containers are a good catalyst to solve some of those problems, among others, because they are more lightweight than Virtual Machines.
At the end of his talk he showed some statistics that prove that Docker can drive IT transformation. 60% of the asked companies are using Docker in production and the main areas Docker is supporting are the following: Agility, Portability and Control.
Containers as a Service with Docker Datacenter
In the second talk Steven Thwaites (@stevethwaites), Solution Engineer at Docker, introduced the Docker Datacenter, a Container as a Service solution. He first pointed out that IaaS solutions give engineers too much freedom and PaaS too little and that CaaS enables a good level of freedom.
He gave a Sneak Preview of the Docker Datacenter a high available GUI for the CaaS, which allows Access Control and Monitoring. Basically you have all the power that comes with Docker like Docker Compose and Docker Swarm, but as an enterprise solution with support.
Also a CaaS provides all the cool features a PaaS like Cloud Foundry does, i.e. self healing abilities and scaling.
Basically you have all the power that comes with Docker like Docker Compose and Docker Swarm, but as an enterprise solution with support.
The rest of the talk he showed different features of the solution with some example containers, but unfortunately I am not allowed to give details about that, as we were asked not to publish them.
HPE and Docker
The next talk was given by Johannes Horneck and Jan Hoerdt both from HPE. He basically talked about why Docker is awesome and that Docker is the solution for Software Defined Infrastructure in their opinion. As far as I remember, they had a project with a big IoT Company and that led them to use Docker. Now they use Docker for continuous deployment so that they have Docker container along the whole software development pipeline from dev to production. And instead of using a PaaS for deploying their applications to production they use the Docker CaaS solution.
That’s also the reason why they have about 200 of their engineers working on Docker.
— Stefan Buerger (@stbuerger) 13. Oktober 2016
Secure the Enterprise Software Supply Chain with Docker
The last talk was also the most interesting one, held by Diogo Monica (@diogomonica), Security Lead at Docker. He basically talked about security mechanisms along the supply chain when working with
Docker and the Docker CaaS solution. Therefore he compared the Software supply chain with a manufacturing supply chain, which I found pretty interesting.
Most of the people, when thinking about security in the context of Docker, they think of isolation and breaking out of the Containers.
First he stated that most of the people, when thinking about security in the context of Docker, they think of isolation and breaking out of the Containers. But the vulnerability between each step along the supply chain is much higher a security risk.
To be more concrete a Docker image could be compromised by modifying the content between those steps. Then he presented the rather sophisticated security mechanisms that prevent Docker Images from being compromised.
I can’t talk about the details here, but basically, a Docker Image that should run in Production with the CaaS solution gets signed with cryptographic checksums on each step in the supply chain. And before running the Image in the last step, all these cryptologic signatures are getting verified before running the Image. Pretty cool.
After the last talk, they served lunch which was pretty awesome and I had the opportunity to talk to some guys from yachtcloud. To sum the event up, it was cool to see how Docker moves in the direction of PaaS with their CaaS solution. I will investigate some time to find out the exact differences or benefits of the Docker CaaS comparing to a PaaS like Cloud Foundry. As I already mentioned, I would have loved to see more techies, but, anyway, it was very good experience.