2019 goto going docker, swarm, and kubernetes production ... · real world deployments swarm3k...
TRANSCRIPT
![Page 1: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/1.jpg)
BRET FISHERDocker Captain, DevOps Dude, Creator of Docker Mastery
Going D/S/K Prod Like A Pro
bretfisher.com/docker
@bretfisher
![Page 2: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/2.jpg)
BRET FISHERDocker Captain, DevOps Dude, Creator of Docker Mastery
Going D/S/K Prod Like A Pro
bretfisher.com/docker@bretfisher
![Page 3: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/3.jpg)
BRET FISHERDocker Captain, DevOps Dude, Creator of Docker Mastery
Going D/S/K Prod Like A Pro
bretfisher.com/docker@bretfisher
![Page 4: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/4.jpg)
Session Name
Title & Company
Speaker Name
![Page 5: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/5.jpg)
![Page 6: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/6.jpg)
I've given 50+ Docker DevOps talks in the last 4 years! 😵
![Page 7: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/7.jpg)
I've given 50+ Docker DevOps talks in the last 4 years! 😵How can I cram the "best of" in 30 minutes to get you in production faster?
![Page 8: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/8.jpg)
A Bit About Me
![Page 9: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/9.jpg)
A Bit About Me●Geek since 5th Grade
![Page 10: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/10.jpg)
A Bit About Me●Geek since 5th Grade
●IT Sysadmin+Dev since 1994
![Page 11: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/11.jpg)
A Bit About Me●Geek since 5th Grade
●IT Sysadmin+Dev since 1994
●Maker of "Docker Mastery" 120k students
![Page 12: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/12.jpg)
A Bit About Me●Geek since 5th Grade
●IT Sysadmin+Dev since 1994
●Maker of "Docker Mastery" 120k students
●Container Fanboy
![Page 13: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/13.jpg)
A Bit About Me●Geek since 5th Grade
●IT Sysadmin+Dev since 1994
●Maker of "Docker Mastery" 120k students
●Container Fanboy
●DevOps Trainer/Consultant
![Page 14: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/14.jpg)
Limit Your Simultaneous Innovation
![Page 15: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/15.jpg)
Limit Your Simultaneous Innovation
● Many initial container projects are too big in scope
![Page 16: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/16.jpg)
Limit Your Simultaneous Innovation
● Many initial container projects are too big in scope
● Solutions you maybe don't need day one:
![Page 17: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/17.jpg)
Limit Your Simultaneous Innovation
● Many initial container projects are too big in scope
● Solutions you maybe don't need day one:
○ Fully automatic CI/CD
![Page 18: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/18.jpg)
Limit Your Simultaneous Innovation
● Many initial container projects are too big in scope
● Solutions you maybe don't need day one:
○ Fully automatic CI/CD
○ Dynamic performance autoscaling
![Page 19: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/19.jpg)
Limit Your Simultaneous Innovation
● Many initial container projects are too big in scope
● Solutions you maybe don't need day one:
○ Fully automatic CI/CD
○ Dynamic performance autoscaling
○ Containerizing all or nothing
![Page 20: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/20.jpg)
Limit Your Simultaneous Innovation
● Many initial container projects are too big in scope
● Solutions you maybe don't need day one:
○ Fully automatic CI/CD
○ Dynamic performance autoscaling
○ Containerizing all or nothing
○ Starting with persistent data
![Page 21: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/21.jpg)
Legacy Apps Work In Containers Too
![Page 22: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/22.jpg)
Legacy Apps Work In Containers Too
● Microservice conversion isn't required
![Page 23: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/23.jpg)
Legacy Apps Work In Containers Too
● Microservice conversion isn't required
● 12 Factor is a horizon we're always chasing
![Page 24: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/24.jpg)
Legacy Apps Work In Containers Too
● Microservice conversion isn't required
● 12 Factor is a horizon we're always chasing
● Don't let these ideals delay containerization
![Page 25: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/25.jpg)
What To Focus On First: Dockerfiles
![Page 26: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/26.jpg)
What To Focus On First: Dockerfiles
●More important than fancy orchestration
![Page 27: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/27.jpg)
What To Focus On First: Dockerfiles
●More important than fancy orchestration
● It's your new build documentation
![Page 28: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/28.jpg)
What To Focus On First: Dockerfiles
●More important than fancy orchestration
● It's your new build documentation
● Study Dockerfile/Entrypoint of Hub Officials
![Page 29: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/29.jpg)
What To Focus On First: Dockerfiles
●More important than fancy orchestration
● It's your new build documentation
● Study Dockerfile/Entrypoint of Hub Officials
● Use FROM Official distros that are most familiar
![Page 30: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/30.jpg)
Dockerfile Anti-pattern: Using Latest
![Page 31: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/31.jpg)
Dockerfile Anti-pattern: Using Latest
● Latest = Image builds will be ¯\_(ツ)_/¯
![Page 32: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/32.jpg)
Dockerfile Anti-pattern: Using Latest
● Latest = Image builds will be ¯\_(ツ)_/¯
● Problem: Image builds pull FROM latest
● Solution: Use specific FROM tags
![Page 33: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/33.jpg)
Dockerfile Anti-pattern: Using Latest
● Latest = Image builds will be ¯\_(ツ)_/¯
● Problem: Image builds pull FROM latest
● Solution: Use specific FROM tags
● Problem: Image builds install latest packages
● Solution: Specify version for critical apt/yum/apk packages
![Page 34: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/34.jpg)
Dockerfile Anti-pattern: Leaving Default Config
![Page 35: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/35.jpg)
Dockerfile Anti-pattern: Leaving Default Config
● Problem: Not changing app defaults, or blindly copying VM conf
○ e.g. php.ini, mysql.conf.d, java memory
![Page 36: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/36.jpg)
Dockerfile Anti-pattern: Leaving Default Config
● Problem: Not changing app defaults, or blindly copying VM conf
○ e.g. php.ini, mysql.conf.d, java memory
● Solution: Update default configs via ENV, RUN, and ENTRYPOINT
![Page 37: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/37.jpg)
Containers-on-VM or Container-on-Bare-Metal
![Page 38: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/38.jpg)
Containers-on-VM or Container-on-Bare-Metal
●Do either, or both. Lots of pros/cons to either
![Page 39: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/39.jpg)
Containers-on-VM or Container-on-Bare-Metal
●Do either, or both. Lots of pros/cons to either
●Stick with what you know at first
![Page 40: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/40.jpg)
Containers-on-VM or Container-on-Bare-Metal
●Do either, or both. Lots of pros/cons to either
●Stick with what you know at first
●Do some basic performance testing. You will learn lots!
![Page 41: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/41.jpg)
Containers-on-VM or Container-on-Bare-Metal
●Do either, or both. Lots of pros/cons to either
●Stick with what you know at first
●Do some basic performance testing. You will learn lots!
●2017 Docker Inc. and HPE whitepaper on MySQL benchmark
○ (authored by yours truly, and others)
○bretfisher.com/gotochgo18
![Page 42: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/42.jpg)
OS Linux Distribution/Kernel Matters
![Page 43: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/43.jpg)
OS Linux Distribution/Kernel Matters
● Docker is very kernel and host storage driver dependent
![Page 44: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/44.jpg)
OS Linux Distribution/Kernel Matters
● Docker is very kernel and host storage driver dependent● Innovations/fixes are still happening here
![Page 45: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/45.jpg)
OS Linux Distribution/Kernel Matters
● Docker is very kernel and host storage driver dependent● Innovations/fixes are still happening here● "Minimum" version != "best" version
![Page 46: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/46.jpg)
OS Linux Distribution/Kernel Matters
● Docker is very kernel and host storage driver dependent● Innovations/fixes are still happening here● "Minimum" version != "best" version● No pre-existing opinion? Ubuntu 18.04 LTS ○ Popular, well-tested with Docker ○ 4.x Kernel and wide storage driver support (overlay2)
![Page 47: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/47.jpg)
OS Linux Distribution/Kernel Matters
● Docker is very kernel and host storage driver dependent● Innovations/fixes are still happening here● "Minimum" version != "best" version● No pre-existing opinion? Ubuntu 18.04 LTS ○ Popular, well-tested with Docker ○ 4.x Kernel and wide storage driver support (overlay2)
● Container OS's aren't mainstream. Unclear TCO
![Page 48: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/48.jpg)
OS Linux Distribution/Kernel Matters
● Docker is very kernel and host storage driver dependent● Innovations/fixes are still happening here● "Minimum" version != "best" version● No pre-existing opinion? Ubuntu 18.04 LTS ○ Popular, well-tested with Docker ○ 4.x Kernel and wide storage driver support (overlay2)
● Container OS's aren't mainstream. Unclear TCO● Get correct Docker for your distro from hub.docker.com
![Page 49: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/49.jpg)
Container Base Distribution: Which One?
![Page 50: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/50.jpg)
Container Base Distribution: Which One?
● Which FROM image should you use?
![Page 51: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/51.jpg)
Container Base Distribution: Which One?
● Which FROM image should you use?
● Don't make a decision based on size (remember it's Single Instance Storage)
![Page 52: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/52.jpg)
Container Base Distribution: Which One?
● Which FROM image should you use?
● Don't make a decision based on size (remember it's Single Instance Storage)
● At first: match your existing deployment process
![Page 53: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/53.jpg)
Container Base Distribution: Which One?
● Which FROM image should you use?
● Don't make a decision based on size (remember it's Single Instance Storage)
● At first: match your existing deployment process
● Consider changing to Alpine later, maybe never
![Page 54: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/54.jpg)
When to use Alpine Images
![Page 55: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/55.jpg)
When to use Alpine Images•Alpine is "small" and "sec focused"
![Page 56: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/56.jpg)
When to use Alpine Images•Alpine is "small" and "sec focused"•But Debian/Ubuntu are smaller now too
![Page 57: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/57.jpg)
When to use Alpine Images•Alpine is "small" and "sec focused"•But Debian/Ubuntu are smaller now too•~100MB space savings isn't significant
![Page 58: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/58.jpg)
When to use Alpine Images•Alpine is "small" and "sec focused"•But Debian/Ubuntu are smaller now too•~100MB space savings isn't significant•Alpine has its own issues
![Page 59: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/59.jpg)
When to use Alpine Images•Alpine is "small" and "sec focused"•But Debian/Ubuntu are smaller now too•~100MB space savings isn't significant•Alpine has its own issues•Alpine CVE scanning fails
![Page 60: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/60.jpg)
When to use Alpine Images•Alpine is "small" and "sec focused"•But Debian/Ubuntu are smaller now too•~100MB space savings isn't significant•Alpine has its own issues•Alpine CVE scanning fails•Enterprises may require CentOS or Ubuntu/Debian
![Page 61: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/61.jpg)
Image Sizes for node/slim/alpine
![Page 62: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/62.jpg)
Image Sizes for node/slim/alpine
![Page 63: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/63.jpg)
Good Defaults: Swarm Architectures
![Page 64: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/64.jpg)
Good Defaults: Swarm Architectures
● Simple sizing guidelines based off:
○ Docker internal testing
○ Docker reference architectures
○ Real world deployments
○ Swarm3k lessons learned
![Page 65: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/65.jpg)
![Page 66: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/66.jpg)
![Page 67: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/67.jpg)
Baby Swarm: 1-Node
![Page 68: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/68.jpg)
Baby Swarm: 1-Node
● "docker swarm init" done!
●Solo VM's do it, so can Swarm
●Gives you more features then docker run
●bret.show/babyswarm
![Page 69: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/69.jpg)
HA Swarm: 3-Node
![Page 70: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/70.jpg)
HA Swarm: 3-Node
●Minimum for HA
●All Managers
●One node can fail
●Use when very small budget
●Pet projects or Test/CI
![Page 71: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/71.jpg)
Biz Swarm: 5-Node
![Page 72: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/72.jpg)
Biz Swarm: 5-Node
●Better high-availability
●All Managers
●Two nodes can fail
●My minimum for uptime that affects $$$
![Page 73: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/73.jpg)
Flexy Swarm: 10+ Nodes
![Page 74: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/74.jpg)
Flexy Swarm: 10+ Nodes
●5 dedicated Managers
●Workers in DMZ
●Anything beyond 5 nodes, stick with 5 Managers and rest Workers
●Control container placement with labels + constraints
![Page 75: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/75.jpg)
Swole Swarm: 100+ Nodes
![Page 76: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/76.jpg)
Swole Swarm: 100+ Nodes
●5 dedicated managers
●Resize Managers as you grow
●Multiple Worker subnets on Private/DMZ
●Control container placement with labels + constraints
![Page 77: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/77.jpg)
Don't Turn Cattle into Pets
![Page 78: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/78.jpg)
Don't Turn Cattle into Pets
● Assume nodes will be replaced
● Assume containers will be recreated
● Automate any host customization
● Every time you SSH into a server 🐼🔫
![Page 79: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/79.jpg)
Reasons for Multiple Clusters
![Page 80: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/80.jpg)
Reasons for Multiple Clusters
Bad Reasons
● Different hardware configurations (or OS!)
● Different subnets or security groups
● Different availability zones
●Security boundaries for compliance
![Page 81: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/81.jpg)
Reasons for Multiple Clusters
Bad Reasons
● Different hardware configurations (or OS!)
● Different subnets or security groups
● Different availability zones
●Security boundaries for compliance
Good Reasons
● Learning: Run Stuff on Test Swarm
● Geographical boundaries
● Management boundaries using Docker API (or Docker EE RBAC, or other auth plugin)
![Page 82: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/82.jpg)
What About Windows Server 2019?
●Hard to be "Windows Only Swarm", mix with Linux nodes
●Much of those tools are Linux only
●Windows = Less choice, but easier path
●My recommendation:
○Managers on Linux
○Reserve Windows for Windows-exclusive workloads
●Swarm is more stable, Kubernetes is still early days
![Page 83: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/83.jpg)
DevSecOps: Making Friends With InfoSec
●Good: Just putting apps in Docker vs. host =
○Whiltelist of Linux kernel capabilities ✔
○AppLocker profile enabled ✔
○SecComp profile enabled ✔
●USER appname: App is not container root (e.g. node/python)
●User Namespaces: Container root isn't root (turn on per host)
●More basics at: bret.show/securityfirst
![Page 84: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/84.jpg)
DevSecOps: Shift Left Security
● Scan, Scan, Scan.
● Scan for CVE's in git: snyk.io
● Scan for CVE's in image builds: MicroScanner
● Scan for CVE's in images: Trivy
![Page 85: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/85.jpg)
DevSecOps: Content Trust
●Only used scanned images
●Only allow running of signed images
●Only used signed code
![Page 86: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/86.jpg)
DevOps: Focus On Outcomes, Not Tools
![Page 87: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/87.jpg)
DevOps: Focus On Outcomes, Not Tools
● Only change/implement what:
![Page 88: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/88.jpg)
DevOps: Focus On Outcomes, Not Tools
● Only change/implement what:
○Gives you back a measurable chunk of time
![Page 89: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/89.jpg)
DevOps: Focus On Outcomes, Not Tools
● Only change/implement what:
○Gives you back a measurable chunk of time
○Greatly improves MTTR
![Page 90: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/90.jpg)
DevOps: Focus On Outcomes, Not Tools
● Only change/implement what:
○Gives you back a measurable chunk of time
○Greatly improves MTTR
○Greatly improves deployment frequency
![Page 91: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/91.jpg)
DevOps: Focus On Outcomes, Not Tools
● Only change/implement what:
○Gives you back a measurable chunk of time
○Greatly improves MTTR
○Greatly improves deployment frequency
●NO to everything else!
![Page 92: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/92.jpg)
DevOps: Focus On Outcomes, Not Tools
● Only change/implement what:
○Gives you back a measurable chunk of time
○Greatly improves MTTR
○Greatly improves deployment frequency
●NO to everything else!
●More at bret.show/humandevops
![Page 93: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/93.jpg)
Outsource Well-Defined Plumbing
![Page 94: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/94.jpg)
Outsource Well-Defined Plumbing
●Beware the "not implemented here" syndrome
![Page 95: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/95.jpg)
Outsource Well-Defined Plumbing
●Beware the "not implemented here" syndrome
●My formula for "Do we use SaaS/Commercial"?
![Page 96: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/96.jpg)
Outsource Well-Defined Plumbing
●Beware the "not implemented here" syndrome
●My formula for "Do we use SaaS/Commercial"?
○ If it's a challenge to implement and maintain
![Page 97: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/97.jpg)
Outsource Well-Defined Plumbing
●Beware the "not implemented here" syndrome
●My formula for "Do we use SaaS/Commercial"?
○ If it's a challenge to implement and maintain
○+ SaaS/commercial market is mature
![Page 98: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/98.jpg)
Outsource Well-Defined Plumbing
●Beware the "not implemented here" syndrome
●My formula for "Do we use SaaS/Commercial"?
○ If it's a challenge to implement and maintain
○+ SaaS/commercial market is mature
○= Opportunities for outsourcing
![Page 99: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/99.jpg)
Outsourcing: For Your Consideration
![Page 100: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/100.jpg)
Outsourcing: For Your Consideration
● Image registry
![Page 101: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/101.jpg)
Outsourcing: For Your Consideration
● Image registry
●Logs
![Page 102: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/102.jpg)
Outsourcing: For Your Consideration
● Image registry
●Logs
●Monitoring and alerting
![Page 103: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/103.jpg)
Outsourcing: For Your Consideration
● Image registry
●Logs
●Monitoring and alerting● Big Tools/Projects: github.com/cncf/landscape
![Page 104: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/104.jpg)
Outsourcing: For Your Consideration
● Image registry
●Logs
●Monitoring and alerting● Big Tools/Projects: github.com/cncf/landscape
● All The Things: github.com/veggiemonk/awesome-docker github.com/ramitsurana/awesome-kubernetes
![Page 105: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/105.jpg)
Tech StacksDesigns for a full-featured cluster
![Page 106: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/106.jpg)
Pure Open Source Swarm Stack
![Page 107: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/107.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible Terraform
![Page 108: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/108.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime Docker
![Page 109: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/109.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker Swarm
![Page 110: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/110.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm
![Page 111: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/111.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-Ray
![Page 112: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/112.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-RayCI/CD Jenkins Drone
![Page 113: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/113.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-RayCI/CD Jenkins DroneRegistry Docker Distribution + Portus
![Page 114: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/114.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-RayCI/CD Jenkins DroneRegistry Docker Distribution + PortusLayer 7 Proxy Traefik
![Page 115: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/115.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-RayCI/CD Jenkins DroneRegistry Docker Distribution + PortusLayer 7 Proxy TraefikCentral Logging ELK
![Page 116: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/116.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-RayCI/CD Jenkins DroneRegistry Docker Distribution + PortusLayer 7 Proxy TraefikCentral Logging ELKCentral Monitoring Prometheus + Grafana
![Page 117: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/117.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-RayCI/CD Jenkins DroneRegistry Docker Distribution + PortusLayer 7 Proxy TraefikCentral Logging ELKCentral Monitoring Prometheus + GrafanaGUI Management Portainer
![Page 118: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/118.jpg)
Pure Open Source Swarm Stack
HW / OS Ansible TerraformRuntime DockerOrchestration Docker SwarmNetworking Docker Swarm Storage REX-RayCI/CD Jenkins DroneRegistry Docker Distribution + PortusLayer 7 Proxy TraefikCentral Logging ELKCentral Monitoring Prometheus + GrafanaGUI Management Portainer
Also
Functions As A Service:
OpenFaaS
![Page 119: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/119.jpg)
Commercial Products/SaaS Swarm Stack
![Page 120: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/120.jpg)
Commercial Products/SaaS Swarm StackGUI Management PortainerCentral Monitoring Librato / DataDog / SysdigCentral Logging DataDog / Papertrail / LogglyLayer 7 Proxy Traefik EnterpriseRegistry Docker Hub QuayCI/CD GitLab CircleCIStorage PortworxNetworking Docker Swarm / WeaveOrchestration Docker SwarmRuntime DockerHW / OS Ansible Terraform
![Page 121: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/121.jpg)
Docker Enterprise Swarm or Kubernetes
![Page 122: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/122.jpg)
Docker Enterprise Swarm or KubernetesSwarm GUI Docker Enterprise (UCP)Central Monitoring Prometheus SysdigCentral Logging Docker for AWS/AzureLayer 7 Proxy Docker Enterprise (UCP)Registry Docker Enterprise (DTR)CI/CD Jenkins GitLabStorage NetApp / Portworx / CSINetworking Swarm Overlay / CalicoOrchestration Docker Swarm / KubernetesRuntime Docker EnterpriseHW / OS Docker Enterprise
![Page 123: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/123.jpg)
Docker Enterprise Swarm or KubernetesSwarm GUI Docker Enterprise (UCP)Central Monitoring Prometheus SysdigCentral Logging Docker for AWS/AzureLayer 7 Proxy Docker Enterprise (UCP)Registry Docker Enterprise (DTR)CI/CD Jenkins GitLabStorage NetApp / Portworx / CSINetworking Swarm Overlay / CalicoOrchestration Docker Swarm / KubernetesRuntime Docker EnterpriseHW / OS Docker Enterprise
Also
Image Security Scanning
Role-Based Access Cont
Image Promotion
Content Trust
![Page 124: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/124.jpg)
![Page 125: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/125.jpg)
![Page 126: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/126.jpg)
Session Name
Title & Company
Speaker Name
😬
![Page 127: 2019 GOTO Going Docker, Swarm, and Kubernetes Production ... · Real world deployments Swarm3k lessons learned. Baby Swarm: 1-Node . Baby Swarm: 1-Node "docker swarm init" done! Solo](https://reader035.vdocuments.mx/reader035/viewer/2022062919/5ee0fd1dad6a402d666c0885/html5/thumbnails/127.jpg)
Thank You! @bretfisher
Free 15 Hour Course: bret.show/gotoberdocker
Slide resources: bretfisher.com/docker
🤘