No
Yes
View More
View Less
Working...
Close
OK
Cancel
Confirm
System Message
Delete
Schedule
An unknown error has occurred and your request could not be completed. Please contact support.
Scheduled
Scheduled
Wait Listed
Personal Calendar
Speaking
Conference Event
Meeting
Interest
Scheduling function is not yet available. Try back on March 15th.
Conflict Found
This session is already scheduled at another time. Would you like to...
Loading...
Please enter a maximum of {0} characters.
{0} remaining of {1} character maximum.
Please enter a maximum of {0} words.
{0} remaining of {1} word maximum.
must be 50 characters or less.
must be 40 characters or less.
Session Summary
We were unable to load the map image.
This has not yet been assigned to a map.
Search Catalog
Reply
Replies ()
Search
New Post
Microblog
Microblog Thread
Post Reply
Post
Your session timed out.
This web page is not optimized for viewing on a mobile device. Visit this site in a desktop browser to access the full set of features.
DockerCon 2019
Add to My Interests
Remove from My Interests
 

316866 - Welcome Reception

Welcome Reception hosted in the Ecosystem Expo Hall

316889 - General Session

Please join us on Floor 3 for the General Session

302922 - Test Driven Development is Dead

In this session we'll uncover why both Unit Testing and Integration Testing as a practice doesn't actually help engineers or operations understand how their applications run in production nor does it help them sleep at night when PagerDuty goes off at 3am. We'll discuss how modern software delivery organizations are leveraging advances in monitoring and logging systems to analyze the behavior of their production systems in near real time and uncover the mysticism surrounding observability. We'll show real world examples of tooling which enable organizations to focus on what really matters: is my production application working like it should.

In this talk I'll prove that sufficiently advanced monitoring is indistinguishable from testing and demonstrate how your organization can benefit from it.

Kevin Crawley, Instana
310360 - Data Tells Us You Will Love This Talk The Data Team at Docker builds and maintains pipelines for all functional units within the company while dogfooding the latest versions of our products. Join us as we dive into the data engineering infrastructure that we use to deliver metrics and insights to different audiences. We will also share some of our key learnings and best practices as a result of our effort to create a data-centric culture within the company. Amn Rahman, Docker
Brian Donaldson, Docker
310713 - macOS Inside a Docker Container for Development

When it comes to setting up build pipelines for iOS and Mac app development, Apple makes you build differently. Standard tools like Kubernetes and Docker have never worked for macOS containers. MacStadium had a unique problem in that the company provides development environments on Mac hardware for macOS and iOS developers. MacStadium’s development team wanted to take advantage of the capability and power of Docker/Kubernetes in a Mac development environment, but there was no good solution. To solve this problem, the team decided to build a tool to put macOS inside a Docker container. In this session, join Chris Chapman from MacStadium to hear about how he and his team used Docker to solve their Mac build problems.

 
Christopher Chapman, MacStadium Inc.
313930 - Two Years of Fun & Productivity on Docker Hub

I set up 3 low-power servers at home to start learning Docker in 2017. In this talk, I share many things you can do (from weather reporting and webcams, to CI/CD to DVR to email) for entertainment and work with Swarm and Kubernetes, along with the 3 dozen images I've shared on Docker Hub. The recent surge of Kubernetes and GitLab-CI gave us all a fascinating new toolkit which enables me to test, build and deploy more of my content directly on the Internet; let me help you get your projects up and running on Docker Hub and GitHub!

Rich Braun, Splunk
281801 - Giving Back to Upstream: An Open Source Beginner's Primer So you really want to contribute to open source? Varying opinions about open source, foundations, governance models, and licensing are proclaimed across our industry's news feeds regularly. But the fact of the matter is, open source is everywhere and the broad ecosystem benefits of giving back through open source contribution is hard to argue against! If you haven't ever contributed to open source or don't even have a GitHub ID, this talk is your kickstarter to get out there and share what you have with an open source community! This talk will cover everything from the basics of getting started with tools like git and GitHub to what to expect when working with various upstream communities. Open source community participation can have its share of bumps and bruises, but it can be extremely rewarding as well. Your involvement could be the spark that a particular community needs to be more open and welcoming. We'll talk about the practical aspects of dealing with remote communities, misunderstandings in online communication, and how best to work with community maintainers. Best of all, you'll walk away with the information you need and hopefully the confidence to enter the open source world and make a difference with your contributions! Phil Estes, IBM
281969 - Deep Dive into firecracker-containerd Amazon recently released the Firecracker Virtual Machine Manager (VMM) built on top of the Linux KVM subsystem, which is optimized for lightweight, container-like "micro"-VMs. This session dives deep into the architecture of the firecracker-containerd project, which aims to allow portability between standard OCI container images and the larger container ecosystem with Firecracker micro-VMs. Topics covered will include the standard containerd architecture with the reference OCI runtime (runc), challenges adapting containers into micro-VMs, and the firecracker-containerd suite. Samuel Karp, Amazon Web Servcies
289946 - How To Build Your Containerization Strategy

The Docker Enterprise container platform helps organizations deploy and manage applications faster and it secures the application pipeline at a lower cost than traditional application delivery models. But it takes more than just great technology to achieve the desired results. The organization and culture of your enterprise directly impacts what you transform, how it’s done, and who does it. Success requires a strategy for how you will govern the container platform environment, how to assess your application estate, what your delivery pipeline will look like, and how to ensure developers, operators, security teams and others play nicely together. In this talk I will cover topics such as different types of workloads (legacy, microservices, FaaS, big data and more), how your org chart can influence whether you deploy CaaS (Containers as a Service) vs CLaaS (Clusters as a Service), how "shifting left" can determine if you can outsource, centralized vs distributed CI/CD and how containers play a role, transforming your pets into cattle, how giant whale balloons are used for onboarding, and a prescriptive and comprehensive methodology for successfully deploying containers into your enterprise.

Lee Namba, Docker
290676 - Digital Transformation Readiness - A Docker Journey at Halliburton

Digital technology is a business enabler at Halliburton, an energy services company that engineers solutions to maximize asset value for its customers. From remote locations around the world, to central data centers and ubiquitous public clouds, a digital transformation is underway with distributed computing as the new norm. This session will cover an IT enterprise architecture perspective of Halliburton's containerization journey and why Docker is a considered a key enabler for digital transformation. In the session, you'll learn:

  • Architectural vision for Halliburton's distributed computing platform
  • Why Halliburton selected Docker Enterprise Edition
  • Halliburton's Journey with Docker (what was easy, hard, and really difficult)
Torben Pedersen, Halliburton
290767 - Docker Enterprise Platform and Architecture

Docker Enterprise is an enterprise container platform for developers and IT admins building and managing container applications. The platform includes integrated orchestration (Swarm and Kubernetes), advanced private image registry, and a centralized admin console to secure, troubleshoot, and manage containerized applications. This talk will focus on the Docker Enterprise technical architecture, key features and use cases it is designed to support. Key areas covered in this session:

  • Latest features and enhancements
  • Security and Compliance - how to ensure oversight and validate applications for different compliance regulations
  • Operational Insight - how to identify and troubleshoot issues in your container environment
  • Integrated Technology - the technologies are supported and can be run with Docker Enterprise
  • Policy-based Automation - how to scale container environments through automated policies
 
Joe Colandro, Docker
Jenny Fong, Docker
290772 - Message-Based Microservices Architectures - Benefits and Practical Matters To build a microservices solution you go through a process of factoring your business capabilities into well defined domains, sub domains and microservices. While this results in more moving parts, dependent on container platforms and DevOps procedures to manage it well, it also enables co-evolution of services and features with reduced friction. One of the biggest challenges is rethinking the back-end whereby each microservice owns its own data model - completely decoupled from the rest of the system. Embracing eventual consistency, and incorporating a message-based architecture can help with this, and services that "fit in your head" make for a manageable approach to introducing message-based strategies. This session will show you how to build a docker-based solution that incorporates async messaging, CQRS patterns, fit for purpose data back-ends and eventual consistency as part of a microservices solution. In addition, the session will address specific challenges such as dealing with message order, versioning, poison messages and data protection. Michele Leroux Bustamante, Solliance
294914 - Containers for Beginners

Feeling overwhelmed while getting started with containers? Have you been tasked to figure out how to train everyone back at your organization? There's just so much to learn and teach! In this talk, we’ll start with a tiny bit of history to motivate the "why" and quickly move into the "what" by explaining what container and images actually are (they're not just magical black boxes!). We'll talk about how volumes help with data persistence and include an overview of Docker Compose and even orchestration. There will be plenty of live demos and fun!

Michael Irwin, Virginia Tech
315862 - Developing and Deploying Containers for Arm using Docker Desktop

As Arm continues to drive adoption from cloud infrastructures like AWS to edge computing and IoT environments, seamless cloud native development on Arm is becoming a requirement.  Discover how multi-architecture containers with Docker can be used to rapidly accelerate Arm development. Learn about the tools available today and what Docker and Arm are co-developing for the future.  See examples and demos of using an end to end container development process within Docker Platform  in typical Arm-based embedded and cloud development cycles.

 
Jason Andrews, Arm
Kevin Ryan, Arm
Jeff Underhill, AWS
Adam Parco, Docker
302923 - Pantahub: delivering Docker containers to the Intelligent Edge at scale

Development and delivery of applications and services that run on network edge equipment, specially on the telecom industry, has always been an unpleasant experience for developers used to open source tools like Docker. An increasing pressure to bring smarter functionality to the edge means we need community-driven open source tools for the ecosystem to grow at the speed the market requires.

The team at Pantacor has taken this thought as inspiration to work on making a platform that the industry can rely on to deliver services and applications at scale. The speaker will share the vision and show how today everyone can use Docker to bring services as close to the edge as possible, all the way from mass-market WiFi routers to next-gen 4G/5G base stations

Ricardo Mendoza, Pantacor
316890 - How the Docker Community Changed my Life

I was a Network Engineer for 12 years. After we built a big Internet Service Provider network it was getting a little bit boring. I started to go to meetups and I heard about DevOps and Docker. That moment was a life changer for me. Here is my story about learning, change and The Community.

Károly Kass, Docker Community
282206 - Value in simplicity - how Docker is helping Academia and non-dev Despite “every company being a software company” not everybody is a software developer, not yet at least. Our lives and jobs though, today as never before, require us to use and write scripts and softwares. This is particularly true in an environment devoted to research and innovation as academia is. Here tools change often, and likewise often there’s no GUI involved, these representing an unsustainable entry threshold for outsiders slowing down the whole research progress. Portability can be a true nightmare when your very high specialization is as far from dev as it can be. Docker has been introduced in academia not just for how powerful, flexible and adaptable is, but first of all for its simplicity. Having given training about docker to biologist and biotechnologists, though the concept of containerisation is initially hard to grasp, what won their hearts was the simplicity and the velocity with which they could pick it up and exploit it in their daily lives. It is worth mentioning and reminding ourselves as well of those situations in which broadband speed and reliability is not always a matter of course: here as well Docker provides some nice, often overlooked, functionalities. The life science community has been drawn in the recent past to bioinformatics and computational biology, new fields of research that only very recently found their space in education. While new researchers are often trained in coding and data analysis, the whole community benefits from tools and platforms that lower the length of time to get results. Docker has now an important place in a number of projects, allowing, like a virtual machine with installed software, reproducibility of analysis, a major concern in science, while at the same time being easily portable, which is essential for collaborations. Even more, scientists can now share their code, packaging and distributing it themselves with very little effort. Alice Minotto, Earlham Institute
282264 - Towards reproducible climate research NOAA/GFDL was founded in 1955 and is still in the forefront of climate research, contributing to the numerous policies and decisions undertaken in this world of evolving responses with respect to climate, which in turn creates an avalanche of effects in various sectors, e.g agriculture, health, GDP. The scale and magnitude of computing and data have proven to increase significantly in the last decade, thus making data delivery methods to the world a herculean research problem by itself. In addition to this, the time and efforts invested by a user in analyzing and peer-reviewing a research article is very laborious. Literature shows numerous outstanding climate studies published in International climate assessment reports, such as the Intergovernmental Panel on Climate Change (IPCC), the United Nations body for assessing the science related to climate change. The need to verify the research and make it reproducible and transparent before it gets translated into major decisions is, now more than ever, one of our most critical challenges. In this presentation, we will paint a picture of the history of climate computing and analytics with significant transformations applied in order to make meaningful, quantifiable, credible, interoperable, accessible and reusable climate research. In other words, we will draw a path towards reproducible research using Docker containers for massive data publishing and climate analytics. This paper will also discuss some of the pioneering efforts from collaborators from other laboratories and organizations (such as ESGF, Google, NASA JPL, Columbia University, PMEL, etc.) in the area of docker containers in computing and analysis on and off the cloud. Aparna Radhakrishnan, Engility
278222 - Data-driven DevOps: The Key to Improving Speed and Scale As CTO of CloudBees and the creator of Jenkins, I get to see lots of real-world software development, and teams and organizations trying to push better DevOps practice forward. In those conversations, I noticed that some are more successful than others. In this talk, I will explore where those differences seem to be made. One is around data. Our automation in software development is sufficiently broad that it is producing lots of data, but by and large most of those are simply thrown away. Yet at the same time, the management is feeling like they are flying blind because they have little insight! Another is around how they leverage “economy of scale.” Successful teams seem like they managed to drive great uniformity and consistency across software development, which allow organizations to move at great speed and make developers feel great. Kohsuke Kawaguchi, CloudBees, Inc.
281837 - A Day in the Life of a Developer at Pipedrive At Pipedrive, we designed all of our internal processes with a “self-service attitude” that gives our developers the flexibility to build and test new services as often as they like. Each developer has a Docker Desktop environment, with the ability to self-provision an on-demand isolated sandbox environment on top of Docker Enterprise. Tied to our CI/CD process, Pipedrive manages a fleet of microservices across multiple datacenters where we do 250+ deployments a day, 50 of them in our production environment. In this talk we’ll show you how this works, what the day in the life a developer looks like at Pipedrive, and how how several Docker products influenced the development processes. We’ll also explore the architectural decisions and reasoning around it. And finally, if the demo-gods are merciful, then we’ll do some hands-on demonstration of the environment. Renno Reinurm, Pipedrive
282407 - From Swarm to Kubernetes (and Back Again) Companies across every industry are rapidly realizing the value of microservices, and the solutioning conducted in support of that revelation often leads to containers. Along that path comes a decision that most IT engineers in this space are familiar with: "What orchestrator do we use?" In this presentation, Don Bauer will walk you through some of the key crossroads that are often encountered when making this decision. Additionally, he'll cover how many operational and development problems can be solved with any orchestrator, and why Citizens Bank chose the path they did. Michael Noe, Citizens Bank
Don Bauer, Citizens Bank
289875 - The Road Ahead for Containers Since Docker first hit the scene 6 years ago, container usage and features have been improving at a lightning pace. We have seen networking improvements, storage and volume options, and schedulers like Swarm and Kubernetes open up a world of use cases for users. But what now? Where do we go from here? In this talk, we will discuss a few of the feature sets that are being designed and worked on to improve containers running on developer's machines and data centers, across machine learning and IoT use cases. The next set of container use cases will require further extensibility to support new operating models. We will share some of the key R&D that is coming from Docker to push containers forward. Michael Crosby, Docker
289949 - Dockerfile Best Practices

This talk will give you tips and tricks to get better build time performance and smaller images. The most important take-away is: you should be using multi-stage Dockerfiles and enable BuildKit.

Tibor Vass, Docker
Sebastiaan van Stijn, Docker
290339 - eBPF Superpowers

It's been three years since Netflix's Brendan Gregg described the Berkeley Packet Filter as "Superpowers for Linux". Since then there has been an explosion of capabilities and tools based on eBPF, so you've probably heard the term, but do you know what it is and how to use it? In this demo-rich talk we'll explore some of the powerful things we can do with this technology, especially in the context of containers.

Liz Rice, Aqua Security
290640 - Why Making Your Containers Run is Only 40% of the Solution Are you confident your container strategy can scale to 10,000 developers? Are you comfortable when your public facing services are targeted by bad actors? When it comes to creating a Container-as-a-Service Strategy, making the container run is only 40% of the solution. In this session I will walk through how to implement security policies that will make containers your most secure run-time environment and how to future proof your CaaS strategy by focusing on Hybrid and Multi-Cloud architectures today. Tommy Hamilton, Quicken Loans
315359 - Windows Container Update

Containers have taken the world by storm, offering a new level of virtualization that naturally delivers new opportunities for application architecture, app modernization, and deployment. We’ll  look the current state and future of Windows containers, explore supported networking topologies, and discuss other new features and experiences being lit up in Windows as a container platform.

Michael Kostersitz, Microsoft Corp
277530 - Docker for Windows Container Development Docker is carefully tucked between virtualization, continuous deployment, and pure awesome, available for Linux and Windows software development. ASP.NET Core is a cross-platform, high performance and open-source reimagination of the Microsoft stack to build modern applications. In this session you will get the basics of Windows containers and getting started with Docker Desktop integration with Visual Studio to both start building new .NET Core apps and enabling Docker support for legacy .NET Framework apps in containers. You'll leave with the tools you need to Docker-enable your .NET workloads. Rob Richardson, @rob_rich
282014 - Transforming a 15+ Year Old Semiconductor Manufacturing Environment Jireh Semiconductor bought the Hillsboro fab and its contents including the manufacturing tools, servers, and software running the fab. The previous company had been winding down for years so server and software upgrades had not been on the radar for some time. In 2011 Jireh became the proud owner of the building, the tools, and its legacy software running on servers that weren’t even made any more. That's when I started my adventure with Jireh in September 2016 with a charter to modernize the applications running the manufacturing facility process and move them into VMs with no impact to manufacturing. That led me down a path of exploration and questions. “What’s the goal?” The goal wasn't to move to VMs. It was to become independent of the aging PA-RISC architecture, bring forward the ~230 java 1.4.2 applications (10-15 years old), scale to allow increased the load on the software and hardware in order to ramp the factory output to numbers never seen previously. And do it without manufacturing downtime. The solution included a transition from waterfall and silo development to agile scrum. Rather than simply migrating to VMs, it became obvious the lynch pin for a successful software transition with the required uptime, flexibility, and scalability was Docker Enterprise. Join me for this session where I'll talk about my journey modernizing 15+ year old applications and infrastructure at Jireh. Jeanie Schwenk, Jireh Semiconductor
282433 - Container Security: Theory & Practice at Netflix Usage of containers has undergone rapid growth at Netflix and it is still accelerating. Our container story started organically with developers downloading Docker and using it to improve their developer experience. The first production workloads were simple batch jobs, pioneering micro-services followed, then status as a first class platform running critical workloads. As the types of workloads changed and their importance increased, the security of our container ecosystem needed to evolve and adapt. This session will cover some security theory, architecture, along with practical considerations, and lessons we learnt along the way. Michael Wardrop, Netflix
289953 - Crafty Requests: Deep Dive into a Kubernetes CVE

You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean?

This deep dive will walk the audience through the Kubernetes back end, going over relevant concepts like aggregated API servers, the kubelet API, and permissions for namespace-constrained users. We will explain the details of how this flaw works, how a cluster’s moving parts can fit together to create a vulnerable context, and the risks involved in leaving this CVE unpatched in the wild.

A live hacking demonstration will show the audience exactly how easy it is to exploit this vulnerability. After explaining the attack pathways, the audience will leave with practical advice about mitigation and how to protect their clusters.

 
Ian Coldwater, Heroku
290768 - Using Docker Desktop to Accelerate Software Development Docker Desktop is the easiest - and most popular - way for developers to get started with Docker and Kubernetes. It’s a tool that is designed for both beginners and advanced Docker users and we’ve added a number of enhancements over the last 6 months to make it easier for developers to “shift left” and deliver production-ready applications. We’ll demonstrate how application templates are built and used and also how Docker Desktop integrates with your favorite development tools. You'll see how easy it can be for developers that are new to Docker to get started with container-based development. If you're a Docker pro or an application architect we'll show you how to Docker Desktop enables you to control the application and container specs. Finally, we’ll also highlight some of the things we’re working on to further enhance the desktop experience. Christine Lovett, Docker
294913 - Operating Docker Platforms Like an Avenger

Getting Docker installed is easy. Operating at global scale in production - for any disruptive technology - can be a pain. The devil (or zombie) is in the details, especially when it comes to operational readiness and the long checklist of items that are included with that.

Shared through a lens that sees the zombie apocalypse, the Avengers, Middle Earth, and geeky things in general, Tim will highlight repeatable strategies and patterns for managing operational handoff that work for your first Docker platform, or your tenth global platform. If you are building a PaaS on premises, or deploying Docker platforms around the globe to meet data sovereignty and GDPR requirements, or are looking for tried and true methods to successfully transfer knowledge and process in a repeatable manner - this talk will detail how MetLife transferred its first Docker platform to the operations team and what we do differently as we’ve mainstreamed platform deployments around the globe.

Tim Tyler
302914 - Security in a Serverless World: Understanding Risk and Protection Best Practices in this Cloud Native Paradigm

According to a 2018 survey from The New Stack, over 75% of organizations are using or plan to use serverless in the next 18 months. From AWS Lambda to Google Cloud Functions to Microsoft Azure Functions, enterprises have more cloud provider options that ever before to choose from when integrating serverless into their application portfolio.

Serverless computing provides a way to deploy single functions which are activated only when a specific trigger is called. When serverless technology is deployed correctly, it can save money, time, and resources—all while allowing developers to focus on writing code rather than solving infrastructure issues.

At the same time, serverless does not come without risks. In this talk, Twistlock Principal Solutions Architect Kevin Lewis and Twistlock Product Marketing Lead Keith Mokris will discuss key components of serverless architecture and potential risks organizations need to be aware of, such as:

Visibility and monitoring challenges: Monitoring serverless functions is more difficult in some respects. Traditional monitoring tools often aren’t designed to support serverless microservices, and your ability to collect log data from serverless events is limited.

Denial-of-Service attacks: If an attacker can find a way to execute a vast number of serverless events, they could not only disrupt legitimate services but also leverage your cloud computing resources. These dependencies create additional potential security risks, especially if teams don’t understand them well.

Dependencies on external resources: Many serverless workloads are designed in such a way that they rely heavily on external resources, such as databases or third-party libraries.

Access control risks: Striking the right balance for access control can a challenge for serverless functions. Developers need functions to access the external resources they rely on, developers need to avoid giving them access that they shouldn’t have.

Kevin Lewis, Twistlock
309570 - A New Lens for Venture Capital

In Venture Capital, the lens of identifying opportunity and investing in the companies that affect us all has been historically shaped by a narrow perspective. Yet, the world is changing and in a few short years to come, the minority will soon become the majority. As Director of Deal Flow for Backstage Capital's fund and Accelerator - one that invests in founders who identify as women, person of color and/or LGBTQ - Brittany Davis is in a unique position of identifying this new market. She will share stories of what it means to see through the Backstage lens, how she's building teams to appropriately support and service this new wave, and navigating the unexpected perspectives that need to be taken into account.

Brittany Davis, Backstage Capital
302915 - Total Visibility in your Network Traffic from Clusters to Containers

Container adoption is accelerating faster than ever, leading to increasingly complex systems.
Thankfully, orchestrators can be leveraged to easily deploy and schedule workloads on large clusters. The abstraction they introduce, however, introduces its own complexities.

Having a distributed infrastructure that is guaranteed to be running as configured is great, but the churn rate of the containers can make it very hard to get a clear idea of how the infrastructure is behaving  This makes it difficult to monitor how containers are communicating with each other, especially across multiple nodes.

In this talk, I’ll show how the kernel tools can be used in conjunction with Docker and orchestrators’ APIs to get a high-level overview of the overall cluster’s network traffic and drill down to individual container level traffic. I will show how this can help get a clear idea of what is causing a certain behaviour. 
Finally, we will discuss how to identify which data really matters, so that we may prevent it from being lost in the noise from all the moving pieces.

Charly Fontaine, Datadog
290742 - Depend on Docker for AI This is the next chapter of the “Depend on Docker” series of talks that started right here at DockerCon 2018 when Alex Iankoulski (Docker Captain) and Arun Subramaniyan (VP Data Science and Analytics), BHGE presented “Depend on Docker - Imagine a world where the only dependency you need is Docker”. True to that title, followed a few talks that focused on running workloads on AWS, GCP, and Azure with Docker being the only external dependency. This talk will focus on using Docker containers in the world of Data Science, Machine Learning, and Artificial Intelligence. If you are curious about techniques to increase your processing power with GPUs and are eager to see some cool Industrial AI demos, all running in Docker, join us for this talk at DockerCon 2019! Fabio Nonato de Paula, Baker Hughes, a GE company
Alex Iankoulski, Baker Hughes, a GE company
310265 - Protect your Containerized Applications from Build to Production

Kashif, Solution Architect at Aqua Security, will discuss how to secure container and serverless workloads through your CI/CD pipeline to runtime protection in production environments. This talk will cover the unique security challenges related to container and cloud-native applications, including:

Enforcing immutability and preventing unauthorized changes to containers in runtime (drift protection)
Automating Secrets Management
Preventing cryptocurrency mining attacks on containers
Stopping suspicious container activity without killing the container
Network Map- Visualize actual network traffic and use that to build network firewall rules for your containers


This is the perfect container security session that is designed to help security admins, architects, application development and DevOps teams understand how to increase security without impeding agility and increase agility without bypassing security.


 

Kashif Zaidi
278361 - Online feature extraction and event generation for computer-animal interaction This talk will present an architecture developed to investigate the interaction with and between animals. The architecture allows online processing of multimedia streams and the generation, storing and visualizing of events using feature extraction. It allows biologists to analyze the events by monitoring live or by replaying streams through a web interface Docker swarm is the central component of the architecture and serves as infrastructure for stream processing, event generation, event processing and visualization. The main entry point for users is a web interface that spins up one container per user and allows independent replay of streams. This talk will focus on the architecture and on technical details concerning its implementation as well as how docker is utilized to process, store and visualize events. Some time will be spent explaining details about custom made docker solutions. Mathias Mikkel Neerup, University of Southern Denmark
281874 - Things I Learned Working with Docker Support I've been working with Docker Enterprise for a year now (and open source Docker before that) and I've worked with Docker support during this journey. In this session, I'll shared what I've learned from Docker support over the course of 2 major upgrades & other day-to-day questions I've encountered. I'll also be joined by Ada Mancini from Docker's support team who will share behind-the-scenes knowledge and provide tips on how to troubleshoot and work with support. We'll look at some of the assumptions I made when I originally setup Docker Enterprise, the changes Docker support recommended to us and the results, and Ada will explain the rationale behind these settings and changes. I'll even talk about the time I synced 120k users users into our system and how I cleaned that up. Sujay Pillai, Jabil
Ada Mancini, Docker
282315 - Retro Gaming with Docker Docker has cemented itself as mainstay in modern tech, but it is often used for modernizing legacy apps. But a legacy app might be more than that old Classic ASP e-commerce site that your mom uses to sell crochet creations on. A legacy app can basically be anything that is old and old DOS games and BBS's are no exception. Building a platform that can run old DOS games in a container and hosting that container in the cloud can be a lot of fun, giving you an online retro gaming server. Likewise, BBS door games can be run on a containerized BBS that runs on the cloud too. This session will look at how this was done and get you thinking about how to use Docker for all kinds of things... Blaize Stewart, Wintellect
Patrick Devine, Docker
282392 - Developing Cloud Native Applications with Docker Desktop and Cloud Services Cloud native applications are composed of containers, serverless functions and managed cloud services. What is the best set of tools on your desktop to provide a rapid, iterative development experience and package applications using these three components? This hand-on talk will explain how you can complement Docker Desktop, with it’s local Docker engine and Kubernetes cluster, with open source tools such as the Virtual Kubelet, Open Service Broker, the Gloo hybrid app gateway, Draft, and others, to build the most productive development inner-loop for these type of applications. It will also cover how you can use the Cloud Native Application Bundle (CNAB) format and it’s implementation in the Docker app experimental tool to package your application and manage it with container supply chain tooling such as Docker Hub. Patrick Chanezon, Microsoft
282410 - #bigwhale Goes to Production: An Unexpected Journey @ Lockheed Martin (Part 2) June 15th, 2018: As my Agile Development Team and I were wrapping up a fantastic experience at DockerCon 2018 US and entering the BETA phase of our Enterprise Containerization as a Service (CaaS) we understood the importance and criticality of completing our work and going to production. Part 1 of our journey was now behind us. Now we needed to look forward to what we call #bigwhale, Part 2. As innovation accelerates and customer needs rapidly evolve, Lockheed Martin is becoming increasingly agile. Quickly responding to customer requirements is key, and to facilitate overall business goals, Enterprise IT is demonstrating its agility. This session will focus on the steps it took to go production, expansion of our apps, services, and containers running in our Docker Enterprise cluster. I will discuss: * What we learned from containerizing enterprise-scale apps from augmented reality to system health and monitoring, and Wordpress all in production. * The critical lessons learned around container security. * How we built, marketed and promoted an internal version of "Play with Docker" at Lockheed. Arjuna Rivera, Lockheed Martin
289932 - How Docker Simplifies Kubernetes for the Masses

Kubernetes has taken the technology industry by storm these last few years. It delivers powerful orchestration and container management capabilities that have been leveraged by cloud-scale companies and small startups alike. But for many organizations, the learning curve for Kubernetes can be steep and organizations can’t build up their skills fast enough. Luckily Docker has always had a history of making the complex easy - first with Linux containers and now with Kubernetes - both in our Desktop and Enterprise platform. In this session, we’ll highlight some of the innovation Docker has added to Kubernetes to simplify configuration and ongoing operations while still providing a fully conformant Kubernetes environment. We’ll cover areas like deploying applications on Kubernetes, managing access controls and multi-tenancy, end-to-end security and improved troubleshooting. Demos will highlight key comparisons to show you that you don’t have to build it yourself.

David Yu, Docker
Jean Rouge, Docker
289950 - Building Your Development Pipeline

Enterprises often want to provide automation and standardisation on top of their container platform, using a pipeline to build and deploy their containerized applications. However this opens up new challenges… Do I have to build a new CI/CD Stack? Can I build my CI/CD pipeline with Kubernetes orchestration? What should my build agents look like? How do I integrate my pipeline into my enterprise container registry? In this session full of examples and “how-to”s, Olly and Laura will guide you through common situations and decisions related to your pipelines. We’ll cover building minimal images, scanning and signing images, and give examples on how to enforce compliance standards and best practices across your teams.

 
Oliver Pomeroy, Docker
Laura Tacho, CloudBees
289954 - A Transformation of Attitude: Why Mentors Matter What excites you - the idea of scuba diving to explore the deepest depths of the sea, or reaching the summit of Mount Everest? What goals make you happy - living your life with the financial freedom of a minimalist, or with the financial opportunities of the CEO of a Fortune 100 company? Have you ever had a mentor help turbo boost your journey toward achieving your dreams? This session will cover three ways to leverage mentoring:
  1. The benefit of having at least one mentor in your life
  2. How to proactively take control of your destiny through selectively choosing mentors when you begin a new journey
  3. The positive impact you can have on the lives of others by becoming a mentor
 
Roxy Stimpson, D4DT (IOT World Labs)
302879 - Docker Practical Container Security

When talking to clients and end users about Docker container implementations, security is almost always an afterthought. Clients assume that they can use their current security tools to manage their containers and are often surprised when to find out that simply will not work. Legacy tooling often works on the premise of running alongside application, and with applications packaged in containers, this paradigm begins to break down. Traditional tooling often has no insight into the container runtime or container orchestration system to understand how containers map to the application architecture.

Given these limitations, it's important to understand practical approaches to container security, and how to implement these best practices. It's also important to understand how approaches in container security can complement your existing security architecture. In this talk we will cover best practices for Docker container security gleaned from working with clients on large scale container implementations. We will cover how new approaches in security complement or replace traditional approaches. We will also touch on security threats like kernel exploits, vulnerable library exploits, cross-host containers attacks, compromised secrets, and vulnerable application exploits that apply specifically to containers, which are not necessarily or clearly addressed by the typical IT infrastructure and application controls, security processes and tools.

John Forman, Accenture
302916 - D.R.Y Your CI/CD Pipeline Configurations

In modern Continuous Integration and Continuous Delivery (CI/CD) platforms, pipelines are defined in build configurations. These CI/CD pipeline build configurations gain complexity overtime which translates to more lines of code rendering the pipelines difficult to understand and maintain.

In this talk Angel will discuss the concepts of Configuration as Code (CaC) and how teams can apply Don’t Repeat Yourself (DRY) principles which enables reuse of configuration code. He will also discuss the benefits of CaC and how teams can implement and manage configuration codebases and available tooling such as CircleCI Orbs.

Angel Rivera, CircleCI
279632 - Modernizing Microsoft .NET Applications Many enterprises have a large product portfolio of custom .NET applications running on IIS and Windows Service VM’s. In most cases, these legacy architecture based applications can benefit from containerization. Containerization can increase product quality, portability, and testability while enhancing security, increasing hardware utilization efficiency, enabling adoption of devops practices and techniques, all while supporting an evolutionary re-architecture strategy. With a bit of refactoring we can also move towards a hybrid hosting modality, simplifying the transition to public cloud providers and enabling DR savings. In this session, we’ll cover a real world containerization project consisting of .NET Windows Services as well as IIS hosted .NET WebForms components. We’ll discuss the lessons learned, realized savings, and architectural and cultural enablement that was observed. Marius Dornean, Mitchell International
Jeff Nessen, Docker
282000 - Building and Deploying a Secrets Plugin on Docker Swarm Secrets have been part of Swarm Mode since its inception, making it trivial to provide generic, static secrets to your distributed services. However, not all secrets are equal, and some use cases call for a more dynamic approach. Docker Engine allows installing a plugin and using it as a driver when creating secrets, letting the value of the secret be determined at runtime, thus enabling dynamic use cases. The talk will cover how to write a secrets plugin that fetches dynamic secret values from HashiCorp Vault, and how to deploy it as a Swarm service. Sune Keller, Alm. Brand
282244 - Modern Orchestrated IT for Enterprise CMS: A Case Study for Wiley Education Services Wiley’s Education Services (WES) leverages a mix of CMS platforms across their 50+ student information sites for major universities throughout the world. Traditionally these sites have been housed as part of a multi-site CMS install on a single VM, and eventually across 2 VMs. Failure of either one of these VMs would mean an outage for one or all of the hosted sites. As Wiley’s leadership looked forward, they recognized the risks involved with their current design and identified Docker as a way to mitigate these risks. WES began their investigation in to Docker to address issues of fault tolerance, consistency, and portability. They used this opportunity to modernize their workflows and reduce risk by promoting Docker images through their dev, preview, and production environments using CI/CD. This increased their confidence in deployments and reduced the need for maintenance windows. Early in the process, WES brought in BoxBoat as subject matter experts to accelerate their migration, and architect their Docker EE solution. Through the use of well-defined workflows and persistent storage, applications are continually redeployed and restored between environments with zero downtime and no loss of data. Additionally developers can pull down and run any of the sites independently with configuration that matches production. Join this sessions to learn about the challenges and triumphs that Wiley faced when orchestrating CMS deployments in Docker! Jesse Antoszyk, BoxBoat
Blaine Helmick, Wiley Education Services
Remove From Schedule Add To Schedule Are you sure you would like to Delete this personal time? Edit My Schedule Edit Personal Time This session is full. Would you like to be added to the waiting list? Would you like to remove "{0}" from your schedule? Would you like to add "{0}" from your schedule? Sorry, this session is full. Waitlist Available Sorry, this session and it's waiting list are completely full. Sessions Available Adding this multi-day session automatically enrolls you for all times shown below. Removing this multi-day session automatically removes you for all times shown below. Adding this multi-day session automatically enrolls you for all session times for this session. Removing this multi-day session automatically removes you for all session times for this session. Click to view details Interests Hide Interests Search Sessions Export Schedule There is a scheduling conflict. You cannot add this session to your schedule because you are participating in another session at this time. Schedule Conflict. An error occurred while processing this request.. Adding this item creates a conflict with another session on your schedule. Remove from Waiting List Add to waiting list Removing this will remove you from the waiting list for all session times for this session Adding this will add you to the waiting list for all session times for this session. You have nothing scheduled Tap below to see a list of sessions and activities that are available to add to your schedule this week Choose from the list of sessions to the left to add to your schedule for the day Add a Session

Registration Complete!

So we can prepare the best experience for you,
What can we do to help you?
Click here to skip
All Tab
The All tab
Attendee Tab
The Attendee Tab
Tailored Experiences
The Tailored Experiences Tab
Session Tab
The Session Tab
Speaker Tab
The Speaker Tab
Exhibitor Tab
The Exhibitor Tab
Files Tab
The Files Tab
Search Box
The search box
Filters
Filters
Dashboard
Dashboard Link
My Schedule
My Schedule Link
Recommendations
Recommendations Link
Interests
Interests Link
Meetings
Meetings Link
Agenda
Agenda Link
My Account
My Account Link
Catalog tips
Get More Results