Docker Platform Internals SIGCloud Native Projects SIGContainer Innovation SIG

The Contribute & Collaborate track highlights some of the top CNCF and open source projects shaping the future of container-based platform including: Kubernetes, containerd, CSI, Istio, Notary, SPIFFE, Jaeger, Fluentd, OpenTracing, etc.

Register For DockerConView Track Schedule

Compose migration: from v2 to cluster-ready

Joffrey Fuhrer (Docker)

Ready to take your application to the next step, but you aren’t sure how to make the transition from your Compose v2 file? We’ll quickly go over the most common changes and caveats for such migrations and introduce tooling that can help you move forward.

LinuxKit: The First Year

Justin Cormack (Docker)

At Dockercon last year we launched LinuxKit as an open source project. Over the year the project has gone from strength to strength.
This talk will cover some of the major changes and developments over the year, many driven by community contributions, and the
forthcoming changes. These include:

  • Kubernetes support in Docker for Mac and Windows based on the LinuxKit Kubernetes support
  • Support for multiple architectures contributed by Arm and IBM
  • Further and better Containerd integration
  • Support for many more platforms and use cases
  • Expanded OCI support
  • Over 100 contributors
  • Stable releases

Notary: Nation state resistant signing

David Lawrence (Docker)

Built upon The Update Framework’s (TUF) specification, Notary is a tool for signing digital. TUF was developed by a group of researchers at NYU and accounts for a wide range of attacks seen in the wild in addition to a number of theoretical attacks. If you’re interested in ensuring the secure delivery of your software, Notary is for you!

Find out how Notary is integrated into Docker as “Content Trust” and deployed with our Docker Trusted Registry as part of the Docker Enterprise Edition on-prem solution.

Come to our session to get your questions answered, achieve a deeper understanding of Notary and TUF, and find out how you can start contributing. TUF is a living specification and you can help add some of the cool new security features to Notary.

Introduction to Buildkit

Tonis Tiigi (Docker)

BuildKit is a low-level toolkit for building software using containerized environments. It provides concurrent and cache-efficient builds, supporting build definitions from Dockerfiles and other formats, and will be the underlying technology behind future versions of “docker build”

Introduction to containerd

Michael Crosby (Docker)

Containerd is the core container runtime originally used in Docker to execute containers and distribute images. It was designed from the ground up to support the OCI image and runtime specifications. The design of containerd is carefully crafted to fit the use cases of modern container orchestrators like Kubernetes and Swarm. In this talk, we’ll provide an introduction to containerd and how you can get started with leveraging it in your infrastructure.

An Introduction to Calico Networking

Christopher Liljenstolpe (Tigera)

In this session, we will dive a bit deeper into Tigera’s Project Calico, the ‘batteries included’ networking and network policy infrastructure for Docker EE’s Kubernetes distribution.

We’ll cover what Tigera’s platform does, the components involved, and a bit of how they work.  We’ll leave some time for questions at the end.

 

Kubernetes Community Office Hours

Paris Pittman (Google)

Join members of the Kubernetes Special Interest Group (SIG) for Contributor Experience in a special three hour office hours session on all things community. We will start with a brief overview (roughly 20 mins) covering topics such as: SIG explanation, good entry points for first time contributors, community activities of interest for current contributors. We’ll move on to an AMA style session for the remainder of the time so come with questions, to listen, or to make your first pull request (or 10th!).

Everything You Need to Know About the Container Storage Interface (CSI)

Saad Ali (Google)

Container Storage Interface (CSI) is an open source project that aims to define an industry standard volume plugin interface for exposing storage to containerized workloads. It emerged from a cooperation between Docker, Kubernetes, Mesos, and Cloud Foundry and has the support of major storage vendors.

  • In this talk I will answer the following question:
  • What is CSI?
  • Where did CSI came from?
  • What is the current status of CSI?
  • What’s next for CSI?
  • How can I get involved with the development of CSI?

Introduction to Istio

Dan Berg (IBM) and Zack Butcher (Tetrate)

Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code. Join us for a look at the power of Istio and hear from project maintainers on how you can get involved with the project.

An Intro to SPIFFE and SPIRE: Building Trust In and Between Modern Distributed Systems

Andrew Jessup (scytale.io)

Enterprises are building customer experiences that span microservices running in disperate data centers, clouds and middleware. Ensuring these systems can trust and authenticate to each other reliably has long been a challenge for security teams, operations teams and developers alike. This challenge becomes more acute as microservices are elastically scaled and dynamically scheduled. SPIFFE and SPIRE, two of the latest projects to join the Cloud Native Computing Foundation, extends on design patterns that organizations like Google and Twitter have relied on to solve this problem, and makes them available for any organization. This talk will introduce the projects, their principles of operation, and how they can be used to secure your environment, and then segue into a roundtable discussion with the audience.

A HotROD Ride With Jaeger

Yuri Shkuro (Uber)

Jaeger is a distributed tracing system, open sourced and donated to CNCF by Uber. This talk is a live demo of Jaeger capabilities, including auto-discovery of system architecture, troubleshooting performance of distributed transactions, contextualized logging, root cause analysis, and resource usage monitoring and attribution.

Cloud Native Logging with Fluentd

Eduardo Silva (Treasure Data)

There are tried and true methods for debugging and monitoring standalone applications; however, applications in containerized environments at scale are a different story. Logging becomes more challenging in terms of performance and flexibility for data management, so on this scenario new patterns and specialized tools are required. The following lightning talk will dive into the complexity of log management and how Fluentd and it ecosystem tools are overcoming these challenges for Cloud Native applications.

An Intro to OpenTracing: Follow your Requests from Mobile and Web Clients to Microservices and Monoliths

Priyanka Sharma and Ted Young (LightSpeed)

As enterprises progressively build more microservices, they need end-to-end observability. Using distributed tracing, they can monitor and root cause issues and performance degradations with a complete picture of their software system. The OpenTracing API enables engineers to adopt tracing easily and many open source project and vendors support it natively. This talk will introduce the API, share latest updates, and then segway into a roundtable discussion with the audience.

High Performance Containers and the Convergence of Big Data and Big Compute

Christian Kniep (Docker)

High Performance Computing allows scientists and engineers to solve complex problems in High Frequency Trading, Fraud Analysis, Genomic Sequencing, Computational Fluid Dynamics, Earth Sciences using applications that require high bandwidth, enhanced networking, and very high compute capabilities. The scientific user experience has been drastically improved with the introduction of docker containers.

The advent of easy to use Big Data workloads and a stockpile of data to consume drives the adoption of containers for GPU workloads, which lead to high-performance setups once the models grow in size.

We’ll explore the journey from workstation to supercomputer, and what challenges we need to overcome in order to support the convergence of innovation in HPC, Big Data and Machine Learning.

How HACERA Scales Blockchain Deployments using Docker

Jonathan Levi (Hacera)

Jonathan Levi, founder and CEO of HACERA, will dive into the various blockchain families, the leading deployment topologies, and Hyperledger Fabric + HACERA’s containerization techniques. Following the talk, an open, hands-on session will intertwine employing Docker for blockchain scalability, availability and resiliency (providing fault-tolerance).

HACERA is an open, blockchain-agnostic platform. It provides a uniform way to connect, manage, and secure data shared using blockchain nodes. Similar to Hyperledger Fabric, HACERA deploys “Smart Contracts” in isolated containers in an entirely decentralized way without reliance on a single point of trust or a single point of failure.

Jonathan Levi has been working with Bitcoin Core, Ethereum, and Hyperledger Fabric from its early days. Jonathan is an active maintainer and was the official release manager of Hyperledger Fabric 1.0. He will share lessons from his decentralized deployments and blockchain expertise as well as secure large systems design and architecture.

Nuclio: Serverless designed for high-performance event, data, and AI processing

Yaron Haviv (Iguazio)

serverless is typically associated with front-end or simple glue apps where performance and concurrency aren’t needed. Nuclio, an ultra-fast open-source serverless platform changes that. It has a unique processing architecture which enables sub-millisecond event and data processing with minimal development and ops effort. Through an open plug-in architecture, it supports Docker, Kubernetes, all major cloud platforms and natively integrates with common event/streaming/data sources. The talk will explain Nuclio’s unique real-time engine and parallel data processing architecture and demonstrate real-time analytics and AI applications rapidly built with Nuclio. This will segway into a roundtable discussion with the audience.

Run any code on OpenWhisk Docker Actions

Carlos Santana (IBM)

Apache OpenWhisk is a Serverless platform, currently IBM Cloud Functions offers the technology as a managed compute service. But the technology is fully Open Source focus on high performance, scalability, and developer user experience. OpenWhisk Actions are actually Docker Containers at their core, Docker is used to build the Function runtime.

Using Docker developers can run their function locally just using one container for debugging. They can extend an existing language runtime (nodejs, java, python, etc..) by using a Docker file, and can use any language to package their Action in a Docker container.

In this talk I will cover the in and outs of the OpenWhisk Docker Action specification and how to leverage Docker for your Serverless Apps

Introduction to OpenFaaS

Alex Ellis (OpenFaas)

OpenFaaS (Functions as a Service) is Serverless Functions Made Simple for Docker and Kubernetes. With OpenFaaS you can package any container or binary as a serverless function – from Node.js to Golang to C# on Linux or Windows. FaaS was popularised by AWS Lambda, but being locked-into one provider has its limitations. OpenFaaS offers true portability while abstracting away repetitive details, so that you can simplify your workflow and focus on shipping what matters.

Gloo: the Function Gateway

Idit Levine

Gloo is a high-performance, plugin-extendable, platform-agnostic function Gateway built on top of Envoy. Gloo is designed to “glue” together the entire environment, incorporating microservice, monolithic, and serverless applications. By employing function-level routing, Gloo can completely decouple client APIs from upstream APIs at the routing level. Gloo’s highly extendable architecture allows efficient integration with emerging open-source projects, including NATS, OpenTracing, Jaeger, Prometheus, and gRPC.

It the talk we will understand the problems Gloo aims to solve, learn about it unique architecture and how it leverages the power of Envoy, and experience some cool demos.

Introduction to Project Fn

Chad Arimura (Oracle)

Moving Serverless Forward with Docker-native Fn Project: In this lightening talk, Chad will cover the fundamentals of building a global-scale functions-as-a-service platform using Docker and Kubernetes.

Kubeflow: Machine Learning meets Containers

Jay Smith, Michelle Casbon (Google)

Kubeflow is a bold project allowing people to run machine learning workflows on Kubernetes, improving both the portability and the scalability of running models. Learn more about this innovative project and how it plans on bringing Machine Learning to Docker containers.

Get updates about DockerCon