{"id":48,"date":"2015-11-19T16:57:08","date_gmt":"2015-11-19T16:57:08","guid":{"rendered":"http:\/\/redmonk.com\/fryan\/?p=48"},"modified":"2015-11-19T18:35:03","modified_gmt":"2015-11-19T18:35:03","slug":"docker-maturity-and-dockercon","status":"publish","type":"post","link":"https:\/\/redmonk.com\/fryan\/2015\/11\/19\/docker-maturity-and-dockercon\/","title":{"rendered":"Docker, Maturity and DockerCon"},"content":{"rendered":"<p>DockerCon <a href=\"http:\/\/europe-2015.dockercon.com\/\">EU 2015<\/a> took place earlier this week in Barcelona, and I had the pleasure of attending. As you might imagine there is an awful lot going on in the container space at the moment, and the epic centers for this world\u00a0is currently the bi-annual DockerCon events.<\/p>\n<h2>Paris and Dockers Heritage<\/h2>\n<p>While this is a post about DockerCon, it is far more appropriate to begin at the very start of the first days keynote. As many people reading this post will know Docker has its roots in a company called dotCloud, which started life in Paris.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"qme\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/dockercon?src=hash&amp;ref_src=twsrc%5Etfw\">#dockercon<\/a> <a href=\"https:\/\/t.co\/GsOczWNUYi\">pic.twitter.com\/GsOczWNUYi<\/a><\/p>\n<p>&mdash; @chanezon@fosstodon.org (@chanezon) <a href=\"https:\/\/twitter.com\/chanezon\/status\/666170636771962880?ref_src=twsrc%5Etfw\">November 16, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Docker CEO <a href=\"https:\/\/twitter.com\/golubbe\">Ben Golub<\/a> asked everyone to spend a moment thinking about the events in Beirut and Paris last week, and Docker CTO <a href=\"https:\/\/twitter.com\/solomonstre\">Solomon Hykes<\/a> gave a raw, honest and emotional response and stated what he plans to do, and asked everyone to join him in.<\/p>\n<blockquote><p>\u00a0\u201c\u2026what I\u2019m going to do is, whatever level of positivity I had, I\u2019m going to double that. If I was going to learn three things, I\u2019m going to learn ten. If I was going to explain two things then I\u2019m going to explain four, and I\u2019m just going to try and do everything a little better, a little more positive and I\u2019m thinking maybe you want to do that with me\u201d.<\/p><\/blockquote>\n<p>Of all the things people can take away from DockerCon, Solomon\u2019s request, in my opinion, is by far the most important.<\/p>\n<h2>A Maturing Company<\/h2>\n<p>On the business and technology side the key take away for me from DockerCon is that Docker is a fast maturing company. The overall product roadmap across the entire portfolio is becoming far more clearly aligned and focused, particularly to new comers to the Docker story &#8211; the Docker vision of Build, Ship, Run is becoming a reality as all the pieces get far more integrated across their tool chain.<\/p>\n<p>Strategic partnerships have become much further developed and bedded in in the period since DockerCon US and the small incremental tasks necessary to be an enterprise company are happening across the board.<\/p>\n<p>To put it somewhat more bluntly Docker as a company are growing up. It happens to everyone. But it is happening really, really fast for Docker.<\/p>\n<h2>Energy and Buzz<\/h2>\n<p>The conference was buzzing, and in a way that you just don\u2019t see at some other vendor events. While the folks at Docker pointed out that the comparison around speed of growth of DockerCon to VMWorld is a bit clich\u00e9d at this point, it is an interesting reference point for many people looking at the evolution of the container space from a distance.<\/p>\n<p>The ecosystem that has emerged around Docker is developer focused, and is creating a very diverse set of offerings. I had the opportunity to talk with a large number of companies during the conference; you can read a brief write up in my <a href=\"http:\/\/redmonk.com\/fryan\/2015\/11\/19\/company-roundup-from-dockercon\/\">DockerCon company round up post<\/a>.<\/p>\n<p>More importantly the developers I talked with at DockerCon are still as enthusiastic about the technology as before, and are now asking far more difficult questions about using Docker in production.<\/p>\n<h2>Security, Swarm, and Control Planes<\/h2>\n<h3>Swarm<\/h3>\n<p>What is interesting looking at <a href=\"https:\/\/www.docker.com\/docker-swarm\">Swarm<\/a> is to try to understand where Docker see this functionality making the most impact. The scalability improvements are clearly aimed at negating criticisms from the top end of the market and under the hood significant chunks of Swarm have been rewritten. We are looking forward to hearing reports from users over the coming months.<\/p>\n<p>However, what is clear, is that Swarm very much fits into \u201cmore than good enough for most users\u201d camp. The longer-term implications for some of the entry-level use cases we see people turning to Kubernetes and Mesosphere for, and the adoption these drive, will be interesting to see.<\/p>\n<h3>Security<\/h3>\n<p>Security was a massive theme at DockerCon. The security journey that Docker has been on over the last year has been very interesting to watch. The investments in hiring engineers such as <a href=\"https:\/\/twitter.com\/diogomonica\">Diogo M\u00f3nica<\/a>\u00a0and the structured approach that he has brought, is paying dividends. While the longer term use of hardware image signing using <a href=\"https:\/\/www.yubico.com\/\">Yubico<\/a> Yubikey is something that really does not resonate with me beyond the coolness factor, the idea in and of itself has a lot of interesting applications and you can see a number of integration points for this technology.<\/p>\n<p>We will touch on the <a href=\"https:\/\/www.docker.com\/universal-control-plane\">Universal Control Plane<\/a> again; it is worth taking a look at the secret management aspect here. Secret management is hard, and it is vital for any serious distributed system. The secret management feature is built upon <a href=\"https:\/\/square.github.io\/keywhiz\/\">KeyWhiz<\/a>, the open source solution from Square. Comparisons with Hashicorps Vault are obviously going to be made, but it is good for the marketplace to see two commercially supported solutions available in the near term.<\/p>\n<p><a href=\"https:\/\/blog.docker.com\/2015\/08\/content-trust-docker-1-8\/\">Docker Content Trust<\/a> is a necessary development, one of single biggest concerns we have heard over the last six months has been around auditing and trusting images. On the commercial front Docker absolutely had to address this, and are actively doing so. At an enterprise level the integration of <a href=\"https:\/\/cve.mitre.org\/\">CVE scores<\/a> is a very useful feature for risk assessments.<\/p>\n<h3>Control Planes<\/h3>\n<p>The development of the Universal Control Plane had been telegraphed via Project Orca, but seeing it pulled together with extra functionality as a beta commercial offering, it is clear that Docker want to ensure that they integrate easily into existing IT Ops workflows. Obviously this is far from the only control plane around the container eco-system, and this will be a very competitive space to watch.<\/p>\n<p>There are, however, a lot of very sensible things in here such as integrating Active Directory and LDAP for authentication along the workflow. Collectively all of these announcements are a big step in the right direction for Docker.<\/p>\n<h2>The unglamorous, iterative stuff<\/h2>\n<p>Solomon spent a few minutes during the opening keynote talking about the various bits of boring, unglamorous fixes that had been worked on over the last few months. Items like corner case usability issues, minor, but annoying bugs and so forth.<\/p>\n<p>When I talk about maturity, this to me was one of the strongest moments in the entire keynote. Fixing the unglamorous stuff, bit by bit, is not fun, but it is necessary. When you run commercial support organizations this kind of stuff matters &#8211; a lot.<\/p>\n<h2>Partnerships<\/h2>\n<p>I got the opportunity to sit down and talk with representatives from both <a href=\"http:\/\/microsoft.com\">Microsoft<\/a> and Docker at a joint briefing during DockerCon. To say that\u00a0both parties\u00a0want to emphasize the depth and strength of their relationship would be somewhat of an understatement.<\/p>\n<p>Both companies are very committed to addressing the demand they see in the marketplace for containers on windows, which is going across multiple sectors. What I found interesting was a divergence from some of the background noise we have been hearing the particular marketplace on the levels of adoption, especially in conservative markets such as insurance.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Update on <a href=\"https:\/\/twitter.com\/Microsoft?ref_src=twsrc%5Etfw\">@microsoft<\/a> <a href=\"https:\/\/twitter.com\/Docker?ref_src=twsrc%5Etfw\">@docker<\/a> partnership from <a href=\"https:\/\/twitter.com\/gossmanster?ref_src=twsrc%5Etfw\">@gossmanster<\/a>, <a href=\"https:\/\/twitter.com\/Taylorb_msft?ref_src=twsrc%5Etfw\">@Taylorb_msft<\/a> and <a href=\"https:\/\/twitter.com\/scottcjohnson?ref_src=twsrc%5Etfw\">@scottcjohnson<\/a> earlier <a href=\"https:\/\/twitter.com\/hashtag\/Dockercon?src=hash&amp;ref_src=twsrc%5Etfw\">#Dockercon<\/a> &lt;&lt; good things for customers<\/p>\n<p>&mdash; Fintan Ryan (@fintanr) <a href=\"https:\/\/twitter.com\/fintanr\/status\/666613200960552960?ref_src=twsrc%5Etfw\">November 17, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Now it is easy to dismiss all of this as lip service, and I am sure many will. The proof of such partnerships is in, to coin a phrase, the technical pudding. I sat through a session with John Starks of Microsoft and <a href=\"http:\/\/twitter.com\/icecrime\">Arnaud Porterie<\/a> of Docker on Windows kernel internals, and how they have gotten Docker to work natively on Windows (if you\u2019re an OS geek like I am, hearing a core engineer from\u00a0Microsoft talking about this is mana from heaven, you never, ever got this level of detail in the past).<\/p>\n<p>Investment is a two way street, and Docker spent time highlighting that Docker tools now have parity across Windows and Mac during their keynote session. This may seem like a small thing to many people, it is far from it \u2013 while every conference you may go to now has Macbooks as the developer machine of choice, for many people in corporate environments Windows is the OS they use. Feature parity is very important for adoption.<\/p>\n<p><a href=\"http:\/\/twitter.com\/icecrime\">Arnaud Porterie<\/a> spent a lot of time emphasizing just how many contributions Microsoft have made to Docker in the last year, becoming the fourth largest contributor to Docker from a standing start.<\/p>\n<p>There is a lot more to dig into here over the coming months, in particular with the upcoming release of Windows Server 2016, the integrations with <a href=\"https:\/\/code.visualstudio.com\/Docs\/languages\/dockerfile\">Visual Studio Code<\/a> and the rapidly expanding use of Docker on Azure.<\/p>\n<p>The partnership that IBM are developing with Docker was highlighted by both Docker and IBM in my conversations, and with IBM now having developed a strong reseller partnership with Docker in recent times it will be interesting to see how this develops. In my discussions with IBM they also see use of the Docker toolchain as a very important deployment mechanism.<\/p>\n<h2>Unikernels<\/h2>\n<p>So this part of the post is a little bit of a geek out for me, and judging by twitter for quite a few others. By way of disclosure I know several of the team at<a href=\"https:\/\/twitter.com\/unikernel\"> Unikernel Systems<\/a>, and I strongly believe unikernels are a very significant part of the future (feel free to call this my prediction for 2017, and possibly even late 2016).<\/p>\n<p>Anil and Justin from <a href=\"https:\/\/twitter.com\/unikernel\">Unikernel Systems<\/a> demonstrated their work\u00a0on <a href=\"http:\/\/unikernel.org\/blog\/2015\/unikernels-meet-docker\/\">using unikernels with docker tools<\/a>. For developers this will be transparent, but in terms of the size of the images, this is a massive leap forward. I have written about <a href=\"https:\/\/github.com\/fintanr\/container-articles\/blob\/master\/minimal-containers\/README.md\">creating small containers<\/a> in the past, and to me the combination of reduced footprint along with a much, much smaller surface vector for attacks is an incredibly powerful capability to have. We are going to see unikernels in used for microservices, IoT and in a variety of other ways.<\/p>\n<p>The demo from Anil and Justin was very, very cool. If you are really interested in what comes next spending some time on <a href=\"http:\/\/unikernel.org\">unikernel.org<\/a> is not a bad way to pass some time.<\/p>\n<p>As I said on twitter at the time<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">To me this this is public <a href=\"https:\/\/twitter.com\/unikernel?ref_src=twsrc%5Etfw\">@unikernel<\/a> unveiling by <a href=\"https:\/\/twitter.com\/avsm?ref_src=twsrc%5Etfw\">@avsm<\/a> &amp; <a href=\"https:\/\/twitter.com\/justincormack?ref_src=twsrc%5Etfw\">@justincormack<\/a>, unikernels &amp; docker are part of the future <a href=\"https:\/\/twitter.com\/hashtag\/dockercon?src=hash&amp;ref_src=twsrc%5Etfw\">#dockercon<\/a><\/p>\n<p>&mdash; Fintan Ryan (@fintanr) <a href=\"https:\/\/twitter.com\/fintanr\/status\/666652340934549506?ref_src=twsrc%5Etfw\">November 17, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>and <a href=\"https:\/\/twitter.com\/solomonstre\">Solomon Hykes<\/a> also commented<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">&quot;With Docker, Swarm and unikernels we can bring scale and security to the world of IoT&quot;. <a href=\"https:\/\/twitter.com\/hashtag\/dockercon?src=hash&amp;ref_src=twsrc%5Etfw\">#dockercon<\/a> amazing!<\/p>\n<p>&mdash; Solomon Hykes (@solomonstre) <a href=\"https:\/\/twitter.com\/solomonstre\/status\/666652638105202689?ref_src=twsrc%5Etfw\">November 17, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Come DockerCon 2016 in Seattle I fully expect to see sessions on unikernels, and expect them to be a very well attended section of the conference.<\/p>\n<p><strong>Disclosure<\/strong>: Docker provided my ticket for DockerCon. IBM is a RedMonk client. Docker, Microsoft, Hashicorp, Yubico and Unikernel Systems are not currently RedMonk clients.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DockerCon EU 2015 took place earlier this week in Barcelona, and I had the pleasure of attending. As you might imagine there is an awful lot going on in the container space at the moment, and the epic centers for this world\u00a0is currently the bi-annual DockerCon events. Paris and Dockers Heritage While this is a<\/p>\n","protected":false},"author":40,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,8,2],"tags":[],"class_list":["post-48","post","type-post","status-publish","format-standard","hentry","category-business","category-conferences","category-containers"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/posts\/48","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/comments?post=48"}],"version-history":[{"count":0,"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/posts\/48\/revisions"}],"wp:attachment":[{"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/media?parent=48"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/categories?post=48"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/redmonk.com\/fryan\/wp-json\/wp\/v2\/tags?post=48"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}