Mastering Docker Enterprise

Book Description

A journey toward containerized applications in production with a cloud-portable, secure, robust and highly available Docker Enterprise platform.

Key Features

  • Get an insider's view into the container movement and Docker Enterprise
  • Manage the transformation associated with enterprise container adoption
  • Walk through the enterprise container adoption journey

Book Description

While known mostly as the open source engine behind tens of millions of server nodes, Docker also offers commercially supported enterprise tooling known as the Docker Enterprise. This platform leverages the deep roots from Docker Engine - Community (formerly Docker CE) and Kubernetes, but adds support and tooling to efficiently operate a secure container platform at scale. With hundreds of enterprises on board, best practices and adoption patterns are emerging rapidly. These learning points can be used to inform adopters and help manage the enterprise transformation associated with enterprise container adoption.

This book starts by explaining the case for Docker Enterprise, as well as its structure and reference architecture. From there, we progress through the PoC,pilot and production stages as a working model for adoption, evolving the platform's design and configuration for each stage and using detailed application examples along the way to clarify and demonstrate important concepts.The book concludes with Docker's impact on other emerging software technologies, such as Blockchain and Serverless computing.

By the end of this book, you'll have a better understanding of what it takes to get your enterprise up and running with Docker Enterprise and beyond.

What you will learn

  • Understand why containers are important to an enterprise
  • Understand the features and components of Docker Enterprise 2
  • Find out about the PoC, pilot, and production adoption phases
  • Get to know the best practices for installing and operating Docker Enterprise
  • Understand what is important for a Docker Enterprise in production
  • Run Kubernetes on Docker Enterprise

Who this book is for

This book is for Software Architects, DevOps Engineers, Tech Ops, Docker professionals, or any IT professional working with Docker and containers who wants to move containerized workloads to production. This book discusses the enterprise adoption of Docker and Kubernetes,therefore a basic understanding of Docker concepts will be helpful.

Publisher Resources

Download Example Code

Table of Contents

  1. Title Page
  2. Copyright and Credits
    1. Mastering Docker Enterprise
  3. About Packt
    1. Why subscribe?
    2. Packt.com
  4. Contributors
    1. About the author
    2. About the reviewers
    3. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Download the color images
      3. Conventions used
    4. Get in touch
      1. Reviews
  6. Section 1: Getting Started with Docker Enterprise
  7. Making the Case for Docker Enterprise
    1. Zero to everywhere in five years
      1. The Docker story
      2. Containers change application development and deployment
      3. Containers gain popularity
      4. Docker Engine-Community – free Docker
        1. Docker Engine-Community includes key capabilities
        2. Running Docker Engine-Community on AWS or Azure
      5. Docker Enterprise – enterprise support and features
      6. Kubernetes and Docker Enterprise 
        1. Kubernetes and Swarm orchestration
        2. Kubernetes and Swarm – different philosophies to solve different problems
        3. Moving Kubernetes to the mainstream
    2. New era for app Dev, DevOps, and IT operations
      1. DevOps
      2. Operations
    3. Container-first and strategic impact of containers
      1. Container-first as a cloud adoption strategy
      2. Get ready to bring workloads back from the public cloud
      3. Application modernization – the containerization path
      4. Support for microservices and DevOps
      5. Compliance
    4. How Docker Enterprise 2.0 has changed the game
    5. Summary
    6. Questions
    7. Further reading
  8. Docker Enterprise - an Architectural Overview
    1. Moving from science projects to production platforms
      1. The landscape of emerging container platforms
      2. Economics, features, and key components of Docker Enterprise
        1. The estimated cost of Docker Enterprise
        2. Docker Enterprise pricing illustration
        3. Docker Enterprise architecture-related benefits
          1. Docker support benefits
          2. Computational efficiency benefits
          3. Benefits of choice
          4. Rapid innovation – platform-neutral DevOps skills benefit the shift-left strategy
          5. UCP and DTR benefits
          6. Container-first benefits
    2. Operational architecture of Docker Enterprise
      1. Docker Enterprise's main components
      2. Docker Enterprise operation architecture – infrastructure, platform, and application layers
      3. Breaking down the layers
        1. Infrastructure layer – network, nodes, and storage
        2. The platform layer – Docker Enterprise engine, UCP, and DTR
        3. Application layer – interacting with the cluster
    3. Docker Enterprise reference architecture
      1. Simple view of the Docker Enterprise cluster architecture
      2. Drill-down – high-level Docker Enterprise 2 components
    4. Summary
    5. Questions
    6. Further reading
  9. Getting Started - Docker Enterprise Proof of Concept
    1. Assembling a Docker Enterprise PoC cross-functional team
    2. Preparing a Docker Enterprise platform for the PoC step
      1. Preparing a four-node cluster
        1. Set up a four-node cluster
          1. Overview of a sample PoC environment
        2. Installing Docker Enterprise Engine on all nodes
          1. Getting a Docker Enterprise 30-day trial license and storebit URL
          2. Installing the Docker Enterprise Engine on all nodes
          3. Sample Ubuntu Docker Engine install
      2. Windows 2016 Docker Engine install
      3. Installing Docker's Universal Control Plane
      4. Logging to the UCP web interface and uploading your trial license
      5. Adding work nodes to the UCP cluster
        1. Joining Linux worker nodes to the cluster
        2. Joining the remaining worker nodes into the cluster
        3. Joining a Windows server 2016 worker node to the cluster
      6. Installing the DTR
      7. Configuring RBAC for PoC
    3. PoC application
      1. Picking a PoC application
      2. Installing Docker on a local workstation
      3. Containerizing and testing the PoC application on a Dev workstation
        1. Review application documentation 
        2. Containerizing and locally testing each application component
          1. Containerizing the database
          2. Containerizing the Webforms application
        3. Creating deployment files and testing locally
        4. Pushing images
          1. Connecting to the PoC DTR
          2. Preparing and pushing your images
    4. Deploying a PoC application to a Docker Enterprise cluster
      1. The Docker Enterprise CLI bundle 
        1. Using Bash with Docker API to get the CLI bundle
        2. Using PowerShell with the Docker API to get the CLI bundle
        3. Deploying the PoC application to the Docker Enterprise cluster
    5. Updating the PoC application
    6. Summary
    7. Questions
    8. Further reading
  10. Section 2: Piloting Docker Enterprise
  11. Prepare the Docker Enterprise Pilot Cluster
    1. Docker Enterprise cluster plumbing
      1. Introduction to Docker single-node networking
        1. No Domain Name System (DNS) for the Docker0 default network
      2. Introduction to cluster-based container networking
        1. Swarm and Kubernetes DNS and service discovery
        2. The management and control planes
      3. Docker Enterprise pilot network implementation
        1. Internal cluster users
        2. End users of Docker Enterprise-hosted applications 
        3. Highly available cluster
        4. DNS, certificates, and certificate termination
        5. Hostnames for Docker cluster nodes
        6. Bare metal cluster – network setup example
          1. Step 1 – define a domain name and hostname structure
          2. Step 2 – define a certificate structure and termination plan
          3. Step 3 – design and implement a network infrastructure
          4. Load balancer setup and configuration design
    2. Docker Enterprise pilot platform
      1. Preparing cluster nodes
        1. Node sizing consideration
        2. Network adapters considerations
        3. Cluster-based storage considerations
        4. Network timing and node synchronization
        5. Docker Enterprise pilot bare metal walk-through
          1. Installing the Docker Enterprise Engine on all nodes
          2. Installing the Docker Enterprise Engine onto each node in the cluster
          3. Setting up the NFS server node
          4. Installing the first manager node
          5. Joining initial DTR 1 and worker 1 nodes
          6. Installing the DTR
          7. Adding additional DTR replicas
          8. Final configuration of load balancers
    3. Summary
    4. Questions
    5. Further reading
  12. Prepare and Deploy a Docker Enterprise Pilot Application
    1. Planning for a pilot application
    2. Sample pilot planning and execution
      1. Configure UCP pilot settings
      2. RBAC in Docker Enterprise
        1. Setting up Docker Enterprise teams and organizations
          1. Team member sync using LDAP
          2. Collection for pilot team
      3. DTR pilot settings
      4. The sample pilot wiki application
        1. Containerizing the application
          1. Collect and document application assets
          2. Containerizing and testing the Postgres database
          3. Containerizing and testing the wiki application
          4. Pushing the images 
        2. Deploying the wiki to the pilot cluster 
          1. Pilot application strategy
          2. Application flow for wiki pilot
          3. Deployment architecture for the pilot wiki
          4. Deploying the pilot wiki application
    3. Summary
    4. Questions
    5. Further reading
  13. Design and Pilot a Docker Enterprise CI Pipeline
    1. Pilot application development with Docker Enterprise
      1. Using Docker for faster developer on-boarding
      2. Using Docker to improve software development cycles
      3. Docker Containers as a Service (CaaS)
      4. What you need to know about distributed applications
        1. Key principles for container application design
          1. Docker Swarm services
          2. Swarm service networks and routing mesh
          3. Docker Enterprise layer 7 routing
          4. Defensive coding
          5. Centralized logging
          6. Secrets
      5. Docker tools for the local development and testing of the AtSea application
        1. AtSea application structure
        2. Using docker-compose as a Makefile 
        3. Building and running an application with Compose and Swarm
          1. Mocking layer 7 routing and TSL termination for local Swarm testing 
          2. Final steps for local Swarm testing
      6. Deploying a custom app to the Docker Enterprise cluster 
        1. Layer 7 routing with Docker Enterprise
      7. Building and deploying the custom app with a CI pipeline
        1. Sample CI pipeline overview
        2. Connecting GitLab to Docker Enterprise
          1. Adding a GitLab Runner to the build machine
          2. DTR CI integration
        3. Building our services
          1. Simple build and push pipeline for atsea-db image
          2. Simple build and push pipeline for the atsea-payment image
          3. Build, End to End Test, and Push pipeline for the atsea-web image
        4. Pipeline deployment to Docker Enterprise
          1. Deployment pipeline file
          2. Understanding Docker Swarm resource scoping
          3. Triggering the pipeline manually
    2. Summary
    3. Questions
    4. Further reading
  14. Pilot Docker Enterprise Platform Monitoring and Logging
    1. Logging and monitoring distributed, containerized applications
      1. Default Docker Engine logs
      2. Centralized logging
        1. Publish approach with an ELK Stack
        2. Polling approach with Prometheus
          1. Simple Prometheus setup
          2. Prometheus on Docker and checking Docker
    2. Logging and monitoring in Docker Enterprise
      1. Docker Enterprise UCP and Prometheus
      2. Docker Enterprise with Prometheus and Grafana
      3. Commercial example – Sysdig
        1. Our pilot Sysdig architecture
          1. Installing the Sysdig agents
          2. The Wiki pilot dashboard
          3. Setting up alarms 
    3. Summary
    4. Questions
    5. Further reading
  15. Section 3: In Production with Docker Enterprise
  16. First Application in Production with Docker Enterprise
    1. Docker Enterprise production cluster
      1. High-level cluster flow and concepts
        1. Image mirroring
        2. Image signing
        3. UCP production scheduling with Docker Content Trust
        4. Immutability for DTR repos
        5. Image scanning in production
      2. Production cluster considerations
        1. Avoiding cluster sprawl
        2. Production-installation considerations
        3. Production manager nodes
        4. Node sizing 
        5. Setup and installation considerations
          1. Center for Internet Security (CIS) docker benchmarks
          2. Locking down SSH access
          3. No public access to Docker nodes
          4. Production UCP configuration
          5. Production DTR configuration
    2. Data management
      1. Host volume mounts
      2. Docker NFS volume plugin
      3. Other volume storage solutions
      4. Backing up data
        1. Backing up UCP
        2. Backing up DTR
        3. Backing up application data
      5. Applying OS and Docker updates
        1. OS and Docker Enterprise Engine updates
          1. UCP manager nodes
          2. Worker nodes
        2. Upgrading the UCP software
        3. Upgrading the DTR software
    3. Summary
    4. Questions
    5. Further reading
  17. Important Docker Enterprise Production Topics
    1. Working with orchestrators in production
      1. Health checks
        1. Ephemeral containers and orchestration 
        2. Application startup and health checks
        3. Swarm service health check for AtSea-web
        4. Passing signals into containers
      2. Managed and unmanaged cluster resources
        1. Orchestrators and resource management
          1. Container reservations, requests, and limits
        2. Setting CPU and memory reservations
    2. Production ingress
      1. Ingress model overview
        1. Layer 7 dynamic routing 
        2. Layer 4 simple port-based routing
        3. Static host deployments
      2. Key concepts of blue/green deployments
        1. Blue/green deployments with Swarm
        2. Kubernetes blue/green deployment
      3. Layer 7 routing in production
      4. Layer 4 routing in production
        1. Docker service updates
        2. Layer 4 blue/green deployment
        3. Layer 4 canary deployment
    3. Production monitoring
    4. Summary
    5. Questions
    6. Further reading 
  18. More on Kubernetes with Docker Enterprise
    1. Overview of Docker Enterprise with Kubernetes
      1. CNI networking
        1. Docker Enterprise install – Kubernetes
        2. Advanced Kubernetes networking philosophy
      2. Coexistence – Swarm and Kube
      3. Docker Enterprise Kubernetes role-based access control
      4. Kubernetes persistent volume management 
    2. Docker Desktop to Docker Enterprise Kubernetes
      1. Docker Desktop – Converting AtSea to Kubernetes
        1. Setting up Docker Desktop with Kubernetes
        2. Configuring an application with Kubernetes (Namespace/Secrets/ConfigMaps)
        3. Converting and testing the DB
        4. Creating the DB ClusterIP
        5. Converting the web app
        6. Creating the webapp NodePort
        7. Testing locally
      2. Docker Enterprise for a pilot release of AtSea Kubernetes
        1. Setting up Docker RBAC for the atsea-test namespace
        2. Blue/green deployment of AtSea to the Docker Enterprise Kubernetes cluster
        3. Smoke-testing the AtSea Kubernetes application
        4. Configuring the load balancer for blue/green deployment
    3. Third-party Docker Enterprise Kubernetes integrations
      1. Helm charts on Docker Enterprise Kubernetes
      2. GitLab and Docker Enterprise Kubernetes
      3. Kubernetes persistent volumes with an existing NFS server
        1. Attaching your UCP Kube cluster to an existing on-premises NFS server
          1. The setup
      4. Ingress controller
        1. Installing the NGINX ingress controller
        2. Using the Docker demo application to test our ingress setup
          1. Installing the dockerdemo application and docker-demo-svc
          2. Configuring ingress rules to dockerdemo
          3. Testing the ingress controller flow
    4. Summary
    5. Questions
    6. Further reading
  19. Taking the Docker Enterprise Platform into the Future
    1. Container-first culture
      1. Life before a container-first culture
      2. Life after a container-first culture
        1. Container-first culture for developers
        2. Container-first for DevOps
        3. Container first for operations
      3. Container-first adoption challenges
        1. The cloudy path to organic adoption
        2. Trying to move everyone in the same direction
      4. Container-first target application areas
      5. Considerations for building a container culture
        1. Keeping it simple in the beginning
        2. Recognizing enthusiastic learners and committed adopters
        3. Establishing a learning culture
    2. Docker Enterprise managed clusters
    3. Agile adoption for containers and beyond
      1. Agile Docker Enterprise adoption and container-first
      2. Building your future on the platform
    4. Serverless and containers
    5. Summary
    6. Further reading
  20. Assessments
    1. Chapter 1: Making the Case for Docker Enterprise
    2. Chapter 2: Docker Enterprise – an Architectural Overview
    3. Chapter 3: Getting Started – Docker Enterprise Proof of Concept
    4. Chapter 4: Prepare the Docker Enterprise Pilot Cluster
    5. Chapter 5: Prepare and Deploy a Docker Enterprise Pilot Application
    6. Chapter 6: Design and Pilot a Docker Enterprise CI Pipeline
    7. Chapter 7: Pilot Docker Enterprise Platform Monitoring and Logging
    8. Chapter 8: First Application in Production with Docker Enterprise
    9. Chapter 9: Important Docker Enterprise Production Topics
    10. Chapter 10: More on Kubernetes with Docker Enterprise
  21. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product Information

  • Title: Mastering Docker Enterprise
  • Author(s): Mark Panthofer
  • Release date: March 2019
  • Publisher(s): Packt Publishing
  • ISBN: 9781789612073