►
From YouTube: Extending Docker with Meshery, SPIRE, and Istio
Description
Presented at DockerCon 2022: Extending Docker with Meshery, SPIRE, and Istio with Lee Calcote of Layer5 and Maximiliano Churichi of HPE.
Learn more: https://layer5.io/blog/docker/extending-docker-with-meshery-spire-and-istio
A
Hello,
hello,
docker,
extensions
they're
here:
are
you
as
excited
as
we
are
we're
pretty
pumped
about
the
new
extensibility
framework
within
docker,
desktop
we're
going
to
show
you
an
extension
today.
My
name
is
lee
calcote,
I'm
the
founder
and
ceo
of
layer,
5.
A
Both
maxi
and
I
focus
full
time
on
open
source
projects.
Our
open
source
projects
have
much
to
do
with
service
meshes.
There
are
a
lot
of
service
meshes
by
the
way,
because
we
spend
time
with
in
and
around
service
meshes.
We
spend
time
with
kubernetes,
which
means
we're
running
docker
desktop
day
in
and
day
out.
Docker
desktop
is
a
staple
of
my
daily
routine,
and
I
know
the
same
is
true
for
maxie.
A
We
end
up
using
the
kubernetes
integration
quite
a
bit
and
as
more
of
you
do
as
well
and
more
of
your
writing.
Cloud-Native
applications
you'll
find
and
are
finding
that
service
meshes
are
becoming
a
standard
layer
in
your
cloud
native
stack
service
meshes
have
a
lot
to
do
with
the
focus
of
the
projects
that
we're
on.
A
Let's
talk
about
those
projects,
so
the
first
one
here
is
is
measury.
Meshri
is
a
cloud
native
management
plane,
so
it
is
a
cloud
native
manager.
It
does
lifecycle
and
performance
management
of
10
different
service
meshes
more
than
that.
It
helps
you
with
configuration
management
of
kubernetes
and
with
the
extension
that
we're
talking
about
today.
It
also
does
the
same
for
your
docker
compose
applications.
It
helps
you
get
those
over
to
kubernetes
and
onto
a
service
mesh.
A
Now,
in
my
full-time
role
at
layer
5,
we
end
up
creating
plugins
and
integrations
on
top
of
mesherie.
Today,
we're
talking
about
probably
our
flagship
integration
called
meshmap.
It
is
a
visual
topology.
It
allows
you
to
visually
design
your
cloud
native
apps,
your
docker
compose
apps.
If
you're
using
the
extension
we're
going
to
talk
about,
and
it
does
so
in
a
git
ops,
centric
way
and
for
maxie
he
has
a
couple
of
other
cncf
projects
that
he
focuses
on.
B
Yes,
the
spiffy
project,
this
secure
production,
identity
framework
for
everyone
defines
a
set
of
standards
to
securely
identify
issue,
identities
for
workloads
and
the
spiffy,
the
spire
project,
which
stands
for
the
right
environment
for
spfe.
B
It's
a
production,
ready
reference,
implementation
of
the
spc
principles
and,
additionally,
additionally,
to
all
the
spf
standards
it
implements
a
set
of
apis
that
can
be
used
to
for
controlling
at
station
policies
and
coordinating
certificates,
issues
and
rotation
and
as
hps,
spiffy
and
spires
become
popular
here
at
hpe.
We
have
identified
that
a
long
time
standing
requests
coming
from
the
spire
community
that
they
need
an
easy
way
to
use
spire
as
an
identity
plane
for
for
this
view.
B
And
well
as
we
work
on
this
integration,
we
need
to
ensure
that
the
ongoing
functional
integration
is
solid
and
as
new
instion
spire
versions
are
released,
we
need
to
make
sure
that
there's
no
performance
degradation,
for
example,
so
hp
found
in
the
meshi
extension
for
docker
desktop
a
convenient
tool
that
led
our
engineers
to
deploy
the
service
measure
of
their
choice
with
a
click
of
a
button,
and
that
allows
us
to
quickly
perform
analysis
and
regression.
Testing
on
this
istio
and
spiral
integrations
across
different
scenarios.
B
We
have
been
really
enjoying
using
measuring
as
a
docker
desktop
extension,
as
you
can
quickly
provision
an
initial
deployment
with
a
click
of
a
button,
and
if
we
go
into
measures
ui,
we
can
see
that
it
has
detected
my
docker
desktop
kubernetes
environment
and
has
discovered
the
hto
deployment
that
I
just
provisioned
and
I
can't
even
go
further
and
customize
my
hd
deployment.
For
instance,
I
can
enable
automatic
cycle
injection
for
a
particular
namespace.
B
So
here
we
can
see
some
grafana
dashboards
and
we
use
measurey
to
run
performance
analysis
like
the
ones
I
have
here
to
verify
how
well
our
solution
performs
with
spire
integrated
as
a
custom,
ca,
intuistio
versus
istio's
native
solution
and
as
I
run
those
tests,
I
am
able
to
take
a
look
at
a
given
scenario.
B
I
can
understand
latencies
and-
and
I
can
even
compare
two
different
scenarios
where
I
may
have
done
different
configurations.
B
And
to
further
understand
this,
we
have
been
using
a
mesh
map
where
we
can
see
different
visual
designs
of
my
topology.
B
And
I
can
also
jump
to
the
mesh
map
visualizer
to
better
understand
the
particulars
of
a
given
deployment
and
how
well
it
is
performing.
B
This
gives
you
a
good
level
overview,
but
I
might
be
more
interested
in
how
well
our
solution
is
behaving
with
our
sample
application.
B
So
I
might
want
to
see
the
logs
for
a
particular
container.
I
can
choose
the
port
and
the
container
I
want
and
look
in
the
logs.
A
B
Thank
you
for
having
me,
I
really
enjoyed
sharing
our
story,
our
experience
with
extensions
and
with
mentoring.
I
hope
that
helps
other
and
see
how
how
extensible
doctor
could
be
and
mention
extension,
has
been
a
tremendous
help,
and
I
I
strongly
encourage
everyone
else
to
go
there
and
build
new
stuff
and
try
it
out
for
yourself.