Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

What's New in Docker - February 2017

Download as PPTX, PDF
Patrick Chanezon
Patrick Chanezon

This document provides an overview of Container as a Service (CaaS) with Docker. It discusses key concepts like Docker containers, images, and orchestration tools. It also covers DevOps practices like continuous delivery that are enabled by Docker. Specific topics covered include Docker networking, volumes, and orchestration with Docker Swarm and compose files. Examples are provided of building and deploying Java applications with Docker, including Spring Boot apps, Java EE apps, and using Docker for builds. Security features of Docker like content trust and scanning are summarized. The document concludes by discussing Docker use cases across different industries and how Docker enables critical transformations around cloud, DevOps, and application modernization.

Related slideshows

Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015
 
Docker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to Docker
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby project
 
1 of 82
Patrick Chanezon, Docker Inc. @chanezon Container as a Service with Docker February 2017
French Polyglot Platforms Software Plumber San Francisco Developer Relations @chanezon
1995 2015
What's New in Docker - February 2017
PublicHybridPrivate Ops Devops Developers
Linux Container Ecosystem flockerglusterfs weavecalicomidokuracisconuage Cloud OS Plugins Orchestration
Agility
What's New in Docker - February 2017
What's New in Docker - February 2017
Agile methodologies (circa 1999)
What's New in Docker - February 2017
Low MTBIAMSH MTBIAMSH (Mean Time Between Idea And Making Stuff Happen)
Agility == $$
Devops
25 Mainframe
Client-Server 26
27 Web
28 Cloud - Devops
Devops • Cultural movement • Inspired by agile methods • People, Processes & Tools • Continuous delivery • Infrastructure as code • Cross silo collaboration • Small iterations • Feedback loop, measurement Image from Patrick Debois http://www.slideshare.net/jedi4ever/devops-the-war-is-over-if-you-want-it http://www.slideshare.net/jedi4ever/devopsdays-downundervfinal
Devops: singing Kumbaya?
28 http://highscalability.com/blog/2013/11/19/we-finally-cracked-the-10k-problem-this-time-for-managing-se.html Server/Sysadmin 1999: 5(Windows) - 50 (Linux) 2015: 10k-20k x2000
28 https://blog.docker.com/2014/12/dockercon-europe-keynote-continuous-delivery-in-the-enterprise-by-henk-kolk-ing/ Henk Kolk, ING, DockerCon EU 2014 People, Processes, Products deployment time: 9 months -> 15 min 1500 deployments/week
Docker
The world needs tools of mass innovation
A programmable Internet would be the ultimate tool of mass innovation
A commercial product, built on a development platform, built on infrastructure, built on standards. Docker is building a stack to program the Internet
Isolation using Linux kernel features namespaces  pid  mnt  net  uts  ipc  user cgroups  memory  cpu  blkio  devices
Image layers
Dockerfile FROM java:8 MAINTAINER Patrick Chanezon <patrick@chanezon.com> EXPOSE 8080 COPY spring-doge/target/*.jar /usr/src/spring-doge/spring- doge.jar WORKDIR /usr/src/spring-doge CMD java -Dserver.port=8080 - Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar HEALTHCHECK --interval=5m --timeout=3s --retries=3 CMD curl -f http://localhost:8080/ || exit 1
Using Docker to compile your jar/war https://registry.hub.docker.com/_/maven/ docker run -it --rm -v $PWD:/usr/src/spring-doge -v maven:/root/.m2 -w /usr/src/spring-doge maven:3.3-jdk-8 mvn package
Build an image docker build -t chanezon/spring-doge . FROM java:8 MAINTAINER Patrick Chanezon <patrick@chanezon.com> EXPOSE 8080 COPY spring-doge/target/*.jar /usr/src/spring-doge/spring- doge.jar WORKDIR /usr/src/spring-doge CMD java -Dserver.port=8080 - Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar HEALTHCHECK --interval=5m --timeout=3s --retries=3 CMD curl -f http://localhost:8080/ || exit 1
Analyzing images docker images java docker history java:8
Run a container docker run —env MONGODB_URI=mongodb://mongo:27017/test -p 8090:8080 chanezon/spring-doge
docker-compose: running multiple containers  Run your stack with one command: docker-compose up  Describe your stack with one file: docker-compose.yml version: '2' services: web: image: chanezon/spring-doge ports: - "8080:8080" links: ["mongo"] environment: - MONGODB_URI=mongodb://mongo:27017/test mongo: image: mongo
docker stack deploy  Deploy your stack with one command: docker stack deploy  Describe your stack with one file: docker-compose.yml version: '3' services: web: image: chanezon/spring-doge ports: - "8004:8080" environment: - MONGODB_URI=mongodb://mongo:27017/test depends_on: - mongo deploy: replicas: 2 update_config: parallelism: 2 delay: 10s restart_policy: condition: on-failure mongo: image: mongo
Demo
• Spring Boot, Spring Data • AngularJS front-end • docker 1.12 • compose 1.8.1 Spring Boot App using MongoDB https://github.com/joshlong/spring-doge https://github.com/chanezon/docker-tips/ https://github.com/chanezon/spring-doge
Docker Java Labs https://github.com/docker/labs/tree/master/developer-tools/ • Wildfly and Couchbase J2EE App • Debugging a Java app in Docker using Eclipse
What’s New?
1. Developer experience
1. Get out of the way The best tools… 2. Adapt to you 3. Make the powerful simple
Docker for Mac Docker for Windows
2. Orchestration
ng the best way to orchestrate Docke Docker 1.12: now with orchestration built-in.
Swarm mode Service API Cryptographic node identity Built-in routing mesh Docker 1.12: now with orchestration built-in.
Using the beta? You already have 1.12 installed. > docker swarm init > docker service create
3. Ops experience
Deep integration with native load-balancers, templates, SSH keys, ACLs, scaling groups, firewall rules…
What's New in Docker - February 2017
Docker & Microsoft • Build • Docker Toolbox & Kitematic for Windows • Docker for Windows beta • Docker engine on Windows Server 2016 TP4 • yo-docker to dockerize existing projects • Visual Studio Docker Tools • Ship • VSTS extension for Docker beta • Run • Azure Docker agent • ACS • Docker datacenter on Azure ARM template
Docker Store
What’s New in Docker 1.13 • Compose file support for Swarm mode service deployment • docker stack deploy --compose-file=docker-compose.yml my_stack • System commands • docker system df • docker system prune • Monitoring • docker service logs • Prometheus experiment endpoint • Build • docker build —squash • CPU management —cpus 2.5 • Docker for AWS & Azure GA
Docker CaaS
XaaS Pyramid Platform As A Service Infrastructure As A Service Software As A Service
What's New in Docker - February 2017
What's New in Docker - February 2017
5 Goldilocks and the 3 XaaS Just rightToo highToo low IaaS PaaS CaaS
5 Goldilocks and the 3 XaaS Platform As A Service Infrastructure As A Service Software As A Service Too high Too low Just right Container As A Service
Example “- When do you guys support FORT - Sorry it’s not supported by Cloud F
Goals + + Agility Portability Control
BUILD Development Environments SHIP Registry: Secure Content & Collaboration RUN Control Plane: Deploy, Orchestrate, Manage, Scale Networking Volumes MonitoringLoggingConfig MgtCI/CD IT Operations Developers IT Operations Docker CaaS Workflow
Docker Universal Control Plane Integrated Security Docker Engine Container runtime, orchestration, networking, volumes, plugins Docker Trusted Registry Operating Systems Config Mgt Monitoring LoggingCI/CD ..more..Images Networking Volumes VirtualizationPublic Cloud Physical Docker Datacenter Docker Datacenter platform
Usable Security Secure defaults with tooling that is native to both dev and ops The Key Components of Container Security 63 Infrastructure Independent Trusted Delivery Safer Apps Everything needed for a full functioning app is delivered safely and guaranteed to not be tampered with All of these things in your system are in the app platform and can move across infrastructure without disrupting the app + + =
Usable Security Integrated Security with Docker Datacenter 64 Infrastructure Independent Trusted Delivery Safer Apps Image Scanning TLS Encryption Encryption at Rest App Secrets Image Signing & Verification Public CloudVirtualizationPhysical Users & RBAC Dev/Ops Workflow + + = Secure by default runtime
Docker Universal Control Plane
UCP Permission Model
What’s New in Docker Datacenter
What’s New in Docker Datacenter on Docker 1.13 Application Services Content Trust and Distribution Platform Enhancements • Secrets Management • HTTP Routing Mesh (GA) • Docker Compose for Services • Access control for Secrets and Volumes • Image Content Cache • On premises image security scanning and vulnerability monitoring • Registry Webhooks • DTR install command from UI • UI Enhancements • Additional LDAP configs • Templates for AWS, Azure
Integrated Secrets Management 69 WorkerWorker Manager Internal Distributed Store Raft Consensus Group ManagerManager Worker External App Web UI • Management – Admins can add/remove/list/update secrets in the cluster – Exposed to a container via a ”/secrets” tmpfs volume • Authorization – Tag secrets to a specific service – Admins can authorize secrets access to users/teams via RBAC • Rotation – Use GUI to update a secret to all containers in a service • Auditing – Each user request for secret access logged in cluster for auditing
Security Scanning: Get a full BOM for a Docker Image
71 Security Scanning: Vulnerabilities and Licensing for Each Component
Security Scanning: Set Automated Policy for Scanning
Security Scanning: Online and Offline Updates
Compose for Services • Deploy stacks (services, volumes, networks, secrets) using new Compose file v3.1 format • Manage and monitor stacks directly from UCP UI
Built in HTTP Routing Mesh (Now GA!) • Extend TCP routing mesh to HTTP hostname routing for services • HTTPS support via SNI protocol • Support for multiple HRM networks for enhanced app isolation • External LB routes hostnames to nodes • Can add hostname routing via UI • Non-service containers continue to use Interlock ref arch WorkerWorkerWorker External Load Balancer Traffic via DNS (http to port 80 or other) Foo.com Bar.com Qux.com R RR
Docker Use Cases
Docker users already running in production 60% Docker in Production Docker Survey: State of Applications Q1 2016 Cluster HQ: State of Container Usage June 2016 Companies running container technology in production (500+ employees)
Across the Enterprise HealthcareMedia Financial Services …And More E-commerce / Consumer Services TechGovernment
Docker Enabling Critical Transformations 80% Docker is central to cloud strategy Docker Survey: State of App development : Q1 - 2016 3 out 4 Top initiatives revolve around applications 44% Looking to adopt DevOps App Modernization DevOpsCloud
The Data Shows Hybrid Infrastructure and Applications 2016 Docker Use Cases Docker Survey: State of App development : Q1 - 2016 Docker Workloads
• Spring Boot, MongoDB, compose, swarm, networking • https://github.com/joshlong/spring-doge • https://github.com/chanezon/docker-tips/orchestration-networking • Java EE 7 / Angular App with Docker Swarm by @mgreau Compose for build and deploy, Wildfly, Apache, Angular, Mysql, Redis, batch and API apps • https://github.com/mgreau/docker4dev-tennistour-app • Java EE Docker & Kubernetes by @arun-gupta • https://github.com/javaee-samples/docker-java Java Examples
THANK YOU

More Related Content

What's New in Docker - February 2017

  • 1. Patrick Chanezon, Docker Inc. @chanezon Container as a Service with Docker February 2017
  • 12. Low MTBIAMSH MTBIAMSH (Mean Time Between Idea And Making Stuff Happen)
  • 19. Devops • Cultural movement • Inspired by agile methods • People, Processes & Tools • Continuous delivery • Infrastructure as code • Cross silo collaboration • Small iterations • Feedback loop, measurement Image from Patrick Debois http://www.slideshare.net/jedi4ever/devops-the-war-is-over-if-you-want-it http://www.slideshare.net/jedi4ever/devopsdays-downundervfinal
  • 22. 28 https://blog.docker.com/2014/12/dockercon-europe-keynote-continuous-delivery-in-the-enterprise-by-henk-kolk-ing/ Henk Kolk, ING, DockerCon EU 2014 People, Processes, Products deployment time: 9 months -> 15 min 1500 deployments/week
  • 24. The world needs tools of mass innovation
  • 25. A programmable Internet would be the ultimate tool of mass innovation
  • 26. A commercial product, built on a development platform, built on infrastructure, built on standards. Docker is building a stack to program the Internet
  • 27. Isolation using Linux kernel features namespaces  pid  mnt  net  uts  ipc  user cgroups  memory  cpu  blkio  devices
  • 29. Dockerfile FROM java:8 MAINTAINER Patrick Chanezon <patrick@chanezon.com> EXPOSE 8080 COPY spring-doge/target/*.jar /usr/src/spring-doge/spring- doge.jar WORKDIR /usr/src/spring-doge CMD java -Dserver.port=8080 - Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar HEALTHCHECK --interval=5m --timeout=3s --retries=3 CMD curl -f http://localhost:8080/ || exit 1
  • 30. Using Docker to compile your jar/war https://registry.hub.docker.com/_/maven/ docker run -it --rm -v $PWD:/usr/src/spring-doge -v maven:/root/.m2 -w /usr/src/spring-doge maven:3.3-jdk-8 mvn package
  • 31. Build an image docker build -t chanezon/spring-doge . FROM java:8 MAINTAINER Patrick Chanezon <patrick@chanezon.com> EXPOSE 8080 COPY spring-doge/target/*.jar /usr/src/spring-doge/spring- doge.jar WORKDIR /usr/src/spring-doge CMD java -Dserver.port=8080 - Dspring.data.mongodb.uri=$MONGODB_URI -jar spring-doge.jar HEALTHCHECK --interval=5m --timeout=3s --retries=3 CMD curl -f http://localhost:8080/ || exit 1
  • 32. Analyzing images docker images java docker history java:8
  • 33. Run a container docker run —env MONGODB_URI=mongodb://mongo:27017/test -p 8090:8080 chanezon/spring-doge
  • 34. docker-compose: running multiple containers  Run your stack with one command: docker-compose up  Describe your stack with one file: docker-compose.yml version: '2' services: web: image: chanezon/spring-doge ports: - "8080:8080" links: ["mongo"] environment: - MONGODB_URI=mongodb://mongo:27017/test mongo: image: mongo
  • 35. docker stack deploy  Deploy your stack with one command: docker stack deploy  Describe your stack with one file: docker-compose.yml version: '3' services: web: image: chanezon/spring-doge ports: - "8004:8080" environment: - MONGODB_URI=mongodb://mongo:27017/test depends_on: - mongo deploy: replicas: 2 update_config: parallelism: 2 delay: 10s restart_policy: condition: on-failure mongo: image: mongo
  • 36. Demo
  • 37. • Spring Boot, Spring Data • AngularJS front-end • docker 1.12 • compose 1.8.1 Spring Boot App using MongoDB https://github.com/joshlong/spring-doge https://github.com/chanezon/docker-tips/ https://github.com/chanezon/spring-doge
  • 38. Docker Java Labs https://github.com/docker/labs/tree/master/developer-tools/ • Wildfly and Couchbase J2EE App • Debugging a Java app in Docker using Eclipse
  • 41. 1. Get out of the way The best tools… 2. Adapt to you 3. Make the powerful simple
  • 42. Docker for Mac Docker for Windows
  • 44. ng the best way to orchestrate Docke Docker 1.12: now with orchestration built-in.
  • 45. Swarm mode Service API Cryptographic node identity Built-in routing mesh Docker 1.12: now with orchestration built-in.
  • 46. Using the beta? You already have 1.12 installed. > docker swarm init > docker service create
  • 48. Deep integration with native load-balancers, templates, SSH keys, ACLs, scaling groups, firewall rules…
  • 50. Docker & Microsoft • Build • Docker Toolbox & Kitematic for Windows • Docker for Windows beta • Docker engine on Windows Server 2016 TP4 • yo-docker to dockerize existing projects • Visual Studio Docker Tools • Ship • VSTS extension for Docker beta • Run • Azure Docker agent • ACS • Docker datacenter on Azure ARM template
  • 52. What’s New in Docker 1.13 • Compose file support for Swarm mode service deployment • docker stack deploy --compose-file=docker-compose.yml my_stack • System commands • docker system df • docker system prune • Monitoring • docker service logs • Prometheus experiment endpoint • Build • docker build —squash • CPU management —cpus 2.5 • Docker for AWS & Azure GA
  • 54. XaaS Pyramid Platform As A Service Infrastructure As A Service Software As A Service
  • 57. 5 Goldilocks and the 3 XaaS Just rightToo highToo low IaaS PaaS CaaS
  • 58. 5 Goldilocks and the 3 XaaS Platform As A Service Infrastructure As A Service Software As A Service Too high Too low Just right Container As A Service
  • 59. Example “- When do you guys support FORT - Sorry it’s not supported by Cloud F
  • 61. BUILD Development Environments SHIP Registry: Secure Content & Collaboration RUN Control Plane: Deploy, Orchestrate, Manage, Scale Networking Volumes MonitoringLoggingConfig MgtCI/CD IT Operations Developers IT Operations Docker CaaS Workflow
  • 62. Docker Universal Control Plane Integrated Security Docker Engine Container runtime, orchestration, networking, volumes, plugins Docker Trusted Registry Operating Systems Config Mgt Monitoring LoggingCI/CD ..more..Images Networking Volumes VirtualizationPublic Cloud Physical Docker Datacenter Docker Datacenter platform
  • 63. Usable Security Secure defaults with tooling that is native to both dev and ops The Key Components of Container Security 63 Infrastructure Independent Trusted Delivery Safer Apps Everything needed for a full functioning app is delivered safely and guaranteed to not be tampered with All of these things in your system are in the app platform and can move across infrastructure without disrupting the app + + =
  • 64. Usable Security Integrated Security with Docker Datacenter 64 Infrastructure Independent Trusted Delivery Safer Apps Image Scanning TLS Encryption Encryption at Rest App Secrets Image Signing & Verification Public CloudVirtualizationPhysical Users & RBAC Dev/Ops Workflow + + = Secure by default runtime
  • 67. What’s New in Docker Datacenter
  • 68. What’s New in Docker Datacenter on Docker 1.13 Application Services Content Trust and Distribution Platform Enhancements • Secrets Management • HTTP Routing Mesh (GA) • Docker Compose for Services • Access control for Secrets and Volumes • Image Content Cache • On premises image security scanning and vulnerability monitoring • Registry Webhooks • DTR install command from UI • UI Enhancements • Additional LDAP configs • Templates for AWS, Azure
  • 69. Integrated Secrets Management 69 WorkerWorker Manager Internal Distributed Store Raft Consensus Group ManagerManager Worker External App Web UI • Management – Admins can add/remove/list/update secrets in the cluster – Exposed to a container via a ”/secrets” tmpfs volume • Authorization – Tag secrets to a specific service – Admins can authorize secrets access to users/teams via RBAC • Rotation – Use GUI to update a secret to all containers in a service • Auditing – Each user request for secret access logged in cluster for auditing
  • 70. Security Scanning: Get a full BOM for a Docker Image
  • 71. 71 Security Scanning: Vulnerabilities and Licensing for Each Component
  • 72. Security Scanning: Set Automated Policy for Scanning
  • 73. Security Scanning: Online and Offline Updates
  • 74. Compose for Services • Deploy stacks (services, volumes, networks, secrets) using new Compose file v3.1 format • Manage and monitor stacks directly from UCP UI
  • 75. Built in HTTP Routing Mesh (Now GA!) • Extend TCP routing mesh to HTTP hostname routing for services • HTTPS support via SNI protocol • Support for multiple HRM networks for enhanced app isolation • External LB routes hostnames to nodes • Can add hostname routing via UI • Non-service containers continue to use Interlock ref arch WorkerWorkerWorker External Load Balancer Traffic via DNS (http to port 80 or other) Foo.com Bar.com Qux.com R RR
  • 77. Docker users already running in production 60% Docker in Production Docker Survey: State of Applications Q1 2016 Cluster HQ: State of Container Usage June 2016 Companies running container technology in production (500+ employees)
  • 78. Across the Enterprise HealthcareMedia Financial Services …And More E-commerce / Consumer Services TechGovernment
  • 79. Docker Enabling Critical Transformations 80% Docker is central to cloud strategy Docker Survey: State of App development : Q1 - 2016 3 out 4 Top initiatives revolve around applications 44% Looking to adopt DevOps App Modernization DevOpsCloud
  • 80. The Data Shows Hybrid Infrastructure and Applications 2016 Docker Use Cases Docker Survey: State of App development : Q1 - 2016 Docker Workloads
  • 81. • Spring Boot, MongoDB, compose, swarm, networking • https://github.com/joshlong/spring-doge • https://github.com/chanezon/docker-tips/orchestration-networking • Java EE 7 / Angular App with Docker Swarm by @mgreau Compose for build and deploy, Wildfly, Apache, Angular, Mysql, Redis, batch and API apps • https://github.com/mgreau/docker4dev-tennistour-app • Java EE Docker & Kubernetes by @arun-gupta • https://github.com/javaee-samples/docker-java Java Examples

Editor's Notes

  1. Local development environments Self service app images Build, Test, Deploy applications Define app behavior and infra needs Registry services for image storage, management and distribution IT Ops maintains library of secure base content Manage role based access to repos/images Management consoles Provision, manage infrastructure resources Monitor, manage, scale infrastructure and applications
  2. When approaching app containers and the security surrounding them, Docker believes there are three key components or characteristics that are critical. Usable security - This means that it has to be usable by both the people at both ends of the app pipeline. Secure by default with usable tooling that makes sense for developers and operators -- workflows that work for them Trusted Delivery - Meaning that apps move around, so you need ensure that it safely gets from point A to point B with proof that is hasn’t been tampered with. Securely delivered signed, encrypted --security that is required for delivering app Infrastructure independent - totally portable to whatever infrastructure you deliver it on. The security configurations are defined at the app and can then move from a developer’s workstation to a test in the cloud to a production datacenter without losing any of it’s security or requiring re-coding of the app to make it work. Build each point so the final slide has all 3 points. Safer apps mean that when you build and deploy your app in docker, it is intrinsically more secure TD is everything is needed for the full functioning of your app is delivered in a secure and trusted manner All of these things in your system are in the app platform itself and move across Secrets enable: secure API handshakes, encrypted communication what else? Assign secrets to services when they are ready to run and need to connect to other services (both internal and external)
  3. Build each point so the final slide has all 3 points. Safer apps mean that when you build and deploy your app in docker, it is intrinsicly more secure TD is everything is needed for the full fucntioning of your app is delivered in a secure and trusted manner All of these things in your system are in the app platform itself and move across = usable = people are not leaning in to security Secrets enable: secure API handshakes, encrypted communication what else? Assign secrets to services when they are ready to run and need to connect to other services (both internal and external)
  4. Docker delivers secrets management architected for containerized applications Usable Security: Integrated and designed with dev and ops workflows in mind Trusted Delivery: Encrypted storage and secure transit with TLS Infrastructure Independent: A portable security model across any infrastructure across the lifecycle All apps are safer - Only the assigned app can access the secret, even with multiple apps on the same cluster Docker Datacenter provides integrated secrets and container management with granular access controls for a secure software supply chain.
  5. Local development environments Self service app images Build, Test, Deploy applications Define app behavior and infra needs Registry services for image storage, management and distribution IT Ops maintains library of secure base content Manage role based access to repos/images Management consoles Provision, manage infrastructure resources Monitor, manage, scale infrastructure and applications
  6. The http routing mesh service uses these labels to route hostname pings to the correct service (e.g. “foo.com” → “S1”) Customer can set up an external LB of choice (e.g. F5, ELB) to route hostnames to nodes via DNS Services only; Interlock reference architecture for UCP 1.1.x should continue to function for non-service containers Each app service can have a label corresponding to a host address External LB routes hostnames to nodes Non services containers continue to use RA w/Interlock Now Generally Available Support for routing multiple hostnames to the same docker service HTTPS pass-through via SNI Sticky sessions (use named cookie to always route to same task) Support for multiple HRM networks for increased app isolation Increased stability during config loading and app routing failures Improved UI Configure hostname routing directly from service deploy/inspect pages View app routing configs status