• Share
  • Email
  • Embed
  • Like
  • Private Content
Docker Meetup London

Docker Meetup London



Chris Swan's presentation from the London Docker Meetup #2, hosted at Hotels.com 26 March 2014

Chris Swan's presentation from the London Docker Meetup #2, hosted at Hotels.com 26 March 2014



Total Views
Views on SlideShare
Embed Views



4 Embeds 385

http://www.scoop.it 308
https://twitter.com 73
http://posts.docker.com 3
http://webcache.googleusercontent.com 1



Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Docker Meetup London Docker Meetup London Presentation Transcript

    • copyright 2014 Using Docker in Cloud Networks Chris Swan, CTO @cpswan 1 the original cloud networking company
    • copyright 2014 Agenda 2 Docker Overview Dockerfile and DevOps Docker in Cloud Networks Some Trip Hazards My Docker Wish List
    • copyright 2014 Docker overview 3
    • copyright 2014 Open source project released in March 2013 ! background 4 Image Credit: Docker..io DockerisaContainerSystemforCode

    • copyright 2014 A different granularity of virtualisation 5 Image Credit: Docker..io
    • copyright 2014 What makes the box (v0.9)? 6 Linux containers (libcontainer) Like earlier Unix virtualisation IBM LPAR etc. > chroot < any hardware (VT) protected hypervisor or LXC, OpenVZ, systemd-nspawn, libvirt-lxc,
 libvirt-sandbox, qemu/kvm, BSD Jails,
 Solaris Zones, and even good old chroot ! A union file system (e.g.AUFS/ZFS/BTRFS) Containers are made up out of layers ! Docker command line tool to manage lifecycle of containers run, start, stop, ps, import, export etc.
    • copyright 2014 Going inside the box - Hello World 7
    • copyright 2014 Stacking containers 8 Image Credit: Docker..io
    • copyright 2014 Containers and Images 9 Image Credit: Docker..io
    • copyright 2014 Hello World from Dockerfile 10
    • copyright 2014 A real example of Dockerfile 11
    • copyright 2014 Dockerfile and DevOps 12
    • copyright 2014 John Boyd’s OODA loop 13
    • copyright 2014 Dockerfile makes mistakes very cheap 14
    • copyright 2014 Docker and networking 15
    • copyright 2014 From the container to the hardware 16 Cloud Provider OS/Hypervisor Server Hardware VNS3 Docker Container Physical NIC - bridge/map toVM eth0 bridge to Virtual Interface (eth0) - Docker Interface (docker0) -
    • copyright 2014 When the Docker daemon starts 17 Creates a docker0 bridge if not present Other bridges can be manually configured ! Searches for an IP address range which doesn’t overlap with an existing route Default is ! Picks an IP in the selected range and assigns it to the docker0 bridge Default is ! Containers get a virtual interface that’s bonded to the docker0 bridge Starting with
    • copyright 2014 Port mapping 18 Map a random host port to a container port sudo docker run -d -p 1234 cpswan/demoapp ! Map a specific host port to a container port sudo docker run -d -p 1234:1234 cpswan/demoapp
    • copyright 2014 Container linking 19 Docker takes named links to other containers to populate env variables: # start the database sudo docker run -d -p 3306:3306 -name todomvc_db -v /data/mysql:/var/lib/mysql cpswan/todomvc.mysql ! # start the app server sudo docker run -d -p 4567:4567 -name todomvc_app -link todomvc_db:db cpswan/todomvc.sinatra ! # start the web server sudo docker run -d -p 443:443 -name todomvc_ssl -link todomvc_app:app cpswan/todomvc.ssl Use the env variable in the app server: dburl = 'mysql://root:pa55Word@' + ENV['DB_PORT_3306_TCP_ADDR'] + '/todomvc' DataMapper.setup(:default, dburl)
    • copyright 2014 Docker in cloud networks 20
    • copyright 2014 Before Docker VNS3 is a virtual appliance Swiss Army Knife for networking 21 Router Switch Firewall VPN Protocol Redistributor Scriptable
    • copyright 2014 A typical customer use case 22 On-Site Hardware VNS3 IPsec Tunnel Firewall /VPN Data Center Servers Public Cloud Web App
    • copyright 2014 That annoying extraVM 23 On-Site Hardware VNS3 IPsec Tunnel Firewall /VPN Data Center Servers Public Cloud Web App Internet traffic
    • copyright 2014 With Docker VNS3 3.5 allows customers to embed features and functions provided by other vendors - or developed in house, safely and securely into their Cloud Network. 24 Router Switch Firewall Protocol VPN Scriptable VNS3 Core SSLTermination(Reverse) Proxy Content Caching Load Balancer NIDS Custom
    • copyright 2014 Getting rid of that annoying extraVM 25 On-Site Hardware VNS3 Firewall /VPN Data Center Servers Public Cloud Web App Internet traffic IPsec Tunnel
    • copyright 2014 Seeding the ecosystem 26
    • copyright 2014 and on github 27
    • copyright 2014 as Dockerfile doesn’t stand alone 28
    • copyright 2014 Some trip hazards 29
    • copyright 2014 Inconsistent package repos 30
    • copyright 2014 Beware apt-get upgrade 31 Not a problem in the official Docker.io images ! But... if you’re using images from somewhere else then it’s not good when they try to build an initramfs
    • copyright 2014 Non deterministic actions 32 apt-get install whatever -y ! You want this to be cached in the short term ! You might not want it to be cached long term (I’m not going to wade into the security tar pit right now)
    • copyright 2014 Local vs Global image namespace 33 sudo docker build -t cpswan/haproxy . sudo docker run -d cpswan/haproxy ! != sudo docker run -d cpswan/haproxy ! Nothing there to make you pull before you push ! Global namespace is managed, local namespace isn’t ! Intermediate/private repositories for extra fun :-0
    • copyright 2014 This can happen ‘docker ps’: 34
    • copyright 2014 and also this ‘docker ps --all’: 35
    • copyright 2014 My Docker wish list 36
    • copyright 2014 If only it would... 37 Docker CLI ! Disk quotas ! Route propagation ! Key management
    • copyright 2014 At least one of those wishes might be granted... 38
    • copyright 2014 Summary 39
    • copyright 2014 Summary 40 Docker provides a ‘shipping container’ for apps ! Dockerfile tightens the DevOps OODA loop ! Docker has given us a way to move from closed platform to open platform (and be part of an ecosystem) ! It’s not perfect yet, but it’s not finished yet (and software rarely is anyway)
    • copyright 2014 ! Paddington, London, UK ContactMe@cohesiveft.com   +44 20 8144 0156 @CohesiveFT Questions? 41