2. Docker concepts
Container
● An extremely lightweight VM
holding code, libraries needed to
run apps
● Uses certain linux utilities to
provide isolation (namespaces,
cgroups)
● Fast start, hyper dense, and
portable
Image
A read-only template format
used to create docker containers
from a spec (Dockerfile)
Registry
Docker registry holds images,
just like S3.
Example: Dockerhub, AWS
ECR, GCP GCR, etc...
Dockerfile to Docker Image
> docker build -t demo .
Sending build context to Docker
daemon 365.6kB
Step 1/14 : FROM ruby:2.4-slim-jessie
---> aef69a49c1cd
...
> docker run alpine echo Hello World
Unable to find image 'alpine:latest' locally
latest: Pulling from library/alpine
Digest: sha256:769fddc7cc2f0a1c35abb2f91432e8beecf83916c421420e6a6da9f8975464b6
Status: Downloaded newer image for alpine:latest
Hello World
3. Docker CLI
docker --help
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Commands:
build Build an image from a Dockerfile
cp Copy files/folders between a container and the local filesystem
exec Run a command in a running container
images List images
inspect Return low-level information on Docker objects
kill Kill one or more running containers
logs Fetch the logs of a container
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
4. Challenges with multiple containers
● How to scale?
● How to avoid port conflicts?
● How to manage them in multiple
hosts?
● What happens if a host has a trouble?
● How to keep them running?
● How to update them?
● Where are my containers?
- Configuration
- Scaling & Health
- Monitoring
- Scheduling
- Discovery
- Security
5. Meet kubernetes
Kubernetes is a an open source system for automating
containerized applications.
Manage applications, not machines
● Very Powerful and huge community
● Manages containers at scale
● Run everywhere (supports multiple cloud and bare-metal environments)
● Self healing
● Get more out of hardware
● Platform for Platform (distributed systems)
6. What can it do ?
● Start 5 containers using image
demo/api:v1
● Place an internal load balancer in front
of those containers
● Start 10 containers using image
demo/web:v1
● Place a public load balancer in front of
those containers
● If traffic spikes, grow those out cluster
and add containers
● New release! replace my container with
new version demo/web:v2
● Basic Auto-Scaling/Monitoring
● Long running processes ( Job,
Cronjobs)
● Stateful services (databases, caches)
● Resources & Capacity planning
● Storing configurations/secrets
● etc ...
7. Architecture -Cluster
The cluster is made of two types of
Nodes - Master and Worker
K8S Control plane (api, etcd,
scheduler) runs on master nodes,
which manages entire thing
Your apps run on worker nodes
8. Interacting with Cluster
Kubectl - a rich CLI to talk to
Kubernetes API
> alias kc = kubectl
kc get nodes
kc get nodes -o yaml
kc edit node ip-xx-xx
> kubectl get nodes
NAME STATUS ROLES AGE VERSION
ip-172-20-107-197.ec2.internal Ready node 170d v1.10.11
ip-172-20-107-51.ec2.internal Ready master 170d v1.10.11
ip-172-20-114-41.ec2.internal Ready node 170d v1.10.11
ip-172-20-52-179.ec2.internal Ready node 64d v1.10.11
ip-172-20-60-229.ec2.internal Ready master 170d v1.10.11
ip-172-20-69-22.ec2.internal Ready node 170d v1.10.11
ip-172-20-86-122.ec2.internal Ready master 170d v1.10.11
9. Pod
Small group of tightly coupled containers
The smallest deployed object
Shared namespace (IP, disk)
Not durable and ephemeral in nature
example: data-puller and web-service
10. Deployment
Represent an application deployment
and controls number of pods. It
handles:
● Scaling
● Updating software versions
● Rolling updates
● Pod health checking and healing
● Rollback
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80
11. Services
● Acts as a load-balancer for pods
● Persistent endpoint
● exposes the pods (internal and external)
● Service is associate with pod through label
selector
- ClusterIP – exposed on cluster-internal IP
- NodePort – exposed on nodes IP .via static port
- LoadBalancer – exposed externally on providers NLB
- ExternalName – map service to DNS name
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: my-app
ports:
- name: http
protocol: TCP
port: 80
targetPort: 9376
- name: https
protocol: TCP
port: 443
targetPort: 9377
12. YAML Manifests
YAML file to declare desired state of
Kubernetes object types
● Define Kubernetes type
● Define type specification
● Labels / Annotations
● Metadata
Use kubectl to apply them against
cluster
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
annotations:
app/instance: “nginx”
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
14. Demo (101)
Shipping images to registry
Running application on Kubernetes
Scaling out demo app
Rolling upgrades
15. Demo (advance)
Here is the source code - Github
DockerCoins is made of 5 services:
- rng = web service generating random bytes
- hasher = web service computing hash of POSTed data
- worker = background process calling rng and hasher
- webui = web interface to watch progress
- redis = data store (holds a counter updated by worker)
17. We are always available to talk about your
challenges moving forward towards
microservices and containers.
Dinesh Yadav (dinesh@razorops.com)
https://razorops.com