SlideShare a Scribd company logo
munz & more
Docker
In the ORACLE Universe
OTN Tour APAC / South America / 2016 Dr. Frank Munz
2
•Frank Munz
•Founded munz & more in 2007
•15 years Oracle Middleware,
Cloud, and Distributed Computing
•Consulting and
High-End Training
•Wrote two Oracle and
one Cloud book
Docker
... some basics
“Docker wasn’t	on	anyone’s	agenda	for	2014.
It’s	on	every	ones	roadmap	for	2015.”
Adrian	Cockroft
Netflix
#OOW2014			”...	Docker?”
Docker
• Open Source (evolving), written in Go
• Container technology
• Portable standard
• Runs on Linux (Microsoft, MacOS, Solaris)
Google starts
2.000.000.000
containers
per week!
Virtualization vs. Isolation
munz & more #8
Linux	+	Docker
Hardware
a.war
Docker	container in	Linux
with	own	FS,	network	stack	/	
IP	address,	process	space	and	
resource	limits
->	Isolation
Hardware
OVM	/	VmWare ESX	/	Xen
Application
1	
Solaris
Application
2
Linux
Application
3
Win
Server	Virtualization
type	1	hypervisor
=	on	bare	metal
Hardware
Mac	OS	/	Win
Desktop	Virtualization:
type	2	hypervisor
=	with	host	OS
ejb.jar
y.jar
x.py
JDK
WebLogic
tools
Jython
VirtualBox
Application1
Linux
Application2
Win
Docker
munz & more #9
Linux	+	Docker
Hardware
a.war
ejb.jar
y.jar
x.py
JDK
WebLogic
tools
Jython
Docker is not a
lightweight VirtualBox
- it's about isolation.
Containers run on
Linux kernel of host
-> Containers are
visible on host
Docker Images
• Package format
• Layered incremental,
copy on write file system
• “Application with all dependencies”
• Create image yourself
or get it from Docker Hub
docker images
munz & more #10
Example Layers:
- WLS Domain
- WebLogic
- Java
- Base Image
Docker Container
• Isolated runtime of Docker image
• Starts up in milliseconds
• Sandboxing uses Linux namespaces and
cgroups (RAM, CPU, filesystem)
-> isolated part of your Linux
• Open Container Standard / Linux Foundation
docker run -d –p 3333:9999 fmunz/micro
munz & more #11
Solves the “Worked For Me!” issue
munz & more #12
OS	tools,	JDK,	
patches,	database	
driver,	libs,	
appserver,	domain,	
deployment,	tools,	
scripts
Docker
OS	utils,	JDK,	patches,	database	driver,	libs,	
appserver,	domain,	deployment,	tools,	
scripts
Integration,
Performance,
Acceptance
Testing	
Production
dockerize it!
You can pass environment variables
for specific settings e.g. in prod
Docker Registry
And Now Automate
• Build Docker images for testing in
continuous delivery pipeline
• Use Jenkins / Hudson hooks or a maven
plugin to create / start / stop /delete
Docker containers
munz & more #13
… automate, automate, automate
Various maven plugins available, e.g.
R. Huss (Jolokia REST-JMX bridge):
https://github.com/rhuss/docker-maven-plugin
munz & more #14
Dockerfile
Manually create container with
docker buildDockerfile
Docker Image
Automatic build
+
Dockerfile
munz & more #16
Manually create container:
docker build –t name .
the registry
Registry
Public Hosted registry:
• Docker image is not found? pulled from registry
• Push your image to registry
docker push yourname/newimage
• Free account includes 1 private registry
Private On Premise Registry:
containerized registry for download
with fs and optional in-memory, S3, or Azure data store
munz & more #18
what could be your
biggest nightmare:
unknown and
unofficial images
(>14000)
Docker Registry
Automated Builds
• Automatically build your images:
GitHub account with Dockerfile
• Registry uses GitHub directory structure
as build context
• Image is uploaded automatically
to Docker hub
-> Trust, up to date, and transparent
clouds
Docker in the Cloud?
Supported by every major cloud provider:
munz & more #22
On premise -> all clouds
Docker
Registry
Docker	Container	Service
EC2	Container	Service
Google	Container	Engine
Azure	Container	Service
Bluemix Containers
Oracle Cloud and Docker
Oracle Container Cloud Service (announced)
• You can run your Docker containers and orchestrate them
• This will work with a public registry
Application Container Cloud Service
• Uses Docker containers to run your
Java or JavaScript application
Compute Cloud Service
• Manually run your containers
munz & more #23
munz & more #24
OCCS Preview @ OOW 2016
munz & more #25
OCCS @ OOW 2016
We run the first
public Docker
image (mine!)
on OCCS at
OOW 2016.
munz & more #26
munz & more #27
demo?
Small Images / Microservices
You can have a real service in ...
Possible
Options:
busybox and
static binary
munz & more #29
Simple Life Inside Container
munz & more #30
processes
FS
mounts
#3
Security
$ docker run -d –p
8080:9999 fmunz/micro
vs.
Mistery Box
A stranger gives you a box at night and
asks you to connect it to your company
network.
Would you do it?
Suggestions
• Use trusted images / with known Dockerfile
• Kernel features are well established
– cgroups (2006, merged into 2.6.24 kernel)
– namespaces (initial kernel patch 2.4.19)
• Docker can use TLS (client to daemon)
• Docker images can be signed
• Think (twice) about pulling images from
public repos / Docker hub
munz & more #35
FUD
"Docker is like chroot() on steroids."
Yes: It's easy to escape chroot() environment
No: Docker does not use chroot()
-> it uses namespaces
munz & more #36
Linux Capabilities
• Privileged container: like having root on host
• Capabilities -> Break down power of root
• Examine PID 1 capabilities with getpcaps:
munz & more #37
"Containers don't contain!"
Quote by D. Walsh, Mr. SE Linux <- !!
SELinux = what a process is able to do based on rules.
Enforcement:
containerProcessType
can only read/exec
/user files
and only write to
containerFilesType
munz & more #38
A really bad idea:
setenforce 0
… more Suggestions
• Drop privileges as quickly as possible
• Treat root in container as root outside
(although it isn't)
• No secrets in images
• Combine Docker with
SELinux, AppArmor and / or virtualization
• Host can always access container
Note: Public PaaS do not simply spin up Docker
containers!
munz & more #39
Cheat Sheet
munz & more
Source:	Container-Solutions.com
Conclusion
• You have to deal with Docker security
depending on your use case
• Note: Public PaaS are not just spinning up
Docker containers they use SELinux, VMs,…
• Docker is not a risk per se
but new technology with different challenges.
munz & more #41
Docker in
Production?
WebLogic
in a Docker
Container!
Docker Style
• Independent appserver in container
• Microservices style architecture
• Just add your favorite Docker
cluster manager
munz & more #44
OS	tools,	JDK,	
database	driver,	libs,	
appserver,	single	/	
selfcontained
domain,		
deployment,	tools,	
scripts
JDK,	WLS,	Domain
createServer.sh:
creates	machine/NM,
starts	NM,
creates	manServ,
starts	manServ
Links (OLD): WebLogic Example
munz & more #45
$docker run -d
--link wlsadmin:wlsadmin
fmdom1
createServer.sh
$docker run -d -p 8001:8001
--name=wlsadmin
fmdom1
startWebLogic.sh
JDK,	WLS,	Domain
startWebLogic.sh
starts	AdminServer
wlsadmin
JDK,	WLS,	Domain
createServer.sh:
creates	machine/NM,
starts	NM,
creates	manServ,
starts	manServ
connect to admin
due to --link:
/etc/hosts
172.17.1.99			wlsadmin 31a1baaf
OLD STYLE!
Use Networks now…port	8001 IP:port 7001
Managed	Servers
--link
Docker in
the Oracle Universe
Oracle	Product in	Docker	 Official	Support?
GlassFish
MySQL yes
NoSQL
OpenJDK
Oracle	Linux yes
OracleCoherence yes
OracleDatabase Dockerfile avail
OracleHTTPServer yes
OracleJDK yes
OracleTuxedo yes
OracleWebLogic yes #47^
Oracle support
does not require
you to use the
provided Docker
files!
https://github.com/oracle/docker-images
munz & more #48
WebLogic: What Do You Get?
• NOT WebLogic from Docker registry
• NO automatic build via github
• Github repo with scripts
to set up WebLogic on
Oracle Linux in Docker
• Generic distribution
• Docker is a supported
environment for
WebLogic 12.1.3+
munz & more #49
Just Drop Server JRE and WLS Installer
munz & more #50
$ cd java-8
$ docker build -t oracle/jdk:8 .
Sending build context to Docker daemon 4.096 kB
Step 1 : FROM oraclelinux:latest
latest: Pulling from library/oraclelinux
10ec637c060c: Downloading 4.865 MB/97.84 MB
...
$ sh buildDockerImage.sh -g -v 12.2.1.1
...
Dockerfile
$docker build
-t wls:latest .
Dockerfile and Scripts
(from Oracle github)
WebLogic
Docker Image
(no domain)
Extend the WLS-only image
Sample script provided:
• Dockerfile to extend WLS image
• Run WLST script to create domain
• Create boot.properties
• Expose NM, Server ports
munz & more #52
Linux	Base	Image
JDK	Image
WebLogic	Image
WLS	Domain	Image
Docker Compose
munz & more #53
docker-compose.yml
With –f you can
have multiple
Docker Compose
YAML files
Docker
Networking
Networking: Facts to Know
• Docker --link only works on single host
-> regarded as deprecated now
• Networking supported since Docker 1.9
• SDN network that spans hosts:
Libnetwork implements
Container Networking Model (CNM):
Endpoint / Network / Sandbox
munz & more #55
Overlay Network
munz & more #56
munz & more #57
OracleWebLogic/samples/1221-multihost:
Orchestration /
Cluster Manager
Setup Swarm and Machine
1. Create Swarm ID
2. Create Machine with Swarm master
3. Create Machine with Swarm agent01 / 02
4. Set Docker env for Swarm master
munz & more #59
Docker Swarm
• Native Docker cluster
-> same API as a single engine
• Fast provisioning, about 500 msec
• Scheduling Algo: spread, binpack, rand
• Features are optional,
you can continue use
Kubernetes etc.
• There is NO insecure mode J
munz & more #60
Docker Swarm
Since Docker 1.12
• Swarm is merged with Docker engine:
– Load balancer included
– Service discovery
– Cluster scheduler
• Swarm has many features like Google's
Kubernetes
- easier to get started
munz & more #61
Docker Machine
• Provision Docker in VirtualBox,
Vmware, GCE, AWS, DigitalOcean etc.
docker-machine 
create -d=virtualbox default
• Mac OS's boot2docker is replaced
by Docker Machine, which again
is replaced by native Docker
on Mac now
munz & more #62
Updates Images?
You could use Docker copy command –
yet it’s not hip in the cloud to update.
Just rebuild the container.
munz & more #63
“Servers are cattle.
Not pets.”
-> immutable server
My Predictions
• Swarm will take its share from Kubernetes.
• You will not dockerize 90% of your enterprise IT
in the next 18 months.
• Docker is the new Linux.
Be ready to experience that feeling we had
with Linux 13 years ago J
munz & more #64
Conclusion
• Docker is ready for prime time!
• Docker itself, but more so cluster managers
are still evolving
• Docker is not a security risk,
but make sure to tick off the security checklist
• Oracle caught the trend early – good!
• Many products supported, more to come?
munz & more #65
http://www.oracle.com/us/pro
ducts/middleware/cloud-app-
foundation/weblogic/weblogic
-server-on-docker-wp-
2742665.pdf
Oracle	Whitepaper	
WebLogic	on	Docker
munz & more #67
Good Docker book by
J. Turnbull
(covering Docker 1.12)
Thank You!
tweet to win!
#otntour AND @soacommunity
@frankmunz
+picture?
www.munzandmore.com/blog
facebook.com/cloudcomputingbook
facebook.com/weblogicbook
@frankmunz
youtube.com/weblogicbook
-> more than 50 web casts
Don’t be
shy J

More Related Content

What's hot

Docker introduction
Docker introductionDocker introduction
Docker introductionJo Ee Liew
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paasrajdeep
 
Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Rama Krishna B
 
Docker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and toolsDocker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and toolsRamit Surana
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and more
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and moreAll Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and more
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and moreAll Things Open
 
Docker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudDocker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudSamuel Chow
 
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Michelle Antebi
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Michelle Antebi
 
An Introduction To Docker
An Introduction To  DockerAn Introduction To  Docker
An Introduction To DockerGabriella Davis
 
Whats new in Microsoft Windows Server 2016 Clustering and Storage
Whats new in Microsoft Windows Server 2016 Clustering and StorageWhats new in Microsoft Windows Server 2016 Clustering and Storage
Whats new in Microsoft Windows Server 2016 Clustering and StorageJohn Moran
 
DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...
DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...
DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...Docker, Inc.
 
Advanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and WindowsAdvanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and WindowsAnil Madhavapeddy
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java DevelopersNGINX, Inc.
 
Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707Clarence Ho
 

What's hot (20)

Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Server 2016 sneak peek
Server 2016 sneak peekServer 2016 sneak peek
Server 2016 sneak peek
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paas
 
Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)
 
Docker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and toolsDocker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and tools
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
 
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and more
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and moreAll Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and more
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and more
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppet
 
Docker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudDocker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google Cloud
 
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
 
An Introduction To Docker
An Introduction To  DockerAn Introduction To  Docker
An Introduction To Docker
 
Whats new in Microsoft Windows Server 2016 Clustering and Storage
Whats new in Microsoft Windows Server 2016 Clustering and StorageWhats new in Microsoft Windows Server 2016 Clustering and Storage
Whats new in Microsoft Windows Server 2016 Clustering and Storage
 
DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...
DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...
DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...
 
Advanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and WindowsAdvanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and Windows
 
OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack Cinder
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java Developers
 
Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707
 

Similar to Docker in the Oracle Universe / WebLogic 12c / OFM 12c

Docker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSDocker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSFrank Munz
 
Oracle WebLogic Server 12c with Docker
Oracle WebLogic Server 12c with DockerOracle WebLogic Server 12c with Docker
Oracle WebLogic Server 12c with DockerGuatemala User Group
 
Cohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel PalstraCohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel PalstraDaniel Palstra
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the Worlddamovsky
 
Docker and Microservice
Docker and MicroserviceDocker and Microservice
Docker and MicroserviceSamuel Chow
 
14309525_docker_docker_docker_docker_introduction.ppt
14309525_docker_docker_docker_docker_introduction.ppt14309525_docker_docker_docker_docker_introduction.ppt
14309525_docker_docker_docker_docker_introduction.pptaravym456
 
You, and Me, and Docker Makes Three
You, and Me, and Docker Makes ThreeYou, and Me, and Docker Makes Three
You, and Me, and Docker Makes ThreeChristopher Grayson
 
Docker - Hack Salem! - November 2014
Docker - Hack Salem! - November 2014Docker - Hack Salem! - November 2014
Docker - Hack Salem! - November 2014Charles Anderson
 
Containers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciContainers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciRajesh Kolla
 
Getting started with Docker
Getting started with DockerGetting started with Docker
Getting started with DockerRavindu Fernando
 
Michigan IT Symposium 2017 - Container BOF
Michigan IT Symposium 2017 - Container BOFMichigan IT Symposium 2017 - Container BOF
Michigan IT Symposium 2017 - Container BOFJeffrey Sica
 
Docker at Djangocon 2013 | Talk by Ken Cochrane
Docker at Djangocon 2013 | Talk by Ken CochraneDocker at Djangocon 2013 | Talk by Ken Cochrane
Docker at Djangocon 2013 | Talk by Ken CochranedotCloud
 
Virtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management servicesVirtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management servicesabhishek chawla
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaRoman Dembitsky
 

Similar to Docker in the Oracle Universe / WebLogic 12c / OFM 12c (20)

Docker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSDocker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCS
 
Oracle WebLogic Server 12c with Docker
Oracle WebLogic Server 12c with DockerOracle WebLogic Server 12c with Docker
Oracle WebLogic Server 12c with Docker
 
Cohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel PalstraCohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel Palstra
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the World
 
Docker and Microservice
Docker and MicroserviceDocker and Microservice
Docker and Microservice
 
Developer workflow with docker
Developer workflow with dockerDeveloper workflow with docker
Developer workflow with docker
 
Docker.pptx
Docker.pptxDocker.pptx
Docker.pptx
 
14309525_docker_docker_docker_docker_introduction.ppt
14309525_docker_docker_docker_docker_introduction.ppt14309525_docker_docker_docker_docker_introduction.ppt
14309525_docker_docker_docker_docker_introduction.ppt
 
You, and Me, and Docker Makes Three
You, and Me, and Docker Makes ThreeYou, and Me, and Docker Makes Three
You, and Me, and Docker Makes Three
 
Docker - Hack Salem! - November 2014
Docker - Hack Salem! - November 2014Docker - Hack Salem! - November 2014
Docker - Hack Salem! - November 2014
 
Docker in real life
Docker in real lifeDocker in real life
Docker in real life
 
Docker
DockerDocker
Docker
 
Docker
DockerDocker
Docker
 
Containers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciContainers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aci
 
Getting started with Docker
Getting started with DockerGetting started with Docker
Getting started with Docker
 
Michigan IT Symposium 2017 - Container BOF
Michigan IT Symposium 2017 - Container BOFMichigan IT Symposium 2017 - Container BOF
Michigan IT Symposium 2017 - Container BOF
 
Django and Docker
Django and DockerDjango and Docker
Django and Docker
 
Docker at Djangocon 2013 | Talk by Ken Cochrane
Docker at Djangocon 2013 | Talk by Ken CochraneDocker at Djangocon 2013 | Talk by Ken Cochrane
Docker at Djangocon 2013 | Talk by Ken Cochrane
 
Virtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management servicesVirtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management services
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 Barcelona
 

More from Frank Munz

Serverless Presentation from Devoxx 2017 Casablanca (AWS Lambda / FaaS / Fn ...
Serverless Presentation from Devoxx 2017 Casablanca  (AWS Lambda / FaaS / Fn ...Serverless Presentation from Devoxx 2017 Casablanca  (AWS Lambda / FaaS / Fn ...
Serverless Presentation from Devoxx 2017 Casablanca (AWS Lambda / FaaS / Fn ...Frank Munz
 
Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...
Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...
Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...Frank Munz
 
Serverless / FaaS / Lambda and how it relates to Microservices
Serverless / FaaS / Lambda and how it relates to MicroservicesServerless / FaaS / Lambda and how it relates to Microservices
Serverless / FaaS / Lambda and how it relates to MicroservicesFrank Munz
 
Oracle Service Bus 12c (12.2.1) What You Always Wanted to Know
Oracle Service Bus 12c (12.2.1) What You Always Wanted to KnowOracle Service Bus 12c (12.2.1) What You Always Wanted to Know
Oracle Service Bus 12c (12.2.1) What You Always Wanted to KnowFrank Munz
 
What You Should Know About WebLogic Server 12c (12.2.1.2) #oow2015 #otntour2...
What You Should Know About WebLogic Server 12c (12.2.1.2)  #oow2015 #otntour2...What You Should Know About WebLogic Server 12c (12.2.1.2)  #oow2015 #otntour2...
What You Should Know About WebLogic Server 12c (12.2.1.2) #oow2015 #otntour2...Frank Munz
 
12 Things About WebLogic 12.1.3 #oow2014 #otnla15
12 Things About WebLogic 12.1.3 #oow2014 #otnla1512 Things About WebLogic 12.1.3 #oow2014 #otnla15
12 Things About WebLogic 12.1.3 #oow2014 #otnla15Frank Munz
 
WebLogic JMX for DevOps
WebLogic JMX for DevOpsWebLogic JMX for DevOps
WebLogic JMX for DevOpsFrank Munz
 
Oracle Service Bus (OSB) for the Busy IT Professonial
Oracle Service Bus (OSB) for the Busy IT Professonial Oracle Service Bus (OSB) for the Busy IT Professonial
Oracle Service Bus (OSB) for the Busy IT Professonial Frank Munz
 

More from Frank Munz (8)

Serverless Presentation from Devoxx 2017 Casablanca (AWS Lambda / FaaS / Fn ...
Serverless Presentation from Devoxx 2017 Casablanca  (AWS Lambda / FaaS / Fn ...Serverless Presentation from Devoxx 2017 Casablanca  (AWS Lambda / FaaS / Fn ...
Serverless Presentation from Devoxx 2017 Casablanca (AWS Lambda / FaaS / Fn ...
 
Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...
Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...
Java One 2017: Open Source Big Data in the Cloud: Hadoop, M/R, Hive, Spark an...
 
Serverless / FaaS / Lambda and how it relates to Microservices
Serverless / FaaS / Lambda and how it relates to MicroservicesServerless / FaaS / Lambda and how it relates to Microservices
Serverless / FaaS / Lambda and how it relates to Microservices
 
Oracle Service Bus 12c (12.2.1) What You Always Wanted to Know
Oracle Service Bus 12c (12.2.1) What You Always Wanted to KnowOracle Service Bus 12c (12.2.1) What You Always Wanted to Know
Oracle Service Bus 12c (12.2.1) What You Always Wanted to Know
 
What You Should Know About WebLogic Server 12c (12.2.1.2) #oow2015 #otntour2...
What You Should Know About WebLogic Server 12c (12.2.1.2)  #oow2015 #otntour2...What You Should Know About WebLogic Server 12c (12.2.1.2)  #oow2015 #otntour2...
What You Should Know About WebLogic Server 12c (12.2.1.2) #oow2015 #otntour2...
 
12 Things About WebLogic 12.1.3 #oow2014 #otnla15
12 Things About WebLogic 12.1.3 #oow2014 #otnla1512 Things About WebLogic 12.1.3 #oow2014 #otnla15
12 Things About WebLogic 12.1.3 #oow2014 #otnla15
 
WebLogic JMX for DevOps
WebLogic JMX for DevOpsWebLogic JMX for DevOps
WebLogic JMX for DevOps
 
Oracle Service Bus (OSB) for the Busy IT Professonial
Oracle Service Bus (OSB) for the Busy IT Professonial Oracle Service Bus (OSB) for the Busy IT Professonial
Oracle Service Bus (OSB) for the Busy IT Professonial
 

Recently uploaded

Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKUXDXConf
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxAbida Shariff
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIES VE
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCzechDreamin
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaRTTS
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1DianaGray10
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka DoktorováCzechDreamin
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureFemke de Vroome
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Julian Hyde
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfChristopherTHyatt
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
 
Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Boni Yeamin
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationZilliz
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxJennifer Lim
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupCatarinaPereira64715
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsStefano
 

Recently uploaded (20)

Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 

Docker in the Oracle Universe / WebLogic 12c / OFM 12c

  • 1. munz & more Docker In the ORACLE Universe OTN Tour APAC / South America / 2016 Dr. Frank Munz
  • 2. 2 •Frank Munz •Founded munz & more in 2007 •15 years Oracle Middleware, Cloud, and Distributed Computing •Consulting and High-End Training •Wrote two Oracle and one Cloud book
  • 7. Docker • Open Source (evolving), written in Go • Container technology • Portable standard • Runs on Linux (Microsoft, MacOS, Solaris) Google starts 2.000.000.000 containers per week!
  • 8. Virtualization vs. Isolation munz & more #8 Linux + Docker Hardware a.war Docker container in Linux with own FS, network stack / IP address, process space and resource limits -> Isolation Hardware OVM / VmWare ESX / Xen Application 1 Solaris Application 2 Linux Application 3 Win Server Virtualization type 1 hypervisor = on bare metal Hardware Mac OS / Win Desktop Virtualization: type 2 hypervisor = with host OS ejb.jar y.jar x.py JDK WebLogic tools Jython VirtualBox Application1 Linux Application2 Win
  • 9. Docker munz & more #9 Linux + Docker Hardware a.war ejb.jar y.jar x.py JDK WebLogic tools Jython Docker is not a lightweight VirtualBox - it's about isolation. Containers run on Linux kernel of host -> Containers are visible on host
  • 10. Docker Images • Package format • Layered incremental, copy on write file system • “Application with all dependencies” • Create image yourself or get it from Docker Hub docker images munz & more #10 Example Layers: - WLS Domain - WebLogic - Java - Base Image
  • 11. Docker Container • Isolated runtime of Docker image • Starts up in milliseconds • Sandboxing uses Linux namespaces and cgroups (RAM, CPU, filesystem) -> isolated part of your Linux • Open Container Standard / Linux Foundation docker run -d –p 3333:9999 fmunz/micro munz & more #11
  • 12. Solves the “Worked For Me!” issue munz & more #12 OS tools, JDK, patches, database driver, libs, appserver, domain, deployment, tools, scripts Docker OS utils, JDK, patches, database driver, libs, appserver, domain, deployment, tools, scripts Integration, Performance, Acceptance Testing Production dockerize it! You can pass environment variables for specific settings e.g. in prod Docker Registry
  • 13. And Now Automate • Build Docker images for testing in continuous delivery pipeline • Use Jenkins / Hudson hooks or a maven plugin to create / start / stop /delete Docker containers munz & more #13
  • 14. … automate, automate, automate Various maven plugins available, e.g. R. Huss (Jolokia REST-JMX bridge): https://github.com/rhuss/docker-maven-plugin munz & more #14
  • 15. Dockerfile Manually create container with docker buildDockerfile Docker Image Automatic build +
  • 16. Dockerfile munz & more #16 Manually create container: docker build –t name .
  • 18. Registry Public Hosted registry: • Docker image is not found? pulled from registry • Push your image to registry docker push yourname/newimage • Free account includes 1 private registry Private On Premise Registry: containerized registry for download with fs and optional in-memory, S3, or Azure data store munz & more #18
  • 19. what could be your biggest nightmare: unknown and unofficial images (>14000) Docker Registry
  • 20. Automated Builds • Automatically build your images: GitHub account with Dockerfile • Registry uses GitHub directory structure as build context • Image is uploaded automatically to Docker hub -> Trust, up to date, and transparent
  • 22. Docker in the Cloud? Supported by every major cloud provider: munz & more #22 On premise -> all clouds Docker Registry Docker Container Service EC2 Container Service Google Container Engine Azure Container Service Bluemix Containers
  • 23. Oracle Cloud and Docker Oracle Container Cloud Service (announced) • You can run your Docker containers and orchestrate them • This will work with a public registry Application Container Cloud Service • Uses Docker containers to run your Java or JavaScript application Compute Cloud Service • Manually run your containers munz & more #23
  • 24. munz & more #24
  • 25. OCCS Preview @ OOW 2016 munz & more #25
  • 26. OCCS @ OOW 2016 We run the first public Docker image (mine!) on OCCS at OOW 2016. munz & more #26
  • 27. munz & more #27
  • 28. demo?
  • 29. Small Images / Microservices You can have a real service in ... Possible Options: busybox and static binary munz & more #29
  • 30. Simple Life Inside Container munz & more #30 processes FS mounts
  • 32. $ docker run -d –p 8080:9999 fmunz/micro
  • 33. vs.
  • 34. Mistery Box A stranger gives you a box at night and asks you to connect it to your company network. Would you do it?
  • 35. Suggestions • Use trusted images / with known Dockerfile • Kernel features are well established – cgroups (2006, merged into 2.6.24 kernel) – namespaces (initial kernel patch 2.4.19) • Docker can use TLS (client to daemon) • Docker images can be signed • Think (twice) about pulling images from public repos / Docker hub munz & more #35
  • 36. FUD "Docker is like chroot() on steroids." Yes: It's easy to escape chroot() environment No: Docker does not use chroot() -> it uses namespaces munz & more #36
  • 37. Linux Capabilities • Privileged container: like having root on host • Capabilities -> Break down power of root • Examine PID 1 capabilities with getpcaps: munz & more #37
  • 38. "Containers don't contain!" Quote by D. Walsh, Mr. SE Linux <- !! SELinux = what a process is able to do based on rules. Enforcement: containerProcessType can only read/exec /user files and only write to containerFilesType munz & more #38 A really bad idea: setenforce 0
  • 39. … more Suggestions • Drop privileges as quickly as possible • Treat root in container as root outside (although it isn't) • No secrets in images • Combine Docker with SELinux, AppArmor and / or virtualization • Host can always access container Note: Public PaaS do not simply spin up Docker containers! munz & more #39
  • 40. Cheat Sheet munz & more Source: Container-Solutions.com
  • 41. Conclusion • You have to deal with Docker security depending on your use case • Note: Public PaaS are not just spinning up Docker containers they use SELinux, VMs,… • Docker is not a risk per se but new technology with different challenges. munz & more #41
  • 44. Docker Style • Independent appserver in container • Microservices style architecture • Just add your favorite Docker cluster manager munz & more #44 OS tools, JDK, database driver, libs, appserver, single / selfcontained domain, deployment, tools, scripts
  • 45. JDK, WLS, Domain createServer.sh: creates machine/NM, starts NM, creates manServ, starts manServ Links (OLD): WebLogic Example munz & more #45 $docker run -d --link wlsadmin:wlsadmin fmdom1 createServer.sh $docker run -d -p 8001:8001 --name=wlsadmin fmdom1 startWebLogic.sh JDK, WLS, Domain startWebLogic.sh starts AdminServer wlsadmin JDK, WLS, Domain createServer.sh: creates machine/NM, starts NM, creates manServ, starts manServ connect to admin due to --link: /etc/hosts 172.17.1.99 wlsadmin 31a1baaf OLD STYLE! Use Networks now…port 8001 IP:port 7001 Managed Servers --link
  • 47. Oracle Product in Docker Official Support? GlassFish MySQL yes NoSQL OpenJDK Oracle Linux yes OracleCoherence yes OracleDatabase Dockerfile avail OracleHTTPServer yes OracleJDK yes OracleTuxedo yes OracleWebLogic yes #47^ Oracle support does not require you to use the provided Docker files!
  • 49. WebLogic: What Do You Get? • NOT WebLogic from Docker registry • NO automatic build via github • Github repo with scripts to set up WebLogic on Oracle Linux in Docker • Generic distribution • Docker is a supported environment for WebLogic 12.1.3+ munz & more #49
  • 50. Just Drop Server JRE and WLS Installer munz & more #50 $ cd java-8 $ docker build -t oracle/jdk:8 . Sending build context to Docker daemon 4.096 kB Step 1 : FROM oraclelinux:latest latest: Pulling from library/oraclelinux 10ec637c060c: Downloading 4.865 MB/97.84 MB ... $ sh buildDockerImage.sh -g -v 12.2.1.1 ...
  • 51. Dockerfile $docker build -t wls:latest . Dockerfile and Scripts (from Oracle github) WebLogic Docker Image (no domain)
  • 52. Extend the WLS-only image Sample script provided: • Dockerfile to extend WLS image • Run WLST script to create domain • Create boot.properties • Expose NM, Server ports munz & more #52 Linux Base Image JDK Image WebLogic Image WLS Domain Image
  • 53. Docker Compose munz & more #53 docker-compose.yml With –f you can have multiple Docker Compose YAML files
  • 55. Networking: Facts to Know • Docker --link only works on single host -> regarded as deprecated now • Networking supported since Docker 1.9 • SDN network that spans hosts: Libnetwork implements Container Networking Model (CNM): Endpoint / Network / Sandbox munz & more #55
  • 57. munz & more #57 OracleWebLogic/samples/1221-multihost:
  • 59. Setup Swarm and Machine 1. Create Swarm ID 2. Create Machine with Swarm master 3. Create Machine with Swarm agent01 / 02 4. Set Docker env for Swarm master munz & more #59
  • 60. Docker Swarm • Native Docker cluster -> same API as a single engine • Fast provisioning, about 500 msec • Scheduling Algo: spread, binpack, rand • Features are optional, you can continue use Kubernetes etc. • There is NO insecure mode J munz & more #60
  • 61. Docker Swarm Since Docker 1.12 • Swarm is merged with Docker engine: – Load balancer included – Service discovery – Cluster scheduler • Swarm has many features like Google's Kubernetes - easier to get started munz & more #61
  • 62. Docker Machine • Provision Docker in VirtualBox, Vmware, GCE, AWS, DigitalOcean etc. docker-machine create -d=virtualbox default • Mac OS's boot2docker is replaced by Docker Machine, which again is replaced by native Docker on Mac now munz & more #62
  • 63. Updates Images? You could use Docker copy command – yet it’s not hip in the cloud to update. Just rebuild the container. munz & more #63 “Servers are cattle. Not pets.” -> immutable server
  • 64. My Predictions • Swarm will take its share from Kubernetes. • You will not dockerize 90% of your enterprise IT in the next 18 months. • Docker is the new Linux. Be ready to experience that feeling we had with Linux 13 years ago J munz & more #64
  • 65. Conclusion • Docker is ready for prime time! • Docker itself, but more so cluster managers are still evolving • Docker is not a security risk, but make sure to tick off the security checklist • Oracle caught the trend early – good! • Many products supported, more to come? munz & more #65
  • 67. munz & more #67 Good Docker book by J. Turnbull (covering Docker 1.12)
  • 69. tweet to win! #otntour AND @soacommunity @frankmunz +picture?