What's New in Docker 1.12?

1. WHAT’S NEW IN DOCKER ENGINE 1.12? Presenter Name - Ajeet Singh Raina Presentation Date – July-9 2016 Presented at - Docker Meetup #21

2. ABOUT ME #Contribution: - Frequent Blogger – http://www.collabnix.com - Article Writing @ OSFY India - Dell Community ( Containerizing Dell Legacy Application) #Inside Dell: - Project Lead Engineer(Global Solution Engineering) - Worked in VMware, CGI , Dell R&D - Solaris Lead Engineer ( Wiki Moderator) • (t) - ajeetsraina • (f) - Docker Public Group Moderator #Reviewed Publications: • Puppet for Containerization • PowerCLI Cookbook #Technology : System Integration, Linux, Docker, Hadoop, Puppet in Dell HPC

3. • What’s New in Docker 1.12 Engine? (API objects) • Introducing SwarmKit Vs Swarm Mode (Overview) • Swarm Mode Deep-Dive(Orchestration, Self-healing, Self-Organizing, in-built failover) • Playing around Services (Desired State/Rolling Updates/Scaling) • Understanding Routing Mesh (Container Native Load-Balancing) • Demo AGENDA

4. WHAT’S NEW IN DOCKER ENGINE 1.12?

5. MAJOR FEATURE ENABLEMENTS Features Engine 1.11(and prior) Engine 1.12 Multi-host Networking & KV Store External KV store No External KV Store required (Swarm Mode) MACVLAN Experimental Out-of Experimental Secure Control Plane Insecure (Plain-text) Secure Secure Data Plane VXLAN was not encrypted by default(can be secured by --opt- secure) Encrypted VXLAN traffic( makes use of swarm certificates and key exchange) Load Balancing Load Balancing was featured under 1.10, based on only DNS RR Virtual IP Load-Balancing & DNS RR both supported(LB using IPVS) Service Discovery Available under 1.10 but based on external service discovery backend Service discovery now integrated into Docker Engine, Virtual IP for VIP Load-Balancing support. Swarm Mode Not Available Newly Introduced ( Optional Feature) Routing Mess Not Available Newly Introduced

6. WHAT’S NEW IN SWARM? Swarm Reboot in Docker 1.12 New Swarm APIs – $docker swarm --help $docker node --help $docker service --help Easy Swarm Management $docker swarm init $docker swarm join master:port New Docker Plumbing for Swarm Mode ~ Swarmkit Docker Swarm embedded into Docker Engine Service ~ First class citizen ~ Replication, Load Balancing & updates of Images New Service CLIs – $docker service # --help [create, inspect, remove, update] $docker service tasks --help New Node CLIs – $docker service # --help [accept, promote, demote, inspect, update, tasks, ls and rm ] New Stack & Deploy CLIs – [ Experimental]

7. SWARMKIT – AN OVERVIEW An open source toolkit(plumbing) to build multinode systems Builds the cluster management and orchestration features embedded in the Docker Engine Employs the decentralized architecture rather than centralized(key-value store) Machines running SwarmKit can be grouped together in order to form a Swarm Once a machine joins, it becomes a Swarm Node.

8. SWARMKIT - FEATURES SwarmKit Desired State Reconciliation Replicated & Global Services Configuration Updates - Parallelism - Delay Restart Policies Scheduling Constraints Orchestration Resource Awareness Management Topology Node Security Mutual TLS Acceptance Policy Certification Rotation

9. Swarm mode is an optional feature. Swarm mode is enabled for the Engine by either initializing a swarm or joining an existing swarm. When you run Engine in swarm Mode, you orchestrate services . When you run Docker Engine outside the swarm mode, you basically execute container commands. Swarm Mode is NOT going to break the existing Swarm production environment. No external KV store needed Self Healing, Self-Organizing, No Single Point of Failure Swarm Mode

10. A BASIC SWARM ARCHITECTURE $ docker -H=tcp://192.168.33.10:2375 run -d -p 8500:8500 - h consul progrium/consul -server -bootstrap $ docker -H=tcp://192.168.33.11:2375 run -d -p 3375:2375 swarm manage consul://192.168.33.10:8500/ $docker -H=tcp://192.168.33.12:2375 run -d swarm join -- advertise=192.168.33.12:2375 consul://192.168.33.10:8500/ $ docker -H=tcp://192.168.33.13:2375 run -d swarm join --advertise=192.168.33.13:2375 consul://192.168.33.10:8500/

11. SWARM MODE – A GLIMPSE Swarm Manager Swarm Agent Swarm Agent c0-master c0-n1 c0-n2 TCP port 2377 for cluster management communications TCP and UDP port 7946 for communication in between nodes TCP and UDP port 4789 for overlay network traffic

12. @master1 SWARM MODE: INITIALIZING THE SWARM MODE $docker swarm init

13. @master1 SWARM MODE: ADDING THE FIRST WORKER NODE $docker swarm init @node1 $docker swarm join <IP address of Master>:2377

14. @master1 SWARM MODE: BUILDING THE CLUSTER $docker swarm init @node1 $docker swarm join <IP address of Master>:2377 @node2 @node3 @node4@node5 $docker swarm join <IP address of Master>:2377 $docker swarm join <IP address of Master>:2377 … …

15. SWARM MODE: UNDER THE HOOD Secure by default with End to End Encryption 1. $docker swarm init 2. A TLS root CA is created. 3. A keypair is issued for the first node, and signed by the root CA. 4. All the joining nodes also receive the root CA public key and certificate 5. The node keys and certificates are automatically renewed on regular intervals (by default, 90 days) 6. Tunable with docker swarm update). 7. External CA Integration Supported

16. @master1 SWARM MODE: ACCEPTANCE POLICY $docker swarm init $docker swarm update - - auto-accept none –secret <password> @node1 $docker swarm join <IP address of Master>:2377 @node2 @node3 @node4 @node5

17. @master1 SWARM MODE: ACCEPTANCE POLICY $docker swarm update - - auto-accept none –secret <password> $docker swarm accept <node5> @node1 $docker swarm join <IP address of Master>:2377 @node2 @node3 @node4 @node6 $docker swarm join <IP address of Master>:2377

18. @master1 SWARM MODE: ACCEPTANCE POLICY $docker swarm update - - auto-accept none –secret <password> $docker swarm accept <node5> @node1 $docker swarm join <IP address of Master>:2377 @node2 @node3 @node4 @node5 $docker swarm join <IP address of Master>:2377

19. SWARM MODE: CREATING THE FIRST SERVICE $docker network create –d overlay mynetwork $docker service create - -name mycloud - -replicas 4 - -network mynetwork - -publish 80:80/tcp dockercloud/hello-world

20. SWARM MODE: CREATING THE FIRST SERVICE mycloud mycloud.1 mycloud.4 mycloud.2 mycloud.3 mycloud:latest container mycloud:latest container mycloud:latest container mycloud:latest container Service Tasks Containers

21. @master1 SWARM MODE: SCALING @node1 @node2 @node3 @node4@node5 mynetwork $docker service scale mycloud=10

22. SWARM MODE– NODE FAILURE $docker service scale mycloud=20

23. SWARM MODE– DESIRED STATE ACTUAL STATE $docker service scale mycloud=20

24. SWARM MODE – CONVERGED BACK TO DESIRED STATE $docker service scale mycloud=20

25. SWARM MODE: GLOBAL SERVICES $docker service create –mode=global –name mycloud dockercloud/hello-world

26. SWARM MODE – CONSTRAINTS $docker service create - -name mycloud - -replicas 4 - -network mynetwork - -publish 80:80/tcp --constraint com.example.storage=“ssd” dockercloud/hello-world

27. SWARM MODE – ROUTING MESS

28. SWARM MODE – INGRESS NETWORKING

29. DEMO TIME

What's New in Docker 1.12?

You are reading a preview.

Check these out next

What's New in Docker 1.12?

More Related Content

Slideshows for you (20)

Viewers also liked (20)

Similar to What's New in Docker 1.12? (20)

More from Ajeet Singh Raina (20)

Recently uploaded (20)