Successfully reported this slideshow.
Your SlideShare is downloading. ×


Loading in …3

Check these out next

1 of 43 Ad

More Related Content

Slideshows for you (20)


Similar to codemotion-docker-2014 (20)


Recently uploaded (20)


  1. 1. MILAN november 28th/29th 2014 Carlo Bonamico Why everyone is excited about Docker (and you should too...) - NIS s.r.l. – Genova Java User Group Twitter: @carlobonamico
  2. 2. Didn't you hear these at least once?  Can you deploy my application? It's for Linux...  Yes, but which distribution? release? patch?  Why the deploy failed? Didn't you test the app?  Yes, but the production environment is slightly different  The new version is having some issues, can you rollback to the previous one, please?  Yes, but it will take some hours – if John hasn't already gone home – in that case he'll do it on monday  Can you debug this production problem?  Yes, but I need an hosted DEV environment as I can't run all the needed VMs on my laptop
  3. 3. In the beginning...  We moved from physical server to VMs  performance and resource usage issues  Got more security and hardware independence  but creating a VM still takes time  Some hosting / cloud providers took advantage of kernel-level virtualization  LXC  OpenVZ  But out-of-reach of the common man Dev  Try setting up LXC...
  4. 4. Then in 2013 (please fake drum roll)  Solomon Hykes (@solomonstre) started Docker as an internal project within hosting  to make Linux Containers an order of magnitude easier  and more powerful, too  Open Sourced in March 2013  in a week, it went to the top projects on GitHub   A catalyst for innovative work on containers  shortly, several other key projects converged
  5. 5. Fast Forward to mid-2014  Major Open Source project with contributions from all the big names in IT  Google, RedHat, OpenShift, Ubuntu ...  DotCloud → Docker Inc.   All cloud big and small names are in a rush to provide Docker hosting  Amazon, CloudFoundry, Linode, Digital Ocean…  and Microsoft !  both for Azure and soon for the new Windows Server...
  6. 6. But why should I join the party?  In short, Docker makes creating  Development  Test  and Production  environments an order of magnitude  simpler  faster  and completely portable  across both local and cloud infrastructure
  7. 7. Docker hello world...  What's happening here? user@laptop:~$ docker pull ubuntu:14.04.1 user@laptop:~$ docker run ubuntu:14.04.1 echo "Hello World" Hello World  And here? user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@d1fa8fcb4518:/# python bash: python: command not found root@d1fa8fcb4518:/#
  8. 8. Behind the scenes...  I run the docker cli (Command Line Interface ) user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash  the CLI connects to docker daemon by REST API,  which asks the Linux kernel to create a new container d1fa8fcb4518  and runs /bin/bash in it, so root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media ...  lists the filesystem of the container (!= from host OS) root@d1fa8fcb4518:/# python bash: python: command not found
  9. 9. So what's inside Docker?  Isolation layer based on kernel namespaces  separate process trees, network, user IDs and mounted file systems  Resource isolation through cgroups  CPU, memory, block I/O and network  Standard interface through libcontainer  based on libvirt, LXC and systemd-nspawn  And more...
  10. 10. How are data & containers stored?  AUFS Another Union Filesystem  possibly other snapshotting fs (zfs) / block device (LVM)  Layered approach  rootfs → kernel layer  bootfs → a Linux distribution  emacs  apache  application  Copy-on-Write approach – à la subversion (SVN)
  11. 11. Containers, Images and Index  A Container is a running instance  can run 100-1000 containers per host  An Image is a static snapshot  in turn based on a series of layers  unique hash for each layer, so  Images are basically versioned (think git)  can be tagged ubuntu:14.04.1  can be updated by applying layer deltas  Images can be stored in an Index  local and remote indexes (think maven / npm repos)
  12. 12. So a container is like a lighter/better Virtual Machine? Well...
  13. 13. VM vs Container  A Virtual Machine  needs an hypervisor  and a full OS inside  Bigger footprint  RAM needed  Storage space  Tend to be slower  2 filesystems, 2 OSes  Strong resource management  A Container  talks to the host kernel  Smaller footprint  no RAM needed for Guest OS  differential storage  Tend to be faster  direct CPU access  Less sophisticated resource management
  14. 14. VM vs Container
  15. 15. Great! but tell me about security  Are containers less secure than Vms?  the answer is nuanced...   Can I use Docker in Production?  Sure! many Internet companies trust it  But a container still needs good System Administration & InfoSec practices!  limiting privileges, avoiding unsecure defaults, etc... ­linux­conta iners­lxc­and­security ­security­s elinux Avoid This!
  16. 16. Docker workflow
  17. 17. Start with a dockerfile  Define an image for running Tomcat 7  inspired by FROM java:7­jre RUN groupadd ­r tomcat && useradd ­r ­­create­home ­g tomcat tomcat ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH RUN mkdir ­p "$CATALINA_HOME" && chown tomcat:tomcat "$CATALINA_HOME" WORKDIR $CATALINA_HOME USER tomcat ENV TOMCAT_MAJOR 7 ENV TOMCAT_VERSION 7.0.57
  18. 18. Dockerfiles - continued ENV TOMCAT_TGZ_URL­$ TOMCAT_MAJ OR/v$TOMCAT_VERSION/bin/apache­tomcat­$ TOMCAT_VERSION .tar.gz RUN curl ­SL "$TOMCAT_TGZ_URL" ­o tomcat.tar.gz && curl ­SL "$TOMCAT_TGZ_URL.asc" ­o tomcat.tar.gz.asc && tar ­xvf tomcat.tar.gz ­­strip­components= 1 && rm bin/*.bat && rm tomcat.tar.gz* EXPOSE 8080 CMD ["", "run"]  Public repo of Dockerfiles, with automatic build 
  19. 19. Building an image  Build the image from the Dockerfile docker build .  You can then do further edits, then docker build .  And archive the image locally docker commit 38b73dfecc3c docker­simple­samples­web  And tag it docker tag 47432ccfea81 docker­simple­samples­web: 1.0  List local images docker images
  20. 20. Starting a container  Start a container interactively docker run ­i ­t docker­simple­samples­web /bin/bash  Start a container as a daemon  using defaul entrypoint docker run ­d docker­simple­samples­web: 1.0  Check running containers docker ps  And stopping it  docker stop <<id>>  Check also stopped containers docker ps ­a
  21. 21. Attaching to a running container  Using nsenter docker inspect ­­format "{{ .State.Pid }}" determined_bardeen nsenter ­­target $PID ­­mount ­­uts ­­ipc ­­net ­­pid
  22. 22. Storing and Sharing data  Creating a Container to host a data Volume #Dockerfile FROM busybox VOLUME /var/lib/mysql CMD /bin/sh  Create the Image docker build ­­tag carlobonamico/datastore  Create the Container docker run ­d ­name pgsql_data ­v /var/lib/pgsql/ carlobonamico/datastore  Attach the volume to another container docker run ­d ­volumes­from pgsql_data cb/postgres­db
  23. 23. Publishing  To the Central Registry docker push carlobonamico/docker­simple­samples­web  need a free account on  Tag and publish to a private repository  docker tag 8dbd9e392a96 my­local­repo: 5000/docker­simple­samples­web  You need ­registry
  24. 24. Deploy to the cloud  On cloud server docker pull carlobonamico/docker­simple­samples­web: 2  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2  Upgrade it docker pull carlobonamico/docker­s... ­samples­web: 2.1  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2.1  Rollback to previous version docker run ­d carlobonamico/docker­s... ­samples­web: 2
  25. 25. So what do I get?  If I am a Dev  recreate complex environments on a laptop  If I am a Tester  easy to recreate applications deployments and data  If I am an Ops person  less configuration effort  more standardization  In general  lots of pre-packaged components   quickly deploy (groups of) packages  even multiple versions at the same time But many other benefits to come...
  26. 26. Docker and DevOps DevOps is a software development method that stresses communication, collaboration and integration between software developers and IT professionals, as a response to the interdependence of Dev and Ops.   Docker gives a common, seamless collaboration model and workflow between Dev and Ops  clearer separation of responsibilities  Docker and DevOps by Gene Kim 
  27. 27. Docker helps Continuous Delivery Continuous Delivery of value to users through a constant flow of incremental product/service improvements along the entire pipeline Idea → Implementation → Test → Deploy → Prod  4 Practices of Continuous Delivery (from the book)  Build binaries only once  package them in containers  Same mechanism to deploy to every environment  and move the containers across environments  Smoke test your deployment, & If anything fails, stop the line!
  28. 28. Docker helps with CD's 8 principles  Releasing/deploying MUST be repeatable and reliable  containers  Automate everything!  docker is fully scriptable and has an API  If somethings difficult or painful, do it more often  containers are quick to deploy many times a day  Keep everything in source control  including dockerfiles!  Done means “released”  it's containers all the way to production  Build quality in!  containers support frequent and realistic testing  Everybody has responsibility for the release process  see DevOps slide...  Improve continuously
  29. 29. What do I put in a Docker image?  The traditional Way  VM-like approach  SSH, init.d  several apps in the same container    Useful in the transition phase or to run existing SW  The Docker Way  run a service per container  purists say a single process per container!
  30. 30. From a single container
  31. 31. To many containers  Two key drivers  Scalability  Microservices
  32. 32. Microservices Instead of big, monolitic, black-hole-like single app implement a network of collaborating simple services “a bit like SOA, but done right”  Componentization via Services  Organized around Business Capabilities  Products not Projects  Smart endpoints and dumb pipes  Decentralized Governance  Decentralized Data Management  Infrastructure Automation  Design for failure  Evolutionary Design It looks like Docker is a perfect match!
  33. 33. SOLID Design Principles  Apply @unclebobmartin S.O.L.I.D. principles to entire architecture  Separation of Concerns → microservices  Open for extension, Closed for modification → Immutable Infrastructure  never “change” a container: add a new one with the new version then discard the old one ­infrastructure/  Liskov Substitution Principle → APIs, service contracts  Interface Segregation Principle → micro-APIs  Dependency Inversion Principle → container linking
  34. 34. Linking containers  Run a DB  and give it a name docker run ­d ­­name db postgres:9.3.5  Run a Web server docker rm ­f carlobonamico/web  does not see the db  Run a Web Server linked to the DB  with automatic local dns alias registration docker run ­d ­P ­­link db:db carlobonamico/d­s­s­web
  35. 35. Principles of Package Design  How do I split functionality across Containers?  REP The Release Reuse Equivalency Principle  The granule of reuse is the granule of release  CCP The Common Closure Principle  Classes that change together are packaged together  CRP The Common Reuse Principle  Classes that are used together are packaged together  ADP The Acyclic Dependencies Principle  The dependency graph must have no cycles  SDP The Stable Dependencies Principle  Depend in the direction of stability  SAP The Stable Abstractions Principle  Abstractness increases with stability  Thank you again, Uncle Bob
  36. 36. Managing Development and Production clusters  Fig  create DEV environm.  fig.yml web: build: . command: catalina .sh run links: ­db ports: ­" 8000:8000" db: image: postgres  Then (think vagrant-up) fig up   open source  ooglecloudplatform/k ubernetes  manage prod clusters  use it on Google Compute Engine  or download on premises
  37. 37. Ansible and Docker  So I do not need a configuration management system anymore?  Well, you still need to  Create images  Manage the Docker host  Ansible to the rescue!
  38. 38. Ansible  Simple yet incredibly powerful Open Source configuration management and orchestration tool  Infrastructure as data  re­as­data­with­ansible­for­easier­continuous­deliver y  Ansible can support Docker in two ways   1) Manage the docker host with docker module  e.g. create a container running Tomcat docker: image=centos command="service tomcat6 start" ports=808
  39. 39. Building Images with Ansible  2) Copy and launch ansible playbook in Dockerfile ­and­buil ding­docker­with­ansible ­docker­presentati on  Use base image with ansible from FROM ansible/ubuntu14.04­ansible MAINTAINER yourname RUN git clone /tmp/myapp WORKDIR /tmp/myapp ADD inventory /etc/ansible/hosts RUN ansible­playbook myapp.yml ­c local EXPOSE 22 3000 ENTRYPOINT [“/home/app/tomcat/bin/ run”]
  40. 40. So, where do I start?  Try the samples ­simple­sample s  Great interactive tutorial at  ­prac tices/  Try Docker in the Cloud  with Koding ide ­is­docker/
  41. 41. References  Cloud architectures ­field­guide/   Microservices ­mucon   Distributions to put around and inside a container?   Docker and Windows ­and­microsoft­i ntegrating­docker­with­windows­server­and­microsoft­a zure
  42. 42. Thank you!  Other presentations   Follow me on Twitter  @carlobonamico  updates on Docker, Ansible, Continuous Delivery  and some AngularJS!  Contact me  /  My company 
  43. 43. Running on Mac/Windows  Boot2docker  A minimalistic VM – just SSH + docker   Download and launch the installer ­installer/ rele ases/latest  Launch docker Boot2Docker Start