Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Container as a Service with Docker
Patrick Chanezon, Docker Inc.
@chanezon
French
Polyglot
Platforms
Software Plumber
San Francisco
Developer Relations
@chanezon
1995 2015
“The future is already here — it's
just not very evenly distributed”
William Gibson, Neuromancer
Docker’s mission is to
build tools of mass innovation
Internet (hardware layer)
Servers Desktops Phones Cars Houses Drones
Network
equipment
Public
transit
TVs
Industrial
facil...
Internet (hardware layer)
Servers Desktops Phones Cars Houses Drones
Network
equipment
Public
transit
TVs
Industrial
facil...
Cloud Market
PublicHybridPrivate
IT Pros Devops DevelopersArchitects
Linux Container Ecosystem
flockerglusterfs
weavecalicomidokuracisconuage
Cloud
OS
Plugins
Orchestration
Devops
25
Mainframe
Client-Server
26
27
Web
28
Cloud - Devops
25
Mainframe
Devops
• Cultural movement
• Inspired by agile methods
• People, Processes & Tools
• Continuous delivery
• Infrastructure ...
Devops: singing Kumbaya?
Low MTBIAMSH
MTBIAMSH (Mean Time Between Idea And Making Stuff Happen)
Devops + Agility == $$
Docker
Isolation using Linux kernel features
namespaces
 pid
 mnt
 net
 uts
 ipc
 user
cgroups
 memory
 cpu
 blkio
 dev...
Image layers
Docker Mission
Docker for developers
https://registry.hub.docker.com/_/java/
docker-compose: running multiple containers
 Run your stack with one command: docker-compose up
 Describe your stack wit...
Docker for Mac and Windows private beta
https://beta.docker.com/
default
DOCKER_HOST=tcp://xxx.xxx.xxx.xxx:2376
DOCKER_MACHINE_NAME=default
DOCKER_TLS_VERIFY=1
DOCKER_CERT_PATH=$HOME/.doc...
unset ${!DOCKER_*}
docker.local
symlink /var/tmp/docker.sock
manages
Docker for Mac
unset ${!DOCKER_*}
docker.local
symlink /var/tmp/docker.sock
manages
default
IP xxx.xxx.xxx.xxx
manages
DOCKER_HOST=tcp://...
Linux X11 Apps on Docker for Mac
https://github.com/chanezon/docker-tips/x11
docker-machine
docker-machine create -d azure 
—azure-subscription-id="c4f51be3-784c-xxx-7c50ad9e1b7c" 
--azure-subscripti...
Kitematic
Docker Mission
Docker Hub
Docker Hub
Dev & QA
ColleaguesDevelopers
QA
Build & Ship
Docker Trusted Registry
Docker Mission
Swarm
Scheduler plugins
Engine
Volumes plugins
Network plugins
Service discovery
plugins
Engine
Volumes plugins
Network pl...
Docker
CLI
Docker
CLI
Docker
CLI
Docker Engine
us-west us-east
Docker
CLI
Docker
CLI
Docker Swarm
Swarm
Swarm load balancing: interlock
https://github.com/ehazlett/interlock/tree/master/plugins/haproxy
51
Docker Datacenter
52
Docker Cloud
Open Standards
Plumbing
Notary
“Let’s stop using curl|sh”
Trusted collections for any content
Transport-agnostic
Reliable updates, proof of origin...
RunC
The universal container runtime
https://runc.io
containerd
A daemon to control runC
built for performance and density
http://containerd.tools/
containerd
Docker 1.11
Docker & Microsoft
Docker & Microsoft
• Build
• Docker Toolbox & Kitematic for Windows
• Docker for Windows beta
• Docker engine on Windows S...
Unikernels
Unikernel Systems + Docker
Unikernels
http://unikernel.org/
Unikernels
specialised, single-address-space machine images
constructed by using library operating systems.
• Smaller
• li...
Unikernels & Docker
http://unikernel.org/blog/2015/unikernels-meet-docker/
https://github.com/Unikernel-Systems/DockerConE...
Docker CaaS
The Docker mission
Build Ship Run
Anywhere
Distributed Applications
70
XaaS Pyramid
Platform As A Service
Infrastructure As A Service
Software
As A Service
5
Goldilocks and the 3 XaaS
Just rightToo highToo low
IaaS PaaS CaaS
5
Goldilocks and the 3 XaaS
Platform As A Service
Infrastructure As A Service
Software
As A Service
Too high
Too low
Just ...
5
Goldilocks and the 3 XaaS
Container As A Service
Infrastructure As A Service
Software
As A Service
Docker Containers as a Service (CaaS)
An IT managed and secure application content and infrastructure
where developers can...
The Docker Journey: The Power of AND
78
Manage and secure
at scale
Frictionless
movement
Innovation at
speed
+ +Agility Po...
Docker survey 2016 - Enabling the Software Supply Chain
79
Lessons learned: Avoid these pitfalls
1
2
3
Developers don’t adopt locked down systems
Existing “end to end” solutions bre...
Let’s Play: Where’s Whaledo
in Google Container Engine?
$ docker build -t gcr.io/${PROJECT_ID}/hello-node .
$ gcloud docker push gcr.io/${PROJECT_ID}/...
in Kubernetes?
in EC2 Container Service?
$ ecs-cli up --keypair id_rsa --capability-iam 
—size 2 --instance-type t2.medium
create a compo...
in Red Hat?
$ ./openshift kube apply -c docker-registry-config.json
OpenShift relies on the concept of Builds to turn your...
in Red Hat?
https://blog.openshift.com/openshift-v3-deep-dive-docker-kubernetes/
in Pivotal Cloud Foundry?
$cf api --skip-ssl-validation api.bosh-lite.com
$cf auth admin admin
$cf create-org diego
$cf ta...
in Pivotal Cloud Foundry?
runC
Developers IT Operations
BUILD
Developer Workflows
SHIP
Secure Content & Collaboration
RUN
Deploy, Manage, Scale
Docker Ca...
Docker Containers as a Service platform
90
BUILD
Developer Workflows
SHIP
Registry Services
RUN
Management
Docker Toolbox ...
Characteristics of a CaaS
91
Any
Infrastructure
Any Operating
System
Any
Language
Any App
Architecture
Any
Application
Sta...
Docker accelerates modern app initiatives
Cloud
Microservices
80%
Docker is central to
cloud strategy
State of App develop...
Use Case: Decentralized CaaS for hybrid and multi cloud portability
Private datacenter for regulated apps
Central Portal
•...
Use Case: Centralized CaaS for transformation to DevOps and micro services
After
Authorization
App Registration
Session
Ma...
Demos
• Docker Swarm, Compose and networking
• docker 1.11
• swarm 1.1.0
• compose 1.6.0 with networking
• Run/Debug with STS ID...
Docker Universal Control Plane
https://github.com/chanezon/docker-tips/tree/master/azure-acs-ucp
Load balancing in UCP with Interlock
See "Reference Architecture: Service Discovery and Load Balancing with Docker Univers...
ucp-controller
Cloud LB
ucp-node-1 ucp-node-2
Cloud LB
etcd InterlockSwarm ucp-proxy nginx nginx
Configuration
Reconfigure...
THANK YOU
Let’s Dockerize a Neo4J App
https://github.com/neo4j-examples/movies-java-spring-data-neo4j-4
• Service Discovery
• https://github.com/gliderlabs/registrator
• https://github.com/hashicorp/consul-template
• https://g...
• IPVS, Andrey Sibiryov, http://www.slideshare.net/Docker/kernel-load-
balancing-for-docker-containers-using-ipvs
• DNS Se...
• Spring Boot, MongoDB, compose, swarm, networking
• https://github.com/joshlong/spring-doge
• https://github.com/chanezon...
• Docs
https://docs.docker.com/engine/userguide/networking/dockerne
tworks/
• Create a Swarm cluster with networking
https...
• Using Ansible with Docker Machine to Bootstrap Host Nodes
http://nathanleclaire.com/blog/2015/11/10/using-ansible-with-
...
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Docker Container As A Service - JAX 2016
Upcoming SlideShare
Loading in …5
×

Docker Container As A Service - JAX 2016

10,647 views

Published on

Docker Container As A Service
X11 Linux apps on mac in a container.
In container Java development with STS or Eclipse in a container.
Docker UCP and swarm load balancing with Interlock.

Published in: Software
  • Be the first to comment

Docker Container As A Service - JAX 2016

  1. 1. Container as a Service with Docker Patrick Chanezon, Docker Inc. @chanezon
  2. 2. French Polyglot Platforms Software Plumber San Francisco Developer Relations @chanezon
  3. 3. 1995 2015
  4. 4. “The future is already here — it's just not very evenly distributed” William Gibson, Neuromancer
  5. 5. Docker’s mission is to build tools of mass innovation
  6. 6. Internet (hardware layer) Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system Programmers Internet (software layer) App App App App App App App App App App App App App App App App App App App App App App App App App App App App
  7. 7. Internet (hardware layer) Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system Programmers App App App App App App App App App App App App App App App App App App App App App App App App App App App App a software layer to program the internet
  8. 8. Cloud Market PublicHybridPrivate IT Pros Devops DevelopersArchitects
  9. 9. Linux Container Ecosystem flockerglusterfs weavecalicomidokuracisconuage Cloud OS Plugins Orchestration
  10. 10. Devops
  11. 11. 25 Mainframe
  12. 12. Client-Server 26
  13. 13. 27 Web
  14. 14. 28 Cloud - Devops
  15. 15. 25 Mainframe
  16. 16. Devops • Cultural movement • Inspired by agile methods • People, Processes & Tools • Continuous delivery • Infrastructure as code • Cross silo collaboration • Small iterations • Feedback loop, measurement Image from Patrick Debois http://www.slideshare.net/jedi4ever/devops-the-war-is-over-if-you-want-it http://www.slideshare.net/jedi4ever/devopsdays-downundervfinal
  17. 17. Devops: singing Kumbaya?
  18. 18. Low MTBIAMSH MTBIAMSH (Mean Time Between Idea And Making Stuff Happen)
  19. 19. Devops + Agility == $$
  20. 20. Docker
  21. 21. Isolation using Linux kernel features namespaces  pid  mnt  net  uts  ipc  user cgroups  memory  cpu  blkio  devices
  22. 22. Image layers
  23. 23. Docker Mission
  24. 24. Docker for developers https://registry.hub.docker.com/_/java/
  25. 25. docker-compose: running multiple containers  Run your stack with one command: docker-compose up  Describe your stack with one file: docker-compose.yml web: build: . command: python app.py ports: - "5000:5000" volumes: - .:/code links: - redis:redis redis: image: redis
  26. 26. Docker for Mac and Windows private beta https://beta.docker.com/
  27. 27. default DOCKER_HOST=tcp://xxx.xxx.xxx.xxx:2376 DOCKER_MACHINE_NAME=default DOCKER_TLS_VERIFY=1 DOCKER_CERT_PATH=$HOME/.docker/machine/machines/default IP xxx.xxx.xxx.xxx manages Docker Toolbox
  28. 28. unset ${!DOCKER_*} docker.local symlink /var/tmp/docker.sock manages Docker for Mac
  29. 29. unset ${!DOCKER_*} docker.local symlink /var/tmp/docker.sock manages default IP xxx.xxx.xxx.xxx manages DOCKER_HOST=tcp://xxx.xxx.xxx.xxx:2376 DOCKER_MACHINE_NAME=default DOCKER_TLS_VERIFY=1 DOCKER_CERT_PATH=$HOME/.docker/machine/machines/default Docker for Mac and Toolbox
  30. 30. Linux X11 Apps on Docker for Mac https://github.com/chanezon/docker-tips/x11
  31. 31. docker-machine docker-machine create -d azure —azure-subscription-id="c4f51be3-784c-xxx-7c50ad9e1b7c" --azure-subscription-cert="/Users/pat/.ssh/docker-azure- cert.pem" --azure-location="East US" --azure-size=Small --azure-username="pat" pat-docker-machine-n
  32. 32. Kitematic
  33. 33. Docker Mission
  34. 34. Docker Hub
  35. 35. Docker Hub Dev & QA ColleaguesDevelopers QA Build & Ship
  36. 36. Docker Trusted Registry
  37. 37. Docker Mission
  38. 38. Swarm Scheduler plugins Engine Volumes plugins Network plugins Service discovery plugins Engine Volumes plugins Network plugins Service discovery plugins mesos flockerglusterfs weavecalico consuletcdzookeeper midokuraciscoazurenuagenetworks Docker Plugins Batteries included but removable
  39. 39. Docker CLI Docker CLI Docker CLI Docker Engine
  40. 40. us-west us-east Docker CLI Docker CLI Docker Swarm Swarm
  41. 41. Swarm load balancing: interlock https://github.com/ehazlett/interlock/tree/master/plugins/haproxy
  42. 42. 51 Docker Datacenter
  43. 43. 52 Docker Cloud
  44. 44. Open Standards
  45. 45. Plumbing
  46. 46. Notary “Let’s stop using curl|sh” Trusted collections for any content Transport-agnostic Reliable updates, proof of origin, resistant to untrusted transport, survivable key compromise Build on industry-leading standards and research
  47. 47. RunC The universal container runtime https://runc.io
  48. 48. containerd A daemon to control runC built for performance and density http://containerd.tools/
  49. 49. containerd
  50. 50. Docker 1.11
  51. 51. Docker & Microsoft
  52. 52. Docker & Microsoft • Build • Docker Toolbox & Kitematic for Windows • Docker for Windows beta • Docker engine on Windows Server 2016 TP4 • yo-docker to dockerize existing projects • Visual Studio Docker Tools • Ship • VSTS extension for Docker beta • Run • Azure Docker agent • ACS • Docker datacenter on Azure ARM template
  53. 53. Unikernels
  54. 54. Unikernel Systems + Docker
  55. 55. Unikernels http://unikernel.org/
  56. 56. Unikernels specialised, single-address-space machine images constructed by using library operating systems. • Smaller • link only the parts of the OS lib you need • Faster • fast boot • compiler can perform whole-system optimization • More secure • reduced attack surface
  57. 57. Unikernels & Docker http://unikernel.org/blog/2015/unikernels-meet-docker/ https://github.com/Unikernel-Systems/DockerConEU2015-demo
  58. 58. Docker CaaS
  59. 59. The Docker mission Build Ship Run Anywhere Distributed Applications 70
  60. 60. XaaS Pyramid Platform As A Service Infrastructure As A Service Software As A Service
  61. 61. 5 Goldilocks and the 3 XaaS Just rightToo highToo low IaaS PaaS CaaS
  62. 62. 5 Goldilocks and the 3 XaaS Platform As A Service Infrastructure As A Service Software As A Service Too high Too low Just right Container As A Service
  63. 63. 5 Goldilocks and the 3 XaaS Container As A Service Infrastructure As A Service Software As A Service
  64. 64. Docker Containers as a Service (CaaS) An IT managed and secure application content and infrastructure where developers can self service build and deploy applications
  65. 65. The Docker Journey: The Power of AND 78 Manage and secure at scale Frictionless movement Innovation at speed + +Agility Portability Control
  66. 66. Docker survey 2016 - Enabling the Software Supply Chain 79
  67. 67. Lessons learned: Avoid these pitfalls 1 2 3 Developers don’t adopt locked down systems Existing “end to end” solutions break the Docker experience Beware of lock-in and loss of portability 80
  68. 68. Let’s Play: Where’s Whaledo
  69. 69. in Google Container Engine? $ docker build -t gcr.io/${PROJECT_ID}/hello-node . $ gcloud docker push gcr.io/${PROJECT_ID}/hello-node $ gcloud container clusters create hello-world --num-nodes 1 --machine-type g1-small $ kubectl run hello-node -- image=gcr.io/${PROJECT_ID}/hello-node --port=8080 $ kubectl get services hello-node $ kubectl scale rc hello-node --replicas=3 https://cloud.google.com/container-engine/docs/tutorials/hello-node
  70. 70. in Kubernetes?
  71. 71. in EC2 Container Service? $ ecs-cli up --keypair id_rsa --capability-iam —size 2 --instance-type t2.medium create a compose file $ ecs-cli compose --file hello-world.yml up $ ecs-cli ps $ ecs-cli compose --file hello-world.yml scale 2 $ ecs-cli compose --file hello-world.yml service up http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_CLI_tutorial.html
  72. 72. in Red Hat? $ ./openshift kube apply -c docker-registry-config.json OpenShift relies on the concept of Builds to turn your application source into a runnable Docker image $ ./openshift kube create buildConfigs -c application- buildconfig.json $ curl -s -A "GitHub-Hookshot/github" -H "Content- Type:application/json" -H "X-Github-Event:push" -d @github- webhook-example.json http://localhost:8080/osapi/v1beta1/buildConfigHooks/build100/se cret101/github $ ./openshift kube process -c application-template.json | ./openshift kube apply -c - https://blog.openshift.com/openshift-v3-deep-dive-docker-kubernetes/
  73. 73. in Red Hat? https://blog.openshift.com/openshift-v3-deep-dive-docker-kubernetes/
  74. 74. in Pivotal Cloud Foundry? $cf api --skip-ssl-validation api.bosh-lite.com $cf auth admin admin $cf create-org diego $cf target -o diego $cf create-space diego $cf target -s diego $cf push my-app --no-start $cf start my-app https://github.com/cloudfoundry-incubator/diego-release
  75. 75. in Pivotal Cloud Foundry? runC
  76. 76. Developers IT Operations BUILD Developer Workflows SHIP Secure Content & Collaboration RUN Deploy, Manage, Scale Docker CaaS Platform
  77. 77. Docker Containers as a Service platform 90 BUILD Developer Workflows SHIP Registry Services RUN Management Docker Toolbox Docker Trusted Registry Docker Universal Control Plane Docker Cloud Docker Engine Ecosystem Plugins and Integrations
  78. 78. Characteristics of a CaaS 91 Any Infrastructure Any Operating System Any Language Any App Architecture Any Application Stage Developers + IT Ops The Power of AND Open APIs Broadest Ecosystem Support
  79. 79. Docker accelerates modern app initiatives Cloud Microservices 80% Docker is central to cloud strategy State of App development Survey: Q1 - 2016 3 out 4 Top initiatives revolve around applications 44% Looking to adopt DevOpsDevOps 92
  80. 80. Use Case: Decentralized CaaS for hybrid and multi cloud portability Private datacenter for regulated apps Central Portal • Provision resources • RBAC to VPC / datacenter • Trusted Registry hosted application templates Cloud for all other apps VPC 1 VPC2 App 1 App 2 App App 1 App 2 App Cloud Portability App Portability
  81. 81. Use Case: Centralized CaaS for transformation to DevOps and micro services After Authorization App Registration Session Management Marketplace Integration Logging …more Trusted RegistryApp Service App Service App A App B Auth …more App Reg Marketplace Logging Auth Session …more App Reg Logging Before App Teams App BAuth App Reg Marketplace Logging App Service Universal Control Plane App AAuth App Reg Marketplace Logging App Service App BAuth App Reg Marketplace Logging App Service App AAuth App Reg Marketplace Logging App Service Portability
  82. 82. Demos
  83. 83. • Docker Swarm, Compose and networking • docker 1.11 • swarm 1.1.0 • compose 1.6.0 with networking • Run/Debug with STS IDE in a container Spring Boot App using MongoDB https://github.com/joshlong/spring-doge https://github.com/chanezon/docker-tips/orchestration-networking https://github.com/chanezon/spring-doge
  84. 84. Docker Universal Control Plane https://github.com/chanezon/docker-tips/tree/master/azure-acs-ucp
  85. 85. Load balancing in UCP with Interlock See "Reference Architecture: Service Discovery and Load Balancing with Docker Universal Control Plane (UCP)"
  86. 86. ucp-controller Cloud LB ucp-node-1 ucp-node-2 Cloud LB etcd InterlockSwarm ucp-proxy nginx nginx Configuration Reconfigures myapp:314 myapp:42 myapp:1968 myapp.comdocker run myapp Load balancing in UCP with Interlock https://github.com/chanezon/docker-tips/orchestration-networking Interlock Events
  87. 87. THANK YOU
  88. 88. Let’s Dockerize a Neo4J App https://github.com/neo4j-examples/movies-java-spring-data-neo4j-4
  89. 89. • Service Discovery • https://github.com/gliderlabs/registrator • https://github.com/hashicorp/consul-template • https://github.com/ehazlett/interlock • Persistent volumes with Swarm and Rex Ray on AWS • http://blog.emccode.com/2015/11/03/use-docker-swarm-with-a-data- persistence-layer/ • https://github.com/emccode/rexray • Kubernetes on Swarm • https://github.com/docker/swarm-frontends Orchestration projects
  90. 90. • IPVS, Andrey Sibiryov, http://www.slideshare.net/Docker/kernel-load- balancing-for-docker-containers-using-ipvs • DNS Service Discovery for Docker Swarm, Ahmet Alp Balkan, http://www.slideshare.net/Docker/dns-service-discovery-for-docker-swarm Load Balancing
  91. 91. • Spring Boot, MongoDB, compose, swarm, networking • https://github.com/joshlong/spring-doge • https://github.com/chanezon/docker-tips/orchestration-networking • Java EE 7 / Angular App with Docker Swarm by @mgreau Compose for build and deploy, Wildfly, Apache, Angular, Mysql, Redis, batch and API apps • https://github.com/mgreau/docker4dev-tennistour-app • Java EE Docker & Kubernetes by @arun-gupta • https://github.com/javaee-samples/docker-java Java Examples
  92. 92. • Docs https://docs.docker.com/engine/userguide/networking/dockerne tworks/ • Create a Swarm cluster with networking https://github.com/chanezon/docker-tips/orchestration- networking • Networking in compose https://github.com/docker/compose/blob/master/docs/networki ng.md • Nathan Leclaire Seamless Docker Multihost Overlay Networking on DigitalOcean With Machine, Swarm, and Compose, Docker networking
  93. 93. • Using Ansible with Docker Machine to Bootstrap Host Nodes http://nathanleclaire.com/blog/2015/11/10/using-ansible-with- docker-machine-to-bootstrap-host-nodes/ • Seamless Docker Multihost Overlay Networking on DigitalOcean With Machine, Swarm, and Compose, RethinkDB http://nathanleclaire.com/blog/2015/11/17/seamless-docker- multihost-overlay-networking-on-digitalocean-with-machine- swarm-and-compose-ft.-rethinkdb/ Nathan’s tips

×