Ankara JUG Nisan 2015 Docker presentation, technical detalis and use cases

1. Mustafa AKIN
Ankara Java Users Group
16 April 2015
What is Docker?
And what it means to you?

2. What is Docker?
■ An open platform
■ Portable, lightweight runtime and packaging tool
■ Automating deployment of applications inside software
containers
■ Operating-system-level virtualization
■ Isolated containers

3. Virtual Machines,
Hypervisors
■ KVM, kernel based virtual
machine
■ Virtualize an entire system
■ Virtual CPU
■ Virtual Hard Disk
■ Virtual Network

4. Containers
■ Containers share same Linux
Kernel
■ Isolation possible by
namespaces, cgroups provided
by Linux Kernel
■ Microsoft has started providing
Native Windows Containers

5. Containers vs Virtual
Machines

6. Performance of Containers
An Updated Performance Comparison of Virtual Machines and Linux Containers,
IBM Research

7. How does Docker Work?
■ Operating system provides you a set of system calls
■ You do not actually read file, read from socket, write output
to screen
■ Operating system handles most crucial functionality for you
■ Docker utilizes namespaces for abstracting access to system
resources
■ Docker also utilizes cgroups, that provides namespace
isolation
■ Cgroups also provide resource accounting and limitation

8. Namespaces
■ Mount: Isolate the set of file system mount points for
processes
■ UTS: Isolates domain name and host name
■ IPC: Inter process communication, such as shared memory,
named semaphores, message queues
■ PID: Process ID number space. So init process of each
namespace can be different
■ Network: Different network devices, routing tables
■ User: Different user ids for inside and outside of namespace

9. Regular htop

10. htop inside a container

11. Docker images
■ Docker mounts images as the root file system of a container
■ Images in Docker are layered: like git, you have to commit
changes to create a new image, or update the current
version
■ Image layers can be shared among containers
■ Sharing layers increases performance since the common
files will be in cache, and also reduces the disk usage

12. Example usage of images

13. Layers of images
ubuntu
jdk8
myjavaapp jetty
gcc
helloworld

14. Docker hub

15. Dockerfile

17. Control Groups (cgroups)
■ blkio: set limits and monitor usage of block devices such as
disks
■ cpu: scheduling, weights of tasks
■ cpuacct: usage reports of cpus
■ cpuset: assign cpus and memory nodes to tasks
■ devices: allow access to devices (webcam, gpu etc.)
■ memory: limit on memory, and usage reports
■ net_prio: priority on network interfaces

18. Example of cpuacct

19. Aggregating Docker metrics
■ My own project to gather cgroup metrics for containers:
https://github.com/mustafaakin/docker-resource-reporter

20. Boot2Docker

21. Containerizing GUI Apps
$ docker run -it
-v /tmp/.X11-unix:/tmp/.X11-unix # mount the X11 socket
-e DISPLAY=unix$DISPLAY # pass the display
-v /dev/snd:/dev/snd --privileged # sound
--name tor-browser jess/tor-browser

22. Containerizing Ubuntu Desktop
docker run -i -t -p 6080:6080 dorowu/ubuntu-desktop-lxde-vnc

23. Running a database

24. Mounting Data

25. Poor man’s Continuous
integration

26. Rich man’s continuous
integration
■ CircleCI
■ Bamboo
■ Jenkins
■ TravisCI
■ Shippable

27. PrimeFaces showcase

28. Running Benchmarks

29. Selenium Grid

30. Selenium Grid

31. PAGS: Programming
Assignment Grading System
■ http://pags.cs.bilkent.edu.tr
or http://code.gy

32. PAGS, Programming
Assignment Grading System

33. PAGS, Programming
Assignment Grading System

34. My Research

35. Twelve Factor App
I. Codebase
One codebase tracked in revision
control, many deploys
II. Dependencies
Explicitly declare and isolate
dependencies
III. Config
Store config in the environment
IV. Backing Services
Treat backing services as
attached resources
V. Build, release, run
Strictly separate build and run
stages
VI. Processes
Execute the app as one or more
stateless processes
VII. Port binding
Export services via port binding
VIII. Concurrency
Scale out via the process model
IX. Disposability
Maximize robustness with fast
startup and graceful shutdown
X. Dev/prod parity
Keep development, staging, and
production as similar as possible
XI. Logs
Treat logs as event streams
XII. Admin processes
Run admin/management tasks
as one-off processes

36. Heroku

37. Deis – Your own Heroku

38. Deis – Your own Heroku

39. Deis – Your own Heroku

40. IBM Bluemix

41. RancherOS: Dockerize
everything

42. Rancher UI

43. Docker Web UIs

44. Kitematic: GUI for Docker

45. Kubernetes by Google

46. Docker Compose (Fig)

47. Docker Swarm
Use filtering:
• Constraints:
• Labeling, SSD Server, Big
Server..
• Operating System
• Kernel Version
• Affinity
• Schedule 2 containers
together
• Port
• Availability
• Dependency
• Containers might be using
volumes, or share network
stack

48. Docker Machine

49. Docker-ready clouds
■ Amazon EC2 Container Service
■ Google Container Engine
■ Digital Ocean

50. Docker investments
■ Series B: 21 Jan 2014 $15M
■ Series C: 16 Sep 2014 $40M
■ Series D: 14 Apr 2015: $95M
■ Docker initial release: 13 March 2013

51. Windows side.. Docker
Client!

52. Windows side, Nano Server!

53. Remote API
■ HTTP over Unix Socket, TCP Socket, Optionally TLS
■ JSON API
– Create container
– Start container
– Wait container
– List containers
– Search image
– Pull/Push images
– Build image from Dockerfile
■ Hijacked HTTP API or alternatively WebSocket API for
attaching to container, to see its output in real-time

54. Mustafa AKIN
Twitter: @mustafaakin
Mail: mustafa91@gmail.com
Web: www.mustafaak.in
■ Feel free to contact for Docker related questions, or anything
else!