Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Dockerize it! Alexnadalin-NAMSHI.com
WARNING
MINIMAL DOCKER AHEAD
playing with containers
figuring them out
never tried
DEMO
Container laws
Why containers?
remember when...
require(‘http’).createServer(...)
<li ng-repeat=”item in items” … >
go func()
or when...
sudo service nginx restart
apt-get install curl
ulimit -n 1025
Systems are boring.
Systems are f*****g boring.
Code is an F1 pilot
unique style
hard to replicate hard to replicate hard to replicatehard to replicate hard to replicate
System is the F1 car
Robust
Reliable
Replicable
Systems aren’t nice to build
They are nice to orchestrate
VMs
How do they differ from containers?
“it’s just like a VM, just much more lightweight”
“it’s just like a VM, just much more lightweight”FLUFF
kernel
resources
isolation
security
“Containers have similar resource isolation and allocation benefits as virtual machines but a different architectural appr...
Law #1 Even though they might try to solve similar problems, containers and VMs are fundamentally different
1996
https://github.com/docker/libcontainer/blob/master/PRINCIPLES.md
runC
Law #2 Docker is not here to stay (at least in the way we think of it nowadays)
Think that Docker is simple
Think that Docker is simple
# docker-compose.yml services: web: build: . ports: - "8080:8080" volumes: - .:/src $ docker-compose up
expand the horizon
We have Docker in our system
We’re developing a nodejs app
without nodejs
we’re exposing it from our container to our host (-p 8080:8080)
then we’re running ngrok to expose our host to the internet
without ngrok
Law #3 Containers aren’t suitable for dev or production, containers are suitable for use-cases
docker pull graylog2/allinone
Law #4 Dockerfiles are the simplest form of configuration management
Orchestrating containers isn’t simple.
But it’s the fun part :-)
apiVersion: v1 kind: ReplicationController metadata: name: app labels: name: app spec: replicas: 1 selector: name: app tem...
apiVersion: v1 kind: ReplicationController metadata: name: app labels: name: app spec: replicas: 1 selector: name: app tem...
kubectl create -f /path/to/definition.yml
PODs REPLICATION CONTROLLERS SERVICES
PODs REPLICATION CONTROLLERS SERVICES
A set of logically linked containers
PODs REPLICATION CONTROLLERS SERVICES
The guy who makes sure PODs are up & running
apiVersion: v1 kind: ReplicationController metadata: name: app labels: name: app spec: replicas: 1 selector: name: app tem...
kubectl scale --replicas=2 rc app
PODs REPLICATION CONTROLLERS SERVICES
The DataCenter of the future is taking shape
Law #5 Configuration management is (almost) dead Long live orchestrators
Law #6 Talk services, not machines
NERDADVICE Containers aren’t better than VMs, it really just depends on what you need to do https://goo.gl/DGQKDA
NERDADVICE Forget about the hosts, go GCE if you can https://goo.gl/haanq4
NERDADVICE Else, use a mature orchestration platform http://kubernetes.io/ https://goo.gl/sbk3Hk (swarm) http://mesos.apac...
NERDADVICE Run your hosts on safe, light OS like CoreOS https://coreos.com/
NERDADVICE Use Alpine for your containers, it’s a minimal security-oriented Linux distro http://goo.gl/MF4nKp
NERDADVICE Avoid running containers as root http://goo.gl/MF4nKp
NERDADVICE Regularly scan your clusters to see if there’s any security gotcha https://goo.gl/l8tO31
NERDADVICE Isolate “colanders” like jenkins in containers https://goo.gl/1HuQjV
NERDADVICE Stop manually installing software on your own machine https://goo.gl/9fHWHU
NERDADVICE Live like it’s 2016 https://goo.gl/2FNwGq https://github.com/coreos/rkt https://runc.io/
Alessandro Nadalin
Alessandro Nadalin @_odino_
Alessandro Nadalin @_odino_ Namshi
Alessandro Nadalin @_odino_ Namshi VP Technology
Alessandro Nadalin @_odino_ Namshi VP Technology odino.org
Thanks! Alessandro Nadalin @_odino_ Namshi VP Technology odino.org
we are hiring! tech.namshi.com/join-us github.com/namshi twitter.com/TechNamshi tech.namshi.com
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Dockerize it! @ Codemotion 2016 in Rome
Upcoming SlideShare
Loading in …5
×

Dockerize it! @ Codemotion 2016 in Rome

1,239 views

Published on

Docker is a groundbreaking technology that will heavily influence how we will write software in the years to come: let's then have a look at:

* where it comes from (Linux Containers)
* how it works
* how to dockerize simple apps to easily deploy them on production
* how you can use Docker in local environments to simplify your development workflow

Do you like Vagrant, auto-scaling or 12-factor apps? Then get ready to be mindblown.

Published in: Technology
no profile picture user

  • Be the first to comment

Show More

Dockerize it! @ Codemotion 2016 in Rome

  1. 1. Dockerize it! Alexnadalin-NAMSHI.com
  2. 2. WARNING
  3. 3. MINIMAL DOCKER AHEAD
  4. 4. playing with containers
  5. 5. figuring them out
  6. 6. never tried
  7. 7. DEMO
  8. 8. Container laws
  9. 9. Why containers?
  10. 10. remember when...
  11. 11. require(‘http’).createServer(...)
  12. 12. <li ng-repeat=”item in items” … >
  13. 13. go func()
  14. 14. or when...
  15. 15. sudo service nginx restart
  16. 16. apt-get install curl
  17. 17. ulimit -n 1025
  18. 18. Systems are boring.
  19. 19. Systems are f*****g boring.
  20. 20. Code is an F1 pilot
  21. 21. unique style
  22. 22. hard to replicate hard to replicate hard to replicatehard to replicate hard to replicate
  23. 23. System is the F1 car
  24. 24. Robust
  25. 25. Reliable
  26. 26. Replicable
  27. 27. Systems aren’t nice to build
  28. 28. They are nice to orchestrate
  29. 29. VMs
  30. 30. How do they differ from containers?
  31. 31. “it’s just like a VM, just much more lightweight”
  32. 32. “it’s just like a VM, just much more lightweight”FLUFF
  33. 33. kernel
  34. 34. resources
  35. 35. isolation
  36. 36. security
  37. 37. “Containers have similar resource isolation and allocation benefits as virtual machines but a different architectural approach allows them to be much more portable and efficient” https://www.docker.com/what-docker
  38. 38. Law #1 Even though they might try to solve similar problems, containers and VMs are fundamentally different
  39. 39. 1996
  40. 40. https://github.com/docker/libcontainer/blob/master/PRINCIPLES.md
  41. 41. runC
  42. 42. Law #2 Docker is not here to stay (at least in the way we think of it nowadays)
  43. 43. Think that Docker is simple
  44. 44. Think that Docker is simple
  45. 45. # docker-compose.yml services: web: build: . ports: - "8080:8080" volumes: - .:/src $ docker-compose up
  46. 46. expand the horizon
  47. 47. We have Docker in our system
  48. 48. We’re developing a nodejs app
  49. 49. without nodejs
  50. 50. we’re exposing it from our container to our host (-p 8080:8080)
  51. 51. then we’re running ngrok to expose our host to the internet
  52. 52. without ngrok
  53. 53. Law #3 Containers aren’t suitable for dev or production, containers are suitable for use-cases
  54. 54. docker pull graylog2/allinone
  55. 55. Law #4 Dockerfiles are the simplest form of configuration management
  56. 56. Orchestrating containers isn’t simple.
  57. 57. But it’s the fun part :-)
  58. 58. apiVersion: v1 kind: ReplicationController metadata: name: app labels: name: app spec: replicas: 1 selector: name: app template: metadata: labels: name: app spec: containers: - name: master image: my-nodejs-app ports: - containerPort: 1234
  59. 59. apiVersion: v1 kind: ReplicationController metadata: name: app labels: name: app spec: replicas: 1 selector: name: app template: metadata: labels: name: app spec: containers: - name: master image: my-nodejs-app ports: - containerPort: 1234
  60. 60. kubectl create -f /path/to/definition.yml
  61. 61. PODs REPLICATION CONTROLLERS SERVICES
  62. 62. PODs REPLICATION CONTROLLERS SERVICES
  63. 63. A set of logically linked containers
  64. 64. PODs REPLICATION CONTROLLERS SERVICES
  65. 65. The guy who makes sure PODs are up & running
  66. 66. apiVersion: v1 kind: ReplicationController metadata: name: app labels: name: app spec: replicas: 1 selector: name: app template: metadata: labels: name: app spec: containers: - name: master image: my-nodejs-app ports: - containerPort: 1234
  67. 67. kubectl scale --replicas=2 rc app
  68. 68. PODs REPLICATION CONTROLLERS SERVICES
  69. 69. The DataCenter of the future is taking shape
  70. 70. Law #5 Configuration management is (almost) dead Long live orchestrators
  71. 71. Law #6 Talk services, not machines
  72. 72. NERDADVICE Containers aren’t better than VMs, it really just depends on what you need to do https://goo.gl/DGQKDA
  73. 73. NERDADVICE Forget about the hosts, go GCE if you can https://goo.gl/haanq4
  74. 74. NERDADVICE Else, use a mature orchestration platform http://kubernetes.io/ https://goo.gl/sbk3Hk (swarm) http://mesos.apache.org/
  75. 75. NERDADVICE Run your hosts on safe, light OS like CoreOS https://coreos.com/
  76. 76. NERDADVICE Use Alpine for your containers, it’s a minimal security-oriented Linux distro http://goo.gl/MF4nKp
  77. 77. NERDADVICE Avoid running containers as root http://goo.gl/MF4nKp
  78. 78. NERDADVICE Regularly scan your clusters to see if there’s any security gotcha https://goo.gl/l8tO31
  79. 79. NERDADVICE Isolate “colanders” like jenkins in containers https://goo.gl/1HuQjV
  80. 80. NERDADVICE Stop manually installing software on your own machine https://goo.gl/9fHWHU
  81. 81. NERDADVICE Live like it’s 2016 https://goo.gl/2FNwGq https://github.com/coreos/rkt https://runc.io/
  82. 82. Alessandro Nadalin
  83. 83. Alessandro Nadalin @_odino_
  84. 84. Alessandro Nadalin @_odino_ Namshi
  85. 85. Alessandro Nadalin @_odino_ Namshi VP Technology
  86. 86. Alessandro Nadalin @_odino_ Namshi VP Technology odino.org
  87. 87. Thanks! Alessandro Nadalin @_odino_ Namshi VP Technology odino.org
  88. 88. we are hiring! tech.namshi.com/join-us github.com/namshi twitter.com/TechNamshi tech.namshi.com

×