Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

What’s the Deal with Containers, Anyway?

209 views

Published on

In this keynote from Deltaware Data Solutions' 2016 Emerging Technology Summit, Stephen Foskett gives essential background on the emerging trend of containerization of enterprise applications. What are containers and how will they affect enterprise IT? Why is Docker so important? Foskett addresses both the technical and architectural questions, discussing which applications will be containerized, the benefits and costs, and what it means for IT operations.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

What’s the Deal with Containers, Anyway?

  1. 1. What’s the Deal with Containers, Anyway? Stephen Foskett stephen@fosketts.net @SFoskett © Foskett Services 1
  2. 2. Stephen Foskett is the organizer of Tech Field Day, proprietor of Gestalt IT, strangely interested in storage, baseball believer, all-around nerd, car nut, Microsoft MVP and VMware vExpert, former first-chair bass clarinet player and punk rock frontman, obsessive about lightbulbs, lover of a good Manhattan, watch blogger, Apple blogger, vegetarian blogger, dad to three kids with anagram names, grammar obsessive, avid reader, King of the Andals and the First Men, humanist, frequent traveler, and (apparently) lover of his own voice © Foskett Services 2
  3. 3. Contain Yourself! • Containers are everywhere suddenly • What’s the deal? • Why now? © Foskett Services 3
  4. 4. What is a Container, Anyway? • A container is an operating system user space that: ▫ Is contained: Has strict boundaries; limited libraries and tools ▫ Contains an application: Custom- designed to run a specific application • Operating System-level virtualization © Foskett Services 4
  5. 5. The OS Stack • System Space ▫ Kernel (device management, memory management) ▫ Device Drivers (storage, networking, video) • User Space ▫ Libraries and resources ▫ Utilities ▫ Applications © Foskett Services 5
  6. 6. Entering User Space • GNU/Linux: GNU is user-space, Linux is system space • Citrix WinFrame/Microsoft Terminal Services: Multiple user spaces • Linux control groups (cgroups) manages multiple user spaces © Foskett Services 6
  7. 7. Container History • UNIX v7 Chroot (1979) • Citrix WinFrame/Microsoft Terminal Services (1995) • FreeBSD Jails (2000) • Linux-VServer (2001) • Solaris Containers/Zones (2004) (AIX/HP-UX later) • OpenVZ/Virtuozzo (2005) • Linux Containers/LXC (2008) • Docker (2013) © Foskett Services 7
  8. 8. What Docker Got Right • Developer focus ▫ Modern tools, friendly configuration, API’s/integration • Docker Hub ▫ “App store” • Easy storage ▫ Layered storage ▫ AUFS/OverlayFS • Openness and extensibility (eventually) ▫ Networking and storage • Coopetition/Cooption ▫ Swarm © Foskett Services 8
  9. 9. How Docker Works © Foskett Services 9
  10. 10. Images and Containers • An image is a filesystem and runtime parameters • You run an image and it becomes a container © Foskett Services 10
  11. 11. Best Practices • Simple images ▫ Only the libraries and utilities you need ▫ Minimize the number of layers (usability and performance) • Simple containers ▫ One application per container (one process on Linux!) ▫ Multi-container applications are cool! ▫ Active storage in external volumes © Foskett Services 11
  12. 12. Dockerfiles • Dockerfile ▫ Describes a docker instance in standard terms ▫ Typically based on an existing image ▫ Usually includes specific application installs (apt- get or yum) ▫ Run a command ▫ Create an image and store it in the Hub • Docker Compose ▫ Describes a multi-container application instance ▫ Ports, volumes, configuration variables © Foskett Services 12
  13. 13. Layered Storage • Most Docker images have 3-5 layers of storage • Like tracing paper – writes only hit the top layer • Copy-on-write is a core Docker value • “Content-addressable” hash-based storage since 1.10 • Focused on capacity optimization and fast startup © Foskett Services 13
  14. 14. Docker Storage Options • Union Filesystems: ▫ AUFS ▫ OverlayFS • Snapshot-Based: ▫ Devicemapper (LVM block storage) ▫ Btrfs ▫ ZFS • Pluggable storage drivers © Foskett Services 14
  15. 15. Docker Data Volume Storage • Docker containers can use external(ish) storage as a “Data Volume” ▫ Mounting a directory inside a container ▫ No copy-on-write or layers ▫ Can be external storage (SAN/NAS) © Foskett Services 15
  16. 16. Docker Data Volume Containers • Can also create “Data Volume Containers” ▫ A regular Docker container with data volumes ▫ Shares data volumes with other containers ▫ Like a file server but in Docker © Foskett Services 16
  17. 17. Persistence • Docker’s approach is for containers not to be persistent ▫ “Cattle” approach - start up additional containers based on the same image ▫ No mobility - kill containers and start new ones elsewhere • But container data is persistent (until you rm it) • Proper data persistence requires data volumes or a data volume container © Foskett Services 17
  18. 18. Internal Networking • Docker Engine networking is extremely simple ▫ Bridge network to containers ▫ Built-in DNS server • Overlay networks ▫ Key-value store ▫ 802.1q VLANs ▫ VXLAN in Swarm • Network plugins © Foskett Services 18
  19. 19. External Networking • Network Port Mapping to local host • Routing: Ip_forward/iptables © Foskett Services 19
  20. 20. Docker Swarm Mode • Integrated clustering ▫ Automatic clustering and management ▫ Decentralized design ▫ Scaling (up and down) ▫ Overlay networking ▫ Rolling updates • Docker is late to the party (Kubernetes, Mesos) but made scale-out applications incredibly easy © Foskett Services 20
  21. 21. What Can We Do with Containers? © Foskett Services 21
  22. 22. Consistent Application Environment One application per container; one container per application • Probably the most-overlooked aspect of Docker • Never again worry about OS level, patches, incompatible applications and utilities • Never any "competition" from other applications © Foskett Services 22
  23. 23. Security • Many security issues come from unused utilities and application components • Escalation of privileges affects the entire system But… • Containerized applications shouldn't have many unused utilities • Nothing else running means nothing else to infect © Foskett Services 23
  24. 24. Scalable Application Platforms • Scaling applications is incredibly difficult, especially once you get past the single-server barrier • It's still difficult with containers but containers make it so easy that developers might finally create segmented/containerized scalable applications! • Imagine "worker" tasks in containers contributing to a decentralized, scalable whole © Foskett Services 24
  25. 25. The Future is Containerized! • Containerized applications have many benefits • Developers love containers (especially Docker!) • Microsoft loves containers and cloud • Many benefits for Devs and Ops alike! © Foskett Services 25
  26. 26. Thank You! Stephen Foskett stephen@fosketts.net twitter.com/sfoskett blog.fosketts.net TechFieldDay.com 26

×