SlideShare a Scribd company logo
FROM ARM to Z: building, shipping, and
running a multi-platform Docker swarm
Chris Jones
Open Source Developer, IBM
Christy Perez
Open Source Developer, IBM
• What is "multi-arch?"
• Why is this needed?
• How to ...
• Examples
• docker manifest
Agenda
• Demo – Building images
• Demo – Shipping images
• Demo – Running Swarm
• Q&A
What are we talking about?
• GOAL: User
experience across
architectures is the
same
What
Why should I care?
$ docker run –it ubuntu
standard_init_linux.go:178: exec user process caused
“no such file or directory”
$ uname –m
s390x
$ docker run –it s390x/ubuntu
root@eb7051894530:/#
Why
$ docker run –it rethinkdb
standard_init_linux.go:178: exec user process caused
“no such file or directory”
$ uname –m
aarch64
$ docker run –it aarch64/rethinkdb
docker: Error response from daemon: repository
aarch64/rethinkdb not found: does not exist or no
pull access.
Why
• The user had to remember he was on a different
architecture
• Arch-dependent image names harm usability
• Siloed projects cause heartbreaks
What went wrong?
• Grow your project
• Strengths of other platforms
Benefits
How to multi-arch?
• actual hardware
• hardware assisted virtualization (KVM)
• full-system emulation (QEMU)
• user-mode emulation (binfmt_misc)
• cross-compiling
How
Building and running binaries
binfmt_misc
• Allows you to run ELF binaries that weren’t
compiled on your host architecture
• Maps non-native binaries to arch-specific
interpreters (e.g. QEMU)
• Pre-Configured in Docker for Mac!
binfmt_misc
# create magic number (ELF header bit) mappings
$ docker run –rm –privileged multiarch/qemu-user-
static:register
# verify our magic numbers were added, aka our
# Rolodex has been created.
$ ls /proc/sys/fs/binfmt_misc/
aarch64 arm ppc64le s390x …
binfmt_misc – ppc64le e.g.
# download interpreter
$ curl -fsSL https://github.com/multiarch/qemu-user-
static/releases/download/v2.8.1/x86_64_qemu-ppc64le-
static.tar.gz -o ~/x86_64_qemu-ppc64le-static.tar.gz
# unzip to /usr/bin/qemu-ppc64le-static
$ tar -xvzf ~/x86_64_qemu-ppc64le-static.tar.gz -C
/usr/bin/qemu-ppc64le-static
binfmt_misc – ppc64le e.g.
# docker run ppc64le image and mount bin
$ docker run -it --rm -v /usr/bin/qemu-ppc64le-
static:/usr/bin/qemu-ppc64le-static /
ppc64le/busybox:latest uname –m
uname -m
ppc64le
binfmt_misc – ppc64le e.g.
# docker run ppc64le image
$ docker run -it --rm ppc64le/busybox:latest uname -m
uname -m
ppc64le
Docker for Mac
Cross-compiling in go
$ GOOS=linux GOARCH=arm go build
complex cross-compiling in go
Advice (Wisdom?)
├── Dockerfile
├── Dockerfile.aarch64
├── Dockerfile.armhf
├── Dockerfile.ppc64le
├── Dockerfile.s390x
├── Dockerfile.simple
├── Dockerfile.solaris
├── Dockerfile.windows
Makefiles, Dockerfiles & build scripts
• Multiple Dockerfiles (e.g.
Dockerfile.armf)
• Don't hard-code in arch in
packages, etc.
• If you must...
• ifdefs & build constraints
Optimizations
zfs.go:// +build linux freebsd solaris
zfs_unsupported.go:// +build !linux,!freebsd,!solaris
Where does docker fit?
• Multi-arch support in registry (Jan 2016)
• Skopeo Project
(https://github.com/projectatomic/skopeo)
• Phil Estes' tool
(https://github.com/estesp/manifest-tool)
• PR to add "docker manifest" (PR #27455)
History
What's a manifest?
• Image metadata
- Layers
- References
- OS
- Arch
- etc.
What's a manifest list?
• A multi-arch "image"
• Contains image manifests
• Engine decides which to pull
• Not tied to image name
• Extra image detail
myrepo/mylist
amd64 image amrhf image
ppc64le image
docker manifest
• "Shallow pull" of image: manifest only
• Pushing multi-architecture image names to
registry
`docker manifest` command
# create interactively using cli
$ docker manifest create tophj/busybox busybox /
aarch64/busybox armhf/busybox ppc64le/busybox /
s390x/busybox
$ docker manifest annotate tophj/busybox /
armhf/busybox --os linux --arch arm --osFeature f1
$ docker manifest push tophj/busybox
docker manifest
# or create using yaml
$ docker manifest push
-f clnperez_hw.yaml
docker manifest - yaml
docker manifest inspect tophj/busybox
docker manifest inspect busybox
docker manifest
Putting it all together:
docker swarm
tophj/demo
tophj/demo
• tophj/ppc64le-demo
• tophj/x86_64-demo
• tophj/armhf -demo
• tophj/s390x-demo
├── Dockerfile.armhf
├── Dockerfile.ppc64le
├── Dockerfile.s390x
├── Dockerfile.x86_64
├── img
│ ├── captain_logo.png
│ ├── captain.png
│ ├── christy_logo.png
│ ├── christy.png
│ ├── pink.png
│ └── tophj.png
└── server.go
docker swarm demo
# create our tophj/demo manifest list which points to our
# architecture specific images
$ docker manifest create tophj/demo tophj/x86_64-demo 
tophj/armhf-demo tophj/ppc64le-demo tophj/s390x-demo
docker swarm demo
# annotate to change armhf to arm
$ docker manifest annotate tophj/demo tophj/armhf-demo 
--os linux --arch arm
# finally push the manifest list
$ docker manifest push tophj/demo
docker swarm demo
$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER
STATUS
3nisms9qfi27ko0683bylxyud s390 Ready Active
7jwo7d5braat1l6n63j8xfue6 * x86_64 Ready Active Leader
n5tqx2yk77123sjiapqwmu14e armhf Ready Active
u30pwzlt5hthwbbsdok8nxyh8 ppc64le Ready Active
docker swarm demo
# start the swarm service using the multi-arch image name
$ docker service create --mode global --name dockercon -p 8082:8080 tophj/demo
# start a simple load-balancer for fun
$ docker run -itd -p 80:81 --name nginx -v /christy/nginx:/etc/nginx nginx
# visit the IP of your load balancer in your browser
# be sure to refresh for multi-arch fun
docker swarm demo
docker swarm demo
bit.ly/multiarch-docker
Resources
• Server image:
https://c1.staticflickr.com/4/3519/3462607995_150a6b2624_b.jpg
• HtcpcpTeapot image:
https://commons.wikimedia.org/wiki/File:Htcpcp_teapot.jpg
• Raspberry Pi is a trademark of the Raspberry Pi Foundation.
• https://github.com/dockersamples/docker-swarm-visualizer
• ARMHF VM from Scaleway
• X86 VM from DigitalOcean
• Gophers: http://gopherize.me
References & Legal
Thank You!
Go forth and multi-arch!
@docker#dockercon

More Related Content

What's hot

Docker 原理與實作
Docker 原理與實作Docker 原理與實作
Docker 原理與實作
kao kuo-tung
 
CI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOWCI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOW
AddWeb Solution Pvt. Ltd.
 
Docker Ecosystem: Part V - Docker Registry
Docker Ecosystem: Part V - Docker RegistryDocker Ecosystem: Part V - Docker Registry
Docker Ecosystem: Part V - Docker Registry
Mario IC
 
Docker intro
Docker introDocker intro
Docker intro
Timo Derstappen
 
CoreOS : 설치부터 컨테이너 배포까지
CoreOS : 설치부터 컨테이너 배포까지CoreOS : 설치부터 컨테이너 배포까지
CoreOS : 설치부터 컨테이너 배포까지
충섭 김
 
Docker Compose and Panamax - ContainerDays Boston - June 2015
Docker Compose and Panamax - ContainerDays Boston - June 2015Docker Compose and Panamax - ContainerDays Boston - June 2015
Docker Compose and Panamax - ContainerDays Boston - June 2015
Jonas Rosland
 
이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure
Daegwon Kim
 
Docker tutorial2
Docker tutorial2Docker tutorial2
Docker tutorial2
Tatsuya Yagi
 
Getting instantly up and running with Docker and Symfony
Getting instantly up and running with Docker and SymfonyGetting instantly up and running with Docker and Symfony
Getting instantly up and running with Docker and Symfony
André Rømcke
 
Docker perl build
Docker perl buildDocker perl build
Docker perl build
Workhorse Computing
 
Talk about Docker
Talk about DockerTalk about Docker
Talk about Docker
Meng-Ze Lee
 
Launching containers with fleet
Launching containers with fleetLaunching containers with fleet
Launching containers with fleet
충섭 김
 
Meetup #24 Docker for Node Developer
Meetup #24 Docker for Node DeveloperMeetup #24 Docker for Node Developer
Meetup #24 Docker for Node Developer
MVP Microsoft
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
Roman Rodomansky
 
Using Capifony for Symfony apps deployment (updated)
Using Capifony for Symfony apps deployment (updated)Using Capifony for Symfony apps deployment (updated)
Using Capifony for Symfony apps deployment (updated)
Žilvinas Kuusas
 
GDG Lima - Docker Compose
GDG Lima - Docker ComposeGDG Lima - Docker Compose
GDG Lima - Docker Compose
Mario IC
 
How to configure an environment to cross-compile applications for beagleboard-xM
How to configure an environment to cross-compile applications for beagleboard-xMHow to configure an environment to cross-compile applications for beagleboard-xM
How to configure an environment to cross-compile applications for beagleboard-xM
Dalton Valadares
 
Docker & Kubernetes
Docker & KubernetesDocker & Kubernetes
Docker & Kubernetes
Troy Harvey
 
Dockerize your Symfony application - Symfony Live NYC 2014
Dockerize your Symfony application - Symfony Live NYC 2014Dockerize your Symfony application - Symfony Live NYC 2014
Dockerize your Symfony application - Symfony Live NYC 2014
André Rømcke
 
Toolbox of a Ruby Team
Toolbox of a Ruby TeamToolbox of a Ruby Team
Toolbox of a Ruby Team
Arto Artnik
 

What's hot (20)

Docker 原理與實作
Docker 原理與實作Docker 原理與實作
Docker 原理與實作
 
CI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOWCI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOW
 
Docker Ecosystem: Part V - Docker Registry
Docker Ecosystem: Part V - Docker RegistryDocker Ecosystem: Part V - Docker Registry
Docker Ecosystem: Part V - Docker Registry
 
Docker intro
Docker introDocker intro
Docker intro
 
CoreOS : 설치부터 컨테이너 배포까지
CoreOS : 설치부터 컨테이너 배포까지CoreOS : 설치부터 컨테이너 배포까지
CoreOS : 설치부터 컨테이너 배포까지
 
Docker Compose and Panamax - ContainerDays Boston - June 2015
Docker Compose and Panamax - ContainerDays Boston - June 2015Docker Compose and Panamax - ContainerDays Boston - June 2015
Docker Compose and Panamax - ContainerDays Boston - June 2015
 
이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure
 
Docker tutorial2
Docker tutorial2Docker tutorial2
Docker tutorial2
 
Getting instantly up and running with Docker and Symfony
Getting instantly up and running with Docker and SymfonyGetting instantly up and running with Docker and Symfony
Getting instantly up and running with Docker and Symfony
 
Docker perl build
Docker perl buildDocker perl build
Docker perl build
 
Talk about Docker
Talk about DockerTalk about Docker
Talk about Docker
 
Launching containers with fleet
Launching containers with fleetLaunching containers with fleet
Launching containers with fleet
 
Meetup #24 Docker for Node Developer
Meetup #24 Docker for Node DeveloperMeetup #24 Docker for Node Developer
Meetup #24 Docker for Node Developer
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
 
Using Capifony for Symfony apps deployment (updated)
Using Capifony for Symfony apps deployment (updated)Using Capifony for Symfony apps deployment (updated)
Using Capifony for Symfony apps deployment (updated)
 
GDG Lima - Docker Compose
GDG Lima - Docker ComposeGDG Lima - Docker Compose
GDG Lima - Docker Compose
 
How to configure an environment to cross-compile applications for beagleboard-xM
How to configure an environment to cross-compile applications for beagleboard-xMHow to configure an environment to cross-compile applications for beagleboard-xM
How to configure an environment to cross-compile applications for beagleboard-xM
 
Docker & Kubernetes
Docker & KubernetesDocker & Kubernetes
Docker & Kubernetes
 
Dockerize your Symfony application - Symfony Live NYC 2014
Dockerize your Symfony application - Symfony Live NYC 2014Dockerize your Symfony application - Symfony Live NYC 2014
Dockerize your Symfony application - Symfony Live NYC 2014
 
Toolbox of a Ruby Team
Toolbox of a Ruby TeamToolbox of a Ruby Team
Toolbox of a Ruby Team
 

Similar to A to Z of a Multi-platform Docker Swarm: Building, Shipping, and Running Multi-arch Images

Docker practice
Docker practiceDocker practice
Docker practice
wonyong hwang
 
Docker, c'est bonheur !
Docker, c'est bonheur !Docker, c'est bonheur !
Docker, c'est bonheur !
Alexandre Salomé
 
Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)
Ontico
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
Ganesh Samarthyam
 
Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署
Bo-Yi Wu
 
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
Puppet
 
Challenges of container configuration
Challenges of container configurationChallenges of container configuration
Challenges of container configuration
lutter
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
CodeOps Technologies LLP
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
Docker, Inc.
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014
Rafe Colton
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
Docker, Inc.
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortals
Henryk Konsek
 
PDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoPDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoHannes Hapke
 
Streamline your development environment with docker
Streamline your development environment with dockerStreamline your development environment with docker
Streamline your development environment with docker
Giacomo Bagnoli
 
Build and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes worldBuild and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes world
Jorge Morales
 
Running the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerRunning the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker Container
Guido Schmutz
 
Docker Essentials Workshop— Innovation Labs July 2020
Docker Essentials Workshop— Innovation Labs July 2020Docker Essentials Workshop— Innovation Labs July 2020
Docker Essentials Workshop— Innovation Labs July 2020
CloudHero
 
A Hands-on Introduction to Docker
A Hands-on Introduction to DockerA Hands-on Introduction to Docker
A Hands-on Introduction to Docker
CodeOps Technologies LLP
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014
biicode
 
ABCs of docker
ABCs of dockerABCs of docker
ABCs of docker
Sabyrzhan Tynybayev
 

Similar to A to Z of a Multi-platform Docker Swarm: Building, Shipping, and Running Multi-arch Images (20)

Docker practice
Docker practiceDocker practice
Docker practice
 
Docker, c'est bonheur !
Docker, c'est bonheur !Docker, c'est bonheur !
Docker, c'est bonheur !
 
Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
 
Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署
 
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...
 
Challenges of container configuration
Challenges of container configurationChallenges of container configuration
Challenges of container configuration
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortals
 
PDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoPDXPortland - Dockerize Django
PDXPortland - Dockerize Django
 
Streamline your development environment with docker
Streamline your development environment with dockerStreamline your development environment with docker
Streamline your development environment with docker
 
Build and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes worldBuild and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes world
 
Running the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerRunning the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker Container
 
Docker Essentials Workshop— Innovation Labs July 2020
Docker Essentials Workshop— Innovation Labs July 2020Docker Essentials Workshop— Innovation Labs July 2020
Docker Essentials Workshop— Innovation Labs July 2020
 
A Hands-on Introduction to Docker
A Hands-on Introduction to DockerA Hands-on Introduction to Docker
A Hands-on Introduction to Docker
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014
 
ABCs of docker
ABCs of dockerABCs of docker
ABCs of docker
 

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 

A to Z of a Multi-platform Docker Swarm: Building, Shipping, and Running Multi-arch Images

  • 1. FROM ARM to Z: building, shipping, and running a multi-platform Docker swarm Chris Jones Open Source Developer, IBM Christy Perez Open Source Developer, IBM
  • 2. • What is "multi-arch?" • Why is this needed? • How to ... • Examples • docker manifest Agenda • Demo – Building images • Demo – Shipping images • Demo – Running Swarm • Q&A
  • 3. What are we talking about?
  • 4. • GOAL: User experience across architectures is the same What
  • 5.
  • 6.
  • 7. Why should I care?
  • 8. $ docker run –it ubuntu standard_init_linux.go:178: exec user process caused “no such file or directory” $ uname –m s390x $ docker run –it s390x/ubuntu root@eb7051894530:/# Why
  • 9. $ docker run –it rethinkdb standard_init_linux.go:178: exec user process caused “no such file or directory” $ uname –m aarch64 $ docker run –it aarch64/rethinkdb docker: Error response from daemon: repository aarch64/rethinkdb not found: does not exist or no pull access. Why
  • 10.
  • 11. • The user had to remember he was on a different architecture • Arch-dependent image names harm usability • Siloed projects cause heartbreaks What went wrong?
  • 12. • Grow your project • Strengths of other platforms Benefits
  • 14. • actual hardware • hardware assisted virtualization (KVM) • full-system emulation (QEMU) • user-mode emulation (binfmt_misc) • cross-compiling How Building and running binaries
  • 16. • Allows you to run ELF binaries that weren’t compiled on your host architecture • Maps non-native binaries to arch-specific interpreters (e.g. QEMU) • Pre-Configured in Docker for Mac! binfmt_misc
  • 17.
  • 18. # create magic number (ELF header bit) mappings $ docker run –rm –privileged multiarch/qemu-user- static:register # verify our magic numbers were added, aka our # Rolodex has been created. $ ls /proc/sys/fs/binfmt_misc/ aarch64 arm ppc64le s390x … binfmt_misc – ppc64le e.g.
  • 19. # download interpreter $ curl -fsSL https://github.com/multiarch/qemu-user- static/releases/download/v2.8.1/x86_64_qemu-ppc64le- static.tar.gz -o ~/x86_64_qemu-ppc64le-static.tar.gz # unzip to /usr/bin/qemu-ppc64le-static $ tar -xvzf ~/x86_64_qemu-ppc64le-static.tar.gz -C /usr/bin/qemu-ppc64le-static binfmt_misc – ppc64le e.g.
  • 20. # docker run ppc64le image and mount bin $ docker run -it --rm -v /usr/bin/qemu-ppc64le- static:/usr/bin/qemu-ppc64le-static / ppc64le/busybox:latest uname –m uname -m ppc64le binfmt_misc – ppc64le e.g.
  • 21. # docker run ppc64le image $ docker run -it --rm ppc64le/busybox:latest uname -m uname -m ppc64le Docker for Mac
  • 23. $ GOOS=linux GOARCH=arm go build complex cross-compiling in go
  • 25. ├── Dockerfile ├── Dockerfile.aarch64 ├── Dockerfile.armhf ├── Dockerfile.ppc64le ├── Dockerfile.s390x ├── Dockerfile.simple ├── Dockerfile.solaris ├── Dockerfile.windows Makefiles, Dockerfiles & build scripts • Multiple Dockerfiles (e.g. Dockerfile.armf) • Don't hard-code in arch in packages, etc.
  • 26. • If you must... • ifdefs & build constraints Optimizations zfs.go:// +build linux freebsd solaris zfs_unsupported.go:// +build !linux,!freebsd,!solaris
  • 28. • Multi-arch support in registry (Jan 2016) • Skopeo Project (https://github.com/projectatomic/skopeo) • Phil Estes' tool (https://github.com/estesp/manifest-tool) • PR to add "docker manifest" (PR #27455) History
  • 29. What's a manifest? • Image metadata - Layers - References - OS - Arch - etc.
  • 30. What's a manifest list? • A multi-arch "image" • Contains image manifests • Engine decides which to pull • Not tied to image name • Extra image detail myrepo/mylist amd64 image amrhf image ppc64le image
  • 32. • "Shallow pull" of image: manifest only • Pushing multi-architecture image names to registry `docker manifest` command
  • 33. # create interactively using cli $ docker manifest create tophj/busybox busybox / aarch64/busybox armhf/busybox ppc64le/busybox / s390x/busybox $ docker manifest annotate tophj/busybox / armhf/busybox --os linux --arch arm --osFeature f1 $ docker manifest push tophj/busybox docker manifest
  • 34. # or create using yaml $ docker manifest push -f clnperez_hw.yaml docker manifest - yaml
  • 35. docker manifest inspect tophj/busybox docker manifest inspect busybox docker manifest
  • 36. Putting it all together: docker swarm
  • 38. tophj/demo • tophj/ppc64le-demo • tophj/x86_64-demo • tophj/armhf -demo • tophj/s390x-demo
  • 39. ├── Dockerfile.armhf ├── Dockerfile.ppc64le ├── Dockerfile.s390x ├── Dockerfile.x86_64 ├── img │ ├── captain_logo.png │ ├── captain.png │ ├── christy_logo.png │ ├── christy.png │ ├── pink.png │ └── tophj.png └── server.go docker swarm demo
  • 40. # create our tophj/demo manifest list which points to our # architecture specific images $ docker manifest create tophj/demo tophj/x86_64-demo tophj/armhf-demo tophj/ppc64le-demo tophj/s390x-demo docker swarm demo
  • 41. # annotate to change armhf to arm $ docker manifest annotate tophj/demo tophj/armhf-demo --os linux --arch arm # finally push the manifest list $ docker manifest push tophj/demo docker swarm demo
  • 42. $ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS 3nisms9qfi27ko0683bylxyud s390 Ready Active 7jwo7d5braat1l6n63j8xfue6 * x86_64 Ready Active Leader n5tqx2yk77123sjiapqwmu14e armhf Ready Active u30pwzlt5hthwbbsdok8nxyh8 ppc64le Ready Active docker swarm demo
  • 43. # start the swarm service using the multi-arch image name $ docker service create --mode global --name dockercon -p 8082:8080 tophj/demo # start a simple load-balancer for fun $ docker run -itd -p 80:81 --name nginx -v /christy/nginx:/etc/nginx nginx # visit the IP of your load balancer in your browser # be sure to refresh for multi-arch fun docker swarm demo
  • 46. • Server image: https://c1.staticflickr.com/4/3519/3462607995_150a6b2624_b.jpg • HtcpcpTeapot image: https://commons.wikimedia.org/wiki/File:Htcpcp_teapot.jpg • Raspberry Pi is a trademark of the Raspberry Pi Foundation. • https://github.com/dockersamples/docker-swarm-visualizer • ARMHF VM from Scaleway • X86 VM from DigitalOcean • Gophers: http://gopherize.me References & Legal
  • 47. Thank You! Go forth and multi-arch! @docker#dockercon

Editor's Notes

  1. Christy As part of our introduction,talk about what the LTC is, and what we do there. Phil's intro here is good:https://www.youtube.com/watch?v=9Ku_n91puUw
  2. What are we talking about
  3. Note
  4. Sooo. A lot of these aren’t actually supported, maybe put some red X’s through those. (add in an le to the end of ppc64?) toph Lots of architectures When we talk about multi-architecture, what we mean is being able to run docker on a variety of platforms and devices with different underlying architectures (arm, x86, power, z, etc.) Our goal is that your user experience running docker on say, an x86 server will be the same as it is using a raspberry pi. GOAL: Creating one workload for multiple architectures
  5. We want the same container to be run on an x86 server farm, as a raspberry pi toaster you use to implement RFC 7168
  6. We want the same container to be run on an x86 server farm, as a raspberry pi teapot you use to implement RFC 7168 (coffee pot protocol)
  7. tophj
  8. Spend some time talking about how in dockerhub images are architecture specific, and the only way to tell right now is by the image name / repository MAKE SURE WE HIGHLIGHT THIS AS AN EXAMPLE OF IMAGE NAME DEPENDENCIES
  9. “Also you read a blog post about a cool new project, and then you try and run it and you can’t”
  10. Siloed projects cause heartbreaks Maybe a picture here of all the open github issues?
  11. Siloed projects cause heartbreaks (siloed projects being a project that only cares about one architecture) Maybe a picture here of all the open github issues?
  12. Benefits OF MAKING YOUR PROJECT MULTI-ARCH FRIENDLY... Catchy name for the self-sustaining circle? COOS (circle of open source?) More people who see your project, means the more people who use your project, which means the more people who contribute to your project The more usability your project has, the more people who see your project, the more people who contribute to your project, the more useful your project will become Benefits of other platforms (z will run your project at huge scale, while ARM will force it to be more efficient) Rooting out bugs, i.e. race conditions, etc. Two different mindsets, arm folks will worry about everything being super efficient, while the z folks will worry about everything scaling properly
  13. christy
  14. christy
  15. This guy lives in your operating system,much like his twin brother lives in the basement an Innotech. He is given a rolodex of binary to interpreter mappings, and his only job is to point the operating system at the right interpreter.
  16. Why are we showing people how to use this? Tie it back to a compelling use in a project: 1) if you build a container for a non-native arch, test it 2) if you need to use an image that you don't have available, you can just run one that does exit for another architecture!3) ??
  17. Tophj (maybe)
  18. tophj
  19. Mention that when doing a docker build, you can have a FROM scratch image and then copy in the binary into the image
  20. christy
  21. If you want to put in assembly,put it in a file that only compiles for your arch, and have a slowpath ready for other architectures. You can easily compile only that file using go's build constraints, or run an optimized path using ifdef's.
  22. christy
  23. Find and shame Phil This slide is about History of multi-arch with Docker Support in registry added for the manifest list type in Manifest Version 2, Schema 2. SHOW an example of a manifest list(mf v2s2). Trying to describe these is too complicated without an example. Skopeo: originally created by Antonio Murdaca (runcom) and now lives at projectatomic, Skopeo is able to inspect images without pulling them from a registry, fetch images by layers, but lacks mutli-arch image creation, which leads to Phil’s Tool: estesp, fork of Skopeo that supports multi-arch image name creation and inspection. DO NOT TALK IN DEPTH ABOUT MANIFEST LISTS YET! Mention that phil has given a talk about this at previous dockercon (watch to see what he talked about!) Support in engine for pulling manifest lists was added in 2016, but hasn’t been put into CLI
  24. Images live in docker hub, and with them lives information about them.That"about" info is the manifest.
  25. A manifest is just the identifying metadata that describes the binary data of the image. Think of it as almost the same information you see if you do a docker inspect of an image. Manifest lists are traversed by your docker engine to find the right layers to pull depending on os & arch If this doesn't make sense quite yet, wait until we get to the demo of using them a bit later.
  26. christy
  27. Shallow pull of image aka docker manifest inspect Creating multi-architecture images (why do this)
  28. Might want to mention they have to login, and not to create one going to tophj
  29. You can use inspect not only to inspect a manifest list (multiple images) but also to do a shallow pull of a singular manifest
  30. tophj
  31. We want the same container to be run on an x86 server farm, as a raspberry pi toaster you use to implement RFC 7168
  32. We want the same container to be run on an x86 server farm, as a raspberry pi toaster you use to implement RFC 7168
  33. Christy + tophj + ???