2. Omer Barel
DevOps Engineer @ CodeValue
Husband to Naama
Father to Leo & Theo
Love Whiskey & Travelling (preferably together! )
@omerbarel
http://about.me/omerbarel
8. Container runtime environment (engine)
Sealed application software
OS virtualization, not Hardware virtualization
What’s Docker?
@omerbarel
9. Hypervisor Architecture
Free space
Host OS
Server
VM
OS
App
VM
OS
App
VM
OS
App App
VM
OS
Hypervisor
Server
Container Architecture
Host OS
Docker Engine
App App App App
@omerbarel
10. As a runtime docker provide access to devices, file system, privileges, variables, functions, API etc.
App
Docker Engine
App
Dev Machine
App
Docker Engine
App App
Docker Engine
App
Infrastructure Agnostic
@omerbarel
11. A container image is a lightweight, stand-alone, executable package of a
piece of software that includes everything needed to run it: code,
runtime, system tools, system libraries, settings.
A container image is a template used to provision a container instance
A container is an instantiation of the image
One can create multiple container instances from a single image
Container Image vs. Instance
@omerbarel
12. Image registries are a centralized place to store and retrieve images.
There are many solutions out there, one of the most known one is Docker Hub.
Image registries
@omerbarel
13. Push Pull
Basic Docker Workflow
FROM ubuntu
CMD ["/usr/bin/mongod“]
RUN apt-key adv
COPY /file /dir/file
Build
@omerbarel
16. Return of Investment and Cost Savings
Docker can help facilitate this type of savings by dramatically reducing
infrastructure resources. The nature of Docker is that fewer resources are
necessary to run the same application.
Benefits of Docker
@omerbarel
17. Return of Investment and Cost Savings
Standardization and Productivity
Docker containers ensure consistency across multiple
development and release cycles, standardizing your environment.
Docker provides repeatable development, build, test, and
production environments.
Benefits of Docker
@omerbarel
18. Return of Investment and Cost Savings
Standardization and Productivity
CI Efficiency
Docker enables you to build a container image and use that same
image across every step of the deployment process. A huge
benefit of this is the ability to separate non-dependent steps and
run them in parallel. The length of time it takes from build to
production can be sped up notably.
Benefits of Docker
@omerbarel
19. Return of Investment and Cost Savings
Standardization and Productivity
CI Efficiency
Compatibility and Maintainability
Eliminate the “it works on my machine” problem once and for all.
Benefits of Docker
@omerbarel
20. Return of Investment and Cost Savings
Standardization and Productivity
CI Efficiency
Compatibility and Maintainability
Portability
Well, docker container can run wherever docker engine is installed
Benefits of Docker
@omerbarel
21. Return of Investment and Cost Savings
Standardization and Productivity
CI Efficiency
Compatibility and Maintainability
Portability
Docker ensures your applications and resources are isolated and
segregated. Docker makes sure each container has its own
resources that are isolated from other containers.
Isolation
Benefits of Docker
@omerbarel
22. Return of Investment and Cost Savings
Standardization and Productivity
CI Efficiency
Compatibility and Maintainability
Portability
No Docker container can look into processes running inside
another container. From an architectural point of view, each
container gets its own set of resources ranging from processing to
network stacks.
Isolation
Benefits of Docker
Security
@omerbarel
23. How can I find the services I need?
What if it moves?
Which instance do I use if there are multiple instances?
Is my service up & running?
What I have to do if it is not running?
How can I scale my services?
How do I spread my workload against multiple instances?
How can I introduce new version of services without impacting existing users?
How can I test against failures?
How does the failure of one service affect other instances of the same service?
How does the failure of one service affect other related services?
How can I protect against catastrophic failure?
Prevent the failure of one service taking everything down…
How will data be synchronized across the system?
Challenges of Microservices
@omerbarel
24. Service discovery
Data Store
Security
Monitoring
Log aggregation
Exception tracking
Auditing
Metrics aggregation
Alerting
Distributed tracing
Deployment
The key concern is not how to avoid failure,
but how to deal with failure.
Challenges of Microservices
@omerbarel
26. Greek for helmsman
Based on Borg, Google internal container
management system
First announced by Google in mid-2014
v1.0 released in July 21st, 2015 and donated to
the development community (CNCF)
A trip down memory lane
@omerbarel
27. 8: The numbers of characters between the “K”
and the “S” in Kubernetes, thus K8s
388,100: The number of comments on the
Kubernetes repository on GitHub during 2017
(making it the most-discussed repository)
60%: The percentage of users who use
Kubernetes in production applications (The New
Stack’s 2017 Kubernetes Survey)
72%: The percentage of enterprises who use
Kubernetes in production (The New Stack’s 2017
Kubernetes Survey)
Kubernetes by the numbers
@omerbarel
28. Kubernetes is an open source system for managing
containerized applications across multiple hosts,
providing basic mechanisms for deployment,
maintenance, and scaling of applications.
What’s Kubernetes
@omerbarel
29. Enables you to focus on building awesome
applications while alleviating the ops stress
What’s in it for you
@omerbarel
30. Key Concepts
Container Orchestration
The simplicity of PaaS with the flexibility of IaaS
Enables portability across infrastructure providers
Reconciliation Loops
Drive current state → desired state
Self-healing, automagically observe
diff
act
@omerbarel
32. Core primitives
Pod
Container
Small group containing 1 or more tightly-
coupled containers, using shared storage
and network
Use cases:
Master & Worker (Dependency)
Data producer and provider (Shared Storage)
Close proximity for low-latency
Pod
@omerbarel
33. Core primitives
Declaratively manage the lifecycle of
the micro service:
Creation
Scaling
Upgrade
Rollback
Termination
Contains Pods and ReplicaSets
Deployment
Deployment
ReplicaSet
Pod
Container
@omerbarel
34. Core primitives
Pods are ephemeral. wait, wait. WHAT???
They’re created and terminated
automagically, based on state changes
Their IP and name changes
Service establishes a persistent endpoint
for Pods
Allows internal and external access to
Pods (NodePort, ClusetrIP, LoadBalancer)
Labels and Selectors connects between
Service and Pods
Service
Service
Pod
Container
Pod
Container
Pod
Container
@omerbarel
Dockerfile is a plain-text file, consists of instructions for the docker-engine on how to build the image.
Dockerfile will placed in a directory where all of the artifacts that should be part of our image are placed. The image will also include the artifacts in the subdirectories.