Docker is software that allows users to run applications securely isolated in containers to encapsulate services, libraries and configuration files. It was first released in 2013 and works across Windows, MacOS and Linux. Docker resources like images, containers, volumes and networks define how applications are built and run. Docker Compose and Swarm provide automation and orchestration for single node and multi-node setups respectively. Dockerfiles define application build instructions to create reusable images.

1. Docker &
stuff

2. So, what is docker?
Some short facts
› First release - March 13, 2013
› Written in – Go
›
Original author - Solomon Hykes
›
Business model – freemium
› Works on Windows, MacOS X,
Linux
2

3. Main docker resource types
› Volumes – describes virtual or physical storages from where data
will be readed or/and written
›
Networks – describes on what networks app is work
›
Containers – describes running applications instances
›
Images – describe resource that should be used for running or
building containers
› Secrets – describe file with information that is shared securely
with docker container
›
Configs – describe configuration files shared with instances
3

4. Docker flavors
4
●Docker ●Docker compose ●Docker swarm
●Management ●Manual ●Some automation ●Much more automation
●When use? ●Single applications ●Development ●Production
●Supported nodes ●Single ●Single ●Multiple
●Services configuration●None ●Yaml ●Yaml
●Depends on ●Docker, Python ●Docker

5. Docker compose vs Vagrant
5
●Docker compose ●Vagrant
●Target audience ●Development ●Development
●Virtual machine runs on ●Windows and Mac OS X ●Any OS
●VM Guest OS ●Some linux distribution ●Almost any
●Separated processes ●Yes ●No
●Depends on ●Docker, Python ●Ruby and any Virtual Machine like
Virtualbox
●Extensibility ●None ●Plugins
●File system speed
between host and guest
●Good only on linux ●Good with vmware

6. Stacks
6
Stack describes rules how to configure Docker resources

7. Some things about stacks
7
› Works on docker swarm and docker compose
› But has a bit different syntax for swarm and compose
› Supports config, secrets resources but if you updating services docker can
decide that such already exist and throws errors
›
Some functionality can be available in 2.x format version but can be not
available in 3.x (f.e. sysctls or volumes_from)

8. Dockerfile
8
Dockerfile describes actions needed to build container image

9. How usually docker image build
works?
9
Publish to
image
registry
Create
archive
from
layers
Execute
command
and build
layers
Read
dockerfile

10. How layer is build?
10
Execute command
Find changes
Save to archive

11. Some things about dockerfile
11
› Every RUN, COPY, ADD produces layer
› All other commands describes container properties
› Last FROM command also creates layer
›
ARG useful only when we need create multiple images based on command
line arguments (f.e. we need to generate multiple docker images for
multiple php versions)
› ENV command predefines environment variables that usually used as
recommended configuration way for running containers
› 42 layers is recommended maximum for one image.
› ENTRYPOINT describes command that should handle CMD execution, but
can be used also instead CMD
› When building container is possible to use only commands that exists
already in image
› Only one long-time process should be per image
›
Running background task in image is not recommended
› Layers can be shared between images

12. Challenges about how building
docker image
12
› How to test image if it works good enough
› How to create smaller image
› How to write autoconfiguration scripts for services that need to work
depending on existence of other services

13. Nodes
13
› Works only on docker swarm
› Describes physical machines where docker containers can be put
› Can work as master or slave
›
Slave nodes only run containers
›
Master nodes decides where to run and what to stop
› Master containers votes by themselves on actions so n+1 number in network
is needed
› Because Master supplies updates to slaves they need to have enough
network, CPU resources

14. Docker swarm problems
14
› No build-in shared volumes between nodes
› No build-in way modify sysctl and similar system options
› Uses multi-network networking model that is hard to security define
›
No build-in auto-scalling
›
Hard error debugging if there are some problems with resources
› Log command doesn’t work with supported networked logging systems
› No build-in autocleaning

15. Docker swarm alternatives
15

16. So, when is good idea to use
docker?
16
› You need temporally run some app (f.e. do CI task for assets compilation)
› You need to run same app with different application versions on same
machine
›
You want to easy limit resources for process (docker swarm and better tools)
›
You need to have possibility quickly revert to previous deployed version
› You need to have services versioning
› You need to use autoscaling per service (not per service group)

17. THANK
S!
Any questions?
17