Docker Container As A Service - JAX 2016
•Download as PPTX, PDF•
19 likes•11,246 views
Docker Container As A Service X11 Linux apps on mac in a container. In container Java development with STS or Eclipse in a container. Docker UCP and swarm load balancing with Interlock.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Docker Container As A Service - JAX 2016
Similar to Docker Container As A Service - JAX 2016 (20)
More from Patrick Chanezon
More from Patrick Chanezon (20)
Recently uploaded
Recently uploaded (20)
Docker Container As A Service - JAX 2016
- 1. Container as a Service with Docker Patrick Chanezon, Docker Inc. @chanezon
- 2. French Polyglot Platforms Software Plumber San Francisco Developer Relations @chanezon
- 3. 1995 2015
- 4. “The future is already here — it's just not very evenly distributed” William Gibson, Neuromancer
- 5. Docker’s mission is to build tools of mass innovation
- 6. Internet (hardware layer) Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system Programmers Internet (software layer) App App App App App App App App App App App App App App App App App App App App App App App App App App App App
- 7. Internet (hardware layer) Servers Desktops Phones Cars Houses Drones Network equipment Public transit TVs Industrial facilities Scientific instruments Financial system Programmers App App App App App App App App App App App App App App App App App App App App App App App App App App App App a software layer to program the internet
- 8. Cloud Market PublicHybridPrivate IT Pros Devops DevelopersArchitects
- 10. Devops
- 11. 25 Mainframe
- 12. Client-Server 26
- 13. 27 Web
- 15. 25 Mainframe
- 16. Devops • Cultural movement • Inspired by agile methods • People, Processes & Tools • Continuous delivery • Infrastructure as code • Cross silo collaboration • Small iterations • Feedback loop, measurement Image from Patrick Debois http://www.slideshare.net/jedi4ever/devops-the-war-is-over-if-you-want-it http://www.slideshare.net/jedi4ever/devopsdays-downundervfinal
- 21. Low MTBIAMSH MTBIAMSH (Mean Time Between Idea And Making Stuff Happen)
- 22. Devops + Agility == $$
- 23. Docker
- 26. Isolation using Linux kernel features namespaces pid mnt net uts ipc user cgroups memory cpu blkio devices
- 27. Image layers
- 28. Docker Mission
- 30. docker-compose: running multiple containers Run your stack with one command: docker-compose up Describe your stack with one file: docker-compose.yml web: build: . command: python app.py ports: - "5000:5000" volumes: - .:/code links: - redis:redis redis: image: redis
- 31. Docker for Mac and Windows private beta https://beta.docker.com/
- 34. unset ${!DOCKER_*} docker.local symlink /var/tmp/docker.sock manages default IP xxx.xxx.xxx.xxx manages DOCKER_HOST=tcp://xxx.xxx.xxx.xxx:2376 DOCKER_MACHINE_NAME=default DOCKER_TLS_VERIFY=1 DOCKER_CERT_PATH=$HOME/.docker/machine/machines/default Docker for Mac and Toolbox
- 35. Linux X11 Apps on Docker for Mac https://github.com/chanezon/docker-tips/x11
- 36. docker-machine docker-machine create -d azure —azure-subscription-id="c4f51be3-784c-xxx-7c50ad9e1b7c" --azure-subscription-cert="/Users/pat/.ssh/docker-azure- cert.pem" --azure-location="East US" --azure-size=Small --azure-username="pat" pat-docker-machine-n
- 38. Kitematic
- 39. Docker Mission
- 40. Docker Hub
- 41. Docker Hub Dev & QA ColleaguesDevelopers QA Build & Ship
- 44. Docker Mission
- 45. Swarm Scheduler plugins Engine Volumes plugins Network plugins Service discovery plugins Engine Volumes plugins Network plugins Service discovery plugins mesos flockerglusterfs weavecalico consuletcdzookeeper midokuraciscoazurenuagenetworks Docker Plugins Batteries included but removable
- 48. Swarm load balancing: interlock https://github.com/ehazlett/interlock/tree/master/plugins/haproxy
- 50. 52 Docker Cloud
- 51. Open Standards
- 53. Plumbing
- 54. Notary “Let’s stop using curl|sh” Trusted collections for any content Transport-agnostic Reliable updates, proof of origin, resistant to untrusted transport, survivable key compromise Build on industry-leading standards and research
- 55. RunC The universal container runtime https://runc.io
- 56. containerd A daemon to control runC built for performance and density http://containerd.tools/
- 57. containerd
- 58. Docker 1.11
- 60. Docker & Microsoft • Build • Docker Toolbox & Kitematic for Windows • Docker for Windows beta • Docker engine on Windows Server 2016 TP4 • yo-docker to dockerize existing projects • Visual Studio Docker Tools • Ship • VSTS extension for Docker beta • Run • Azure Docker agent • ACS • Docker datacenter on Azure ARM template
- 61. Unikernels
- 62. Unikernel Systems + Docker
- 64. Unikernels specialised, single-address-space machine images constructed by using library operating systems. • Smaller • link only the parts of the OS lib you need • Faster • fast boot • compiler can perform whole-system optimization • More secure • reduced attack surface
- 66. Docker CaaS
- 67. The Docker mission Build Ship Run Anywhere Distributed Applications 70
- 68. XaaS Pyramid Platform As A Service Infrastructure As A Service Software As A Service
- 71. 5 Goldilocks and the 3 XaaS Just rightToo highToo low IaaS PaaS CaaS
- 72. 5 Goldilocks and the 3 XaaS Platform As A Service Infrastructure As A Service Software As A Service Too high Too low Just right Container As A Service
- 73. 5 Goldilocks and the 3 XaaS Container As A Service Infrastructure As A Service Software As A Service
- 74. Docker Containers as a Service (CaaS) An IT managed and secure application content and infrastructure where developers can self service build and deploy applications
- 75. The Docker Journey: The Power of AND 78 Manage and secure at scale Frictionless movement Innovation at speed + +Agility Portability Control
- 76. Docker survey 2016 - Enabling the Software Supply Chain 79
- 77. Lessons learned: Avoid these pitfalls 1 2 3 Developers don’t adopt locked down systems Existing “end to end” solutions break the Docker experience Beware of lock-in and loss of portability 80
- 78. Let’s Play: Where’s Whaledo
- 79. in Google Container Engine? $ docker build -t gcr.io/${PROJECT_ID}/hello-node . $ gcloud docker push gcr.io/${PROJECT_ID}/hello-node $ gcloud container clusters create hello-world --num-nodes 1 --machine-type g1-small $ kubectl run hello-node -- image=gcr.io/${PROJECT_ID}/hello-node --port=8080 $ kubectl get services hello-node $ kubectl scale rc hello-node --replicas=3 https://cloud.google.com/container-engine/docs/tutorials/hello-node
- 80. in Kubernetes?
- 81. in EC2 Container Service? $ ecs-cli up --keypair id_rsa --capability-iam —size 2 --instance-type t2.medium create a compose file $ ecs-cli compose --file hello-world.yml up $ ecs-cli ps $ ecs-cli compose --file hello-world.yml scale 2 $ ecs-cli compose --file hello-world.yml service up http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_CLI_tutorial.html
- 82. in Red Hat? $ ./openshift kube apply -c docker-registry-config.json OpenShift relies on the concept of Builds to turn your application source into a runnable Docker image $ ./openshift kube create buildConfigs -c application- buildconfig.json $ curl -s -A "GitHub-Hookshot/github" -H "Content- Type:application/json" -H "X-Github-Event:push" -d @github- webhook-example.json http://localhost:8080/osapi/v1beta1/buildConfigHooks/build100/se cret101/github $ ./openshift kube process -c application-template.json | ./openshift kube apply -c - https://blog.openshift.com/openshift-v3-deep-dive-docker-kubernetes/
- 84. in Pivotal Cloud Foundry? $cf api --skip-ssl-validation api.bosh-lite.com $cf auth admin admin $cf create-org diego $cf target -o diego $cf create-space diego $cf target -s diego $cf push my-app --no-start $cf start my-app https://github.com/cloudfoundry-incubator/diego-release
- 85. in Pivotal Cloud Foundry? runC
- 86. Developers IT Operations BUILD Developer Workflows SHIP Secure Content & Collaboration RUN Deploy, Manage, Scale Docker CaaS Platform
- 87. Docker Containers as a Service platform 90 BUILD Developer Workflows SHIP Registry Services RUN Management Docker Toolbox Docker Trusted Registry Docker Universal Control Plane Docker Cloud Docker Engine Ecosystem Plugins and Integrations
- 88. Characteristics of a CaaS 91 Any Infrastructure Any Operating System Any Language Any App Architecture Any Application Stage Developers + IT Ops The Power of AND Open APIs Broadest Ecosystem Support
- 89. Docker accelerates modern app initiatives Cloud Microservices 80% Docker is central to cloud strategy State of App development Survey: Q1 - 2016 3 out 4 Top initiatives revolve around applications 44% Looking to adopt DevOpsDevOps 92
- 90. Use Case: Decentralized CaaS for hybrid and multi cloud portability Private datacenter for regulated apps Central Portal • Provision resources • RBAC to VPC / datacenter • Trusted Registry hosted application templates Cloud for all other apps VPC 1 VPC2 App 1 App 2 App App 1 App 2 App Cloud Portability App Portability
- 91. Use Case: Centralized CaaS for transformation to DevOps and micro services After Authorization App Registration Session Management Marketplace Integration Logging …more Trusted RegistryApp Service App Service App A App B Auth …more App Reg Marketplace Logging Auth Session …more App Reg Logging Before App Teams App BAuth App Reg Marketplace Logging App Service Universal Control Plane App AAuth App Reg Marketplace Logging App Service App BAuth App Reg Marketplace Logging App Service App AAuth App Reg Marketplace Logging App Service Portability
- 92. Demos
- 93. • Docker Swarm, Compose and networking • docker 1.11 • swarm 1.1.0 • compose 1.6.0 with networking • Run/Debug with STS IDE in a container Spring Boot App using MongoDB https://github.com/joshlong/spring-doge https://github.com/chanezon/docker-tips/orchestration-networking https://github.com/chanezon/spring-doge
- 94. Docker Universal Control Plane https://github.com/chanezon/docker-tips/tree/master/azure-acs-ucp
- 95. Load balancing in UCP with Interlock See "Reference Architecture: Service Discovery and Load Balancing with Docker Universal Control Plane (UCP)"
- 96. ucp-controller Cloud LB ucp-node-1 ucp-node-2 Cloud LB etcd InterlockSwarm ucp-proxy nginx nginx Configuration Reconfigures myapp:314 myapp:42 myapp:1968 myapp.comdocker run myapp Load balancing in UCP with Interlock https://github.com/chanezon/docker-tips/orchestration-networking Interlock Events
- 97. THANK YOU
- 98. Let’s Dockerize a Neo4J App https://github.com/neo4j-examples/movies-java-spring-data-neo4j-4
- 99. • Service Discovery • https://github.com/gliderlabs/registrator • https://github.com/hashicorp/consul-template • https://github.com/ehazlett/interlock • Persistent volumes with Swarm and Rex Ray on AWS • http://blog.emccode.com/2015/11/03/use-docker-swarm-with-a-data- persistence-layer/ • https://github.com/emccode/rexray • Kubernetes on Swarm • https://github.com/docker/swarm-frontends Orchestration projects
- 100. • IPVS, Andrey Sibiryov, http://www.slideshare.net/Docker/kernel-load- balancing-for-docker-containers-using-ipvs • DNS Service Discovery for Docker Swarm, Ahmet Alp Balkan, http://www.slideshare.net/Docker/dns-service-discovery-for-docker-swarm Load Balancing
- 101. • Spring Boot, MongoDB, compose, swarm, networking • https://github.com/joshlong/spring-doge • https://github.com/chanezon/docker-tips/orchestration-networking • Java EE 7 / Angular App with Docker Swarm by @mgreau Compose for build and deploy, Wildfly, Apache, Angular, Mysql, Redis, batch and API apps • https://github.com/mgreau/docker4dev-tennistour-app • Java EE Docker & Kubernetes by @arun-gupta • https://github.com/javaee-samples/docker-java Java Examples
- 102. • Docs https://docs.docker.com/engine/userguide/networking/dockerne tworks/ • Create a Swarm cluster with networking https://github.com/chanezon/docker-tips/orchestration- networking • Networking in compose https://github.com/docker/compose/blob/master/docs/networki ng.md • Nathan Leclaire Seamless Docker Multihost Overlay Networking on DigitalOcean With Machine, Swarm, and Compose, Docker networking
- 103. • Using Ansible with Docker Machine to Bootstrap Host Nodes http://nathanleclaire.com/blog/2015/11/10/using-ansible-with- docker-machine-to-bootstrap-host-nodes/ • Seamless Docker Multihost Overlay Networking on DigitalOcean With Machine, Swarm, and Compose, RethinkDB http://nathanleclaire.com/blog/2015/11/17/seamless-docker- multihost-overlay-networking-on-digitalocean-with-machine- swarm-and-compose-ft.-rethinkdb/ Nathan’s tips
Editor's Notes
- Their customer loves the apps they are building so fast for him: George sees $$ glint in his eyes!
- George relishes complexity. Nobody understands how the system works... apart from him.
- QWERTY 3.0 is a disaster, 2 years late
- Docker Hub is Docker’s cloud service for … Publishing and discovering container images through the public registry Team collaboration and automation of application workflows
- … and to make all this easy to configure and manage, Docker Trusted Registry also features a web-based admin GUI … for insights into the state of the DTR host …
- The Docker mission is enable organizations to build, ship and run distributed applications anywhere.
- The Docker CaaS platform delivers these benefits for organizations and is already proven by the thousands of organizations who embarked on the Docker journey starting in 2013 Agility – The speed and simplicity of Docker is what originally drew developers to Docker. They were fundamentally able to ship more software faster. This fundamentally changed the way in which companies could innovate - ING went from shipping once every 9 months to shipping over 1,500 times a year by adoption Docker and DevOps - CapitalOne was able to use Docker to transform how they use data to empower their data scientists and business decisions. Portability – Just by the nature of the Docker technology, these developers realized they could easily move that containerized app from dev to test and ultimately to prod without any issue. No more finger pointing about why the app that worked fine in dev doesn’t work in prod. Having the app and dependencies packaged together made the container a self contained and independent unit. And beyond that, teams realized they could also move these apps across data centers and clouds – giving them a level of freedom and leverage not possible before. No more lock-in. The combination of agility and portability led to the #1 most popular use case for Docker – Continuous Integration. But that’s only half the value. To realize the full value of Docker, these apps need to move to production and new requirements around manageability, security and monitoring are required to enforce SLAs. Control – The Docker platform is the only solution that provides Agility AND Portability AND Control. Docker standardizes your application environment, with native tooling to manage the infrastructure and applications. And we provide you the levers so YOU can decide how much control and freedom is appropriate for YOUR business. We don’t prescribe that for you. Our tools help unify your heterogeneous infrastructure, languages and systems.
- The Docker CaaS platform delivers these benefits for organizations and is already proven by the thousands of organizations who embarked on the Docker journey starting in 2013 Agility – The speed and simplicity of Docker is what originally drew developers to Docker. They were fundamentally able to ship more software faster. This fundamentally changed the way in which companies could innovate - ING went from shipping once every 9 months to shipping over 1,500 times a year by adoption Docker and DevOps - CapitalOne was able to use Docker to transform how they use data to empower their data scientists and business decisions. Portability – Just by the nature of the Docker technology, these developers realized they could easily move that containerized app from dev to test and ultimately to prod without any issue. No more finger pointing about why the app that worked fine in dev doesn’t work in prod. Having the app and dependencies packaged together made the container a self contained and independent unit. And beyond that, teams realized they could also move these apps across data centers and clouds – giving them a level of freedom and leverage not possible before. No more lock-in. The combination of agility and portability led to the #1 most popular use case for Docker – Continuous Integration. But that’s only half the value. To realize the full value of Docker, these apps need to move to production and new requirements around manageability, security and monitoring are required to enforce SLAs. Control – The Docker platform is the only solution that provides Agility AND Portability AND Control. Docker standardizes your application environment, with native tooling to manage the infrastructure and applications. And we provide you the levers so YOU can decide how much control and freedom is appropriate for YOUR business. We don’t prescribe that for you. Our tools help unify your heterogeneous infrastructure, languages and systems.
- To do that, we can accelerate our path by learning from those who have traveled this path before and avoid common pitfalls when investigating solutions. An environment that is too locked down becomes a hassle for developers and adoption will suffer. Shadow IT behavior will emerge and developers will start creating new tools and processes to be able to use the languages they need and complete their work. EXAMPLE: BBC News had a locked down CI environment that did not include the tooling needed by many of the developers so the team created a side process to use the languages they needed. That not only went outside the official systems but then added a few days to each CI job. 2) Many of the existing solutions on the market are either too opinionated of a PaaS or are cobbled together solutions with a number of different products. These solutions can be difficult to deploy and manage over time. More specifically, many of them support the Docker format or take the Docker code and customize it for their solution environment. This can break not only the developer experience but also the ops side of the experience because they only supporting parts of the Docker API – so the user will not experience the desired behavior in all situations. This also breaks the ecosystem because the hundreds of partners building to the API may have compatibility issues against these solutions. 3) Portability is a default requirement for distributed applications. As the content creator, you must retain control of where that app lives and your ability to move it from environment to environment, to a different team and to different infrastructure providers. Other pitfalls… Developers will run entire application lifecycle outside of infra ops (shadow IT) Infrastructure-centric “container solutions” break developer experience Organizational finger-pointing is compounded because of stifled productivity Legacy applications get overlooked Gilt also shares the example where emphasizing control lead to a “cycle of suck” where they were taking longer to ship and with less innovation
- Local development environments Self service app images Build, Test, Deploy applications Define app behavior and infra needs Registry services for image storage, management and distribution IT Ops maintains library of secure base content Manage role based access to repos/images Management consoles Provision, manage infrastructure resources Monitor, manage, scale infrastructure and applications
- Docker is the only solution to give you agility, control and portability for all your distributed apps. The right choice in helping transform your business into an agile business. The platform is the only commercially supported Docker solution available on the market today. Other vendors who state they support Docker is not actually providing technical support and maintenance into the Docker product code. Docker is the only commercial yet open platform that gives you the operational flexibility you need. And unlike other solutions, Docker is… Language agnostic: C, Java, Phython, PHP, Go…. Infrastructure agnostic: on-prem, cloud, virtual, bare metal All stages: from dev to test to release engineering to production Any OS: Linux, Windows, Solaris Docker enables agile distributed applications in production to create agile companies
- Software is the lifeblood of your organization, whether automating internal processes or creating unique and engaging ways for you to service your customer, every company considers themselves a “digital” or “tech” company to some extent. To that end, many organizations like yours are looking at strategies to… - Modernize their apps (refactor or build cloud native apps) - Adopt microservces / distributed app architectures - migrate to containers - Cloud adoption, migration or multi cloud approaches But getting tthere isn’t always easy becuase you have legacy applications and envrionment to take care while you try to do new innovatinv things. Your organizational processes might not be ready to go all in and how do you avoid the worries of just getting locked into a cloud from your datacenter?
- This leading phahas a hybrid cloud environment and would like to have a portal to completely abstract away the infrastructure details from their app teams. This way in the portal they request compute resources. Depending on if the app is regulated or not, the actual provisioning and deployment will happen to either an AWS VPC or their private datacenter. In addition to the portal, J&J would like to add a central IT managed marketplace to get app templates and images to help the teams get started. Once provisioned, the actual deployment and ongoing management is de-centralized and owned by the application teams. Use Cases - Developer self service - Hybrid cloud portability - Multi cloud environment Why Docker? App portability is a MUST. Over time they want the option to move the DC apps to cthe cloud as regulations change. Additionally they have already added Azure to their environment and would like to be able to move apps to the new clouds.
- ADP operates in a more traditional centralized IT model where IT manages and operates the application and environment ongoing. ADP looked at Docker as they began their transition to DevOps. They were interested in gaining more efficiencies and re-use of code by moving to a shared services model instead of monoliths with a lot of repeat services. ADP has OpenStack for their private cloud and AWS for their public cloud. As part of the transition, ADP would will setup a central marketplace where the shared services apps are available for the app teams. In the ADP example both the environment and ongoing management remains centralized. Use Cases - Transition to Micro services - Enable Dev Ops - CI/CD Why Docker? Need app portability so they can choose to move across AWS / Openstack