docker primer + panamaxfiles.meetup.com/14944812/devopsmeetuppres.pdf · docker primer + panamax...

Docker Primer + Panamax

Pat Cox - CenturyLink Labs

patocox

@patrickocox

What is Docker?

How to get started… The Docker Hub

Running a container

Building a Dockerfile

Best practices for Image creation

Application building/Linking Containers

How is it different from VMs?

Objectives

Docker and DevOps

What is Docker

“Containerize” “Lightweight Virtualization”

What is Docker?

Self-contained execution environment

Shared kernel of host system

Isolated from other containers

Fast boot time & low overhead

Virtual Machines vs. Docker

Virtual(Machines(Each%virtualized%applica0on%includes%an%en0re%guest%opera0ng%system%7%which%may%weigh%10s%of%GB.%

Docker(The%Docker%Engine%container%comprises%just%the%applica0on%and%its%dependencies.%It%runs%as%an%isolated%process%in%userspace%on%the%host%opera0ng%system,%sharing%the%kernel%with%other%containers.%%

•  own%process%space%%•  own%network%interface%%•  can%run%stuff%as%root%%•  can%have%its%own%/sbin/init%(different%from%the%host)%%%

VIRTUALIZATION VS. DOCKER

libcontainer (or LXC) - container format

namespaces - isolation

cgroups - sharing

unionfs - layering

Anything else? You need to use a lightweight VM.

Pro Tip: Boot2Docker (OSX and Windows)

Installing Docker

Linux? Install Docker with official packages.

CLI

REST API

docs.docker.com

registry.hub.docker.com

Building a Dockerfile

Best practices for Image creation

• Be Flexible • Know your sources • Be specific • Optimize your Image • Publish your Dockerfile • No Confidential info • Documentation

Application Architecture with Docker

Simply put, Docker architecture is service-oriented architecture.

If a service fails, new containers can be spun up in milliseconds.

DBWeb

One Service, One Container

Bind 8080:80 Expose 3306

link

One Service, One Container

DBWeb

Configuration can happen in two places:

The Dockerfile, by baking config options into the service’s base image

The docker run string, by specifying configuration options with various flags

Configuring an Application

Bind 8080:80 Expose 3306

One Service, One Container

link DBWeb

Bind 8080:80

FROM centurylink/ruby-base:2.1.2

RUN mkdir -p /usr/src/app ADD . /usr/src/app

WORKDIR /usr/src/app RUN bundle install

CMD ["ruby", "app.rb"]

The Dockerfile

Link: DB

Web

Bind 8080:80

FROM centurylink/ruby-base:2.1.2

ENV PASSWORD superSeCrEt11!

RUN mkdir -p /usr/src/app ADD . /usr/src/app

WORKDIR /usr/src/app RUN bundle install

CMD ["ruby", "hello_world.rb"]

The Dockerfile

Link: DB

Web

Bind 8080:4567Link: DB

The Docker Run String

Webdocker run -p 8080:80 -e “PASSWORD= superSeCrEt11!” —-link db:db my-image

Docker Weak Spots• Managing interactions between

containers and networks • Security immature • Barriers to conversion • Container orchestration in clustered env

lacking

Docker and DevOps

• Component conflicts in VM stack i.e. Java versions

• Locked into a certified distro for a certain component on stack

• Difficult migrations to new component • Diffs between DEV environments and

PRO

Issues in traditional VM stacks

Whats in it for DevOps?

• Better control and consistency of environments from DEV to PRO by separating ‘Ops’ functions

• Avoid complexities/conflicts in VM stack • Leverage CI/Automated Build

Functionality

Use Image/Container deployment• Linux base host • Docker Engine • App Container; Logging Container;

Backup Container; Metrics Container… • Build and distribute these ‘certified’

images to Dev team

Panamax Demo

What is Panamax?A containerized Docker application, with an intuitive UI, for orchestrating multi-container micro-service architected applications.

100% open source project, by CenturyLink

Panamax provides: a Development Workflow for orchestrating apps a Deployment plugin architecture to deploy remotely an easy-to-use, intuitive user interface drag-and-drop orchestration one-click deployment to remote clusters search integration with Private Registries an open-source Docker App Marketplace

Why Panamax?Docker might be the next generation of virtual machines, but right now they are very hard to adopt.

Docker Management for Humans

Eases end users into building containerized apps using Docker, by ‘transparently insulating’ them

Enables saving applications as templates, and sharing them using GitHub repositories

Allows quick prototyping of complex apps by linking various services

One-click deployment of applications from templates to remote Kubernetes or CoreOS/Fleet clusters

33

A Peek Inside

Panamax is a multi-container

Docker application

Additional Resources

Centurylink Labs: www.centurylinklabs.com

Panamax: panamax.io

GIT Repo: github.com/CenturyLinkLabs/panamax-ui

Docker Repo: registry.hub.docker.com/repos/centurylink