luciano fiandesio - docker 101 | codemotion milan 2015
Post on 11-Apr-2017
272 Views
Preview:
TRANSCRIPT
DOCKER 101
FROM 0 TO DOCKER IN 30 MINUTES
/ Luciano Fiandesio @ishipsoftware
WHO'S LUCIANOGeneralist25 years of software developmentConsulting on lightweight approach tosoftware factoryAuthor of "Groovy 2 Cookbook" for PacktDadgithub: https://github.com/lucianofiandesio
ABOUT YOU
AGENDAWhat is DockerDocker componentsLive DemoAdditional resources
DOCKER STATS
25.000 Github stars425M+ Docker Engine downloads100.000+ Dockerized applications on DockerHub180+ Docker Meetup Groups in 50 countries950 community contributors50.000 3rd party projects on Github usingDocker in PAAS, OS, CI etc.
WHAT IS DOCKER?Docker vs. Virtualization
THIS IS WHAT MAKES DOCKER SOPOWERFUL
LXC CONTAINERS
Available in modern kernels since 2008Generically isolates resource usage (CPU,memory, disk, network)Guarantee resources to app/set of appsCan be adjusted on the flyCan monitor the cgroup itself to seeutilization
KERNEL NAMESPACES
Isolating views of the systemCan make a process think it’s the only processBuilt-in way to "virtualize" a process
KERNEL NAMESPACES
mnt (mount points, filesystem)
pid (processes)
net (network stack)
ipc (inter-process comms)
uts (hostname)
user (UIDs)
CGROUPS - CONTROL GROUPS
Built into KernelGenerically isolates resource usage (CPU,memory, disk, network)Guarantee resources to app/set of appsCan be adjusted on the flyCan monitor the cgroup itself to seeutilization
WHAT ABOUT PERFORMANCES?
Processes are isolated, but run directly onthe hostCPU - native performanceMemory - a few % required for bean keepingNetwork - small overhead, can be reducedto 0
TO RECAP
Content Agnostic
Hardware Agnostic
Content Isolation
Automation
Highly Efficient
Separation of Concerns
DOCKER CONCEPTS
DOCKER ENGINE
Docker is a simple client/server applicationA Docker client talks to a Docker daemon,which execute the workDocker executables are written in GoThe Docker daemon also exposes a RESTFulAPIBoth client and server must be executed asroot!
DOCKER IMAGES
Read-only templates from which containersare launched fromEach image consists of a series of layersusing the Union File SystemWhen an image gets modified, a new layer iscreatedDocker can also use additional file systems
HOW DOES AN IMAGE LOOK LIKE?
First the bootfs is loadedThen, the root fs ismounted (Ubuntu, etc) inread only modeThe remaining layers aremountedThanks to the UnionFS,the layers look like one FSFinally, when thecontainer is launched,Docker mounts a read-write layer
THINK OF IMAGES ARE THE SOURCECODE OF YOUR CONTAINERS!
DOCKER CONTAINERS
A container is started from an image, whichmay be locally created, cached locally, ordownloaded from a registryIt "looks & feels" like a VMRidicolously fast boot timeLow resource usage
CONTAINERS - GOOD TO KNOW
Containers are meant to run a single processDecouple applications into separatecontainers — one for each processDon’t install unnecessary packages: smallerimages!Build containers that are easy to replace
DOCKER FILES
Image representationsSimple syntax for describing an imageAutomate and script the image creationEasy to learn (looks like Shell!)Fast and reliable
DOCKERFILE EXAMPLE
# Version: 0.0.1
FROM ubuntu:14.04
MAINTAINER Rocky Balboa "rocky@gmail.com"
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80
RUN echo 'deb http://download-distro.mongodb.org/repo/ubuntu-upstart dist 10gen'
RUN apt-get update
# note the -y flag, for non interactive
RUN apt-get install -y mongodb-org
RUN mkdir -p /data/db
# This mongo instance will run in a container
# so it must be configured to accept connections from foreign hosts
RUN echo "bind_ip = 0.0.0.0" >> /etc/mongdodb.conf
EXPOSE 27017
# Set the default command for this image
CMD ["mongod"]
Build the image
docker build -t="balboa/mongo" .
DOCKER REGISTRY
Application dedicated to the storage anddistribution of your Docker imagesUseful when a company wants to shareimages internallyDocker offers a commercial version, named"Docker Trusted Registry"
DOCKER HUBA cloud hosted service from Docker thatprovides registry capabilities for public andprivate content.Useful for sharing images at large orcollaborating withing a teamUseful for automation workflows
DOCKER MACHINEA tool to simplify the automatic creation,configuration and management of Docker-enabled machines, wheter they are VMsrunning locally in Virtualbox or in a cloudprovider such AWS
$ create --driver virtualbox dev # start machine locally using virtualbox$ create --driver digitalocean dev-cloud # start machine locally using digitalocean
DOCKER COMPOSE
A tool for running multi-containerapplicationsSingle file configurationGreat for dev environments, CI, stagingWritten in Python, was Fig (acquired byDocker)Useful for building complex environments ina reproducible way
DEMO TIME!
DOCKER COMMAND LINE
$ docker search # search hub.docker.com for an image$ docker pull # download an image$ docker images # list all existing local images$ docker run # starts a container from an image$ docker ps # list running containers$ docker build # build an image from a docker file
SOME DOCKER 'RUN' FLAGS
-d # runs the container in detached mode (background process)-t # runs the container using a pseudo-tty-i # uses interactive mode--name # assign a name, instead of autogenerated one
START/KILL/REMOVE CONTAINERS
docker stop # stops a containerdocker start # starts a containerdocker attach # attach to a containerdocker remove # remove a containerdocker rmi # remove an image
CONTAINERS COMMUNICATION
Containers can be linked together (containerlinking)
Container linking works well on a single host,but large-scale systems need other discoverymechanisms.
$ docker run -d --name database -e MYSQL_ROOT_PASSWORD=root mysql
$ docker run -d --link database:db --name web runseb/hostname
$ docker run -d --link web:application --name lb nginx
CONTAINERS VOLUMES
Docker can mount host voulumes in read/writemode. Data are shared between host andcontainer
$ docker run -ti -v "$PWD":/shared ubuntu:14.04 /bin/bash
ADDITIONAL RESOURCES
WE JUST SCRATCHED THE SURFACE!
ECOSYSTEM
Orchestration
Clustering
Discovery
Cloud
Monitoring
Logging
Security
LINKSDocker training - Docker cheat sheet -
Docker cheat sheet -https://github.com/wsargent/docker-cheat-sheetMore links! -http://www.nkode.io/2014/08/24/valuable-docker-links.htmlDocker ecosystem - mind blowing -https://www.mindmeister.com/389671722/docker-ecosystemDocker videos -
http://training.docker.com/
https://github.com/wsargent/dockercheatsheet
https://www.youtube.com/user/dockerrun
top related