derby devops meetup - november 7, 2017
TRANSCRIPT
Derby DevOps Meetup
Docker Containers, Microservices, Hands on Labs (11/7/2017)
Matt Bentley, Senior Solutions EngineerDocker, Inc
Agenda
• Docker Basics• Why Docker Containers?• Development with Docker• End to end CaaS Workflow• Hands on Labs• DockerCon Europe 2017 Recap• Q&A
Docker Basics
4
Some Docker vocabularyDocker ImageThe basis of a Docker container. Represents a full application
Docker ContainerThe standard unit in which the application service resides and executes
Docker Engine Creates, ships and runs Docker containers deployable on a physical or virtual, host locally, in a datacenter or cloud service provider
Registry Service (Docker Hub or Docker Trusted Registry)Cloud or server based storage and distribution service for your images
5
Docker File System• Logical file system by grouping different file system primitives into
branches (directories, file systems, subvolumes, snapshots)
• Each branch represents a layer in a Docker image
• Allows images to be constructed / deconstructed as needed vs. a huge monolithic image (ala traditional virtual machines)
• When a container is started a writeable layer is added to the “top” of the file system
6
Copy on Write
Super efficient:• Sub second instantiation times for containers• New container can take <1 Mb of space
Containers appears to be a copy of the original imageBut, it is really just a link to the original shared image
If someone writes a change to the file system, a copy of the affected file/directory is “copied up”
7
Build Efficient, Reusable Images• Utilize a hierarchical order of images
ubuntu
java
grails tomcat
appA appB
nginx nodejs
appA appB
Dockerfile – Linux Example
8
• Instructions on how to build a Docker image
• Looks very similar to “native” commands
• Important to optimize your Dockerfile
Dockerfile – Windows Example
9
10
What about data persistence?• Volumes allow you to specify a directory in the container that exists outside of the
docker file system structure
• Can be used to share (and persist) data between containers
• Directory persists after the container is deleted • Unless you explicitly delete it
• Can be created in a Dockerfile or via CLI
Docker Platform - The Vehicle for Modernization
Step 1:Consolidate
Save money via consolidation of VMs
Or cut out VM tax by running
Docker directly on baremetal
Step 2:Refresh Infra
Containers on modern infrastructure via Docker and
run on Synergy
Step 3:Enable Hybrid IT
Utilize portability of Dockerized apps to enable Hybrid IT strategy
Bare Metal
● Single app running on bare metal
● Average 15% utilization of infrastructure
Virtualization
● No multiple apps per server
● VM sprawl leads tosame 15-20% utilization
Containerization
● Containers run within VMs
● 50% consolidation of VMs
APP
1960s Bare Metal Servers Introduced 1999 VMware virtualization 2013 Docker
containers
12
Containers like VMs?• Bare metal = House
• VMs = Apartments
• Containers = Dorms
Docker
PlatformSpecific
PlatformIndependent
Comparing OS Architectures
Linux Control Groupscgroups
NamespacesPid, net, ipc, mnt, uts
Layer CapabilitiesUnion Filesystems: AUFS,
btrfs, vfs, zfs*,DeviceMapper
Other OS Functionality
Containerd + runC
Docker Engine
REST Interface
libcontainerd graphlibnetwork plugins
Windows Control GroupsJob objects
NamespacesObject Namespace,
Process Table, Networking
Layer CapabilitiesRegistry, Union like
filesystem extensions
Other OS Functionality
Compute Services
Docker Client Docker SwarmDocker Compose Docker Registry
Why Docker Containers?
Image RegistrySecurity scan& sign
Traditional
Third Party
Microservices
docker store
DEVELOPERS IT OPERATIONS
Control Plane
Docker EE CaaS for MTAAnd Beyond
Modernize Traditional Applications (MTA)
Fast
Accelerate deployment by 75%
Deploy 13x more often
Scale in seconds
Modernize Traditional Applications: Customer Benefits
Portable
Port legacy apps across hybrid infrastructure
Enable Hybrid or Multi-Cloud strategies
No change to app code
Efficient
Reduce total costs by 40-60%.
Consolidate VMs by 50%
Increase CPU performance by ~47%.
Secure
Secure apps across hybrid IT for compliance
Reduce attack surface area of legacy apps
One platform delivers one journey for all applications
1 Containerize Legacy ApplicationsLift and shift for portability and efficiency
2
3
Transform Legacy to Microservices Look for shared services to transform
Accelerate New ApplicationsGreenfield innovation
Development with Docker
Docker for Mac and Windows
• Utilize native hypervisor capabilities (xhyve & Hyper-V) to run Docker• Provide seamless local experience• Windows 10 and macOS El Capitan 10.11 and above supported
• Docker Toolbox still available for unsupported platforms
• Build and Test using same bits as deployed to production
IDE Integration
• Visual Studio 2017• Provide native integrations with Docker for building and running
applications• Build, run, and publish
• Java• IntelliJ, Netbeans, Eclipse
• Node.js
End to End CaaS Workflow
BUILDDevelopment Environments
SHIPRegistry: Secure Content &
Collaboration
RUNControl Plane: Deploy,
Orchestrate, Manage, Scale
IT OperationsDevelopers IT Operations
Docker CaaS Workflow
Hands on Labs
24
Hands on Labs
• Docker for Beginners• https://goo.gl/bxXmP1
• Docker Networking• https://goo.gl/kYgBXN
• Security Lab: Capabilities• https://goo.gl/Qe7SVv
• All Training Labs• https://goo.gl/X2R7ai
• Windows Support• https://goo.gl/dLY1Gn
Announcements
DockerCon Europe
Announcement Summary • Docker Momentum
• Kubernetes Support
• IBM Announcements
Docker Momentum
DockerHosts
21.0MGrowth in Docker
job listings
77K%Container downloads
24B
Industry Standards
The Docker Container Platform Enabling the Software Supply Chain• Diverse Applications• Disparate Infrastructure• Lifecycle Management• Orchestrate Complex Systems• Secure by Default• Edge / IoT• Serverless Anywhere
Announcing Kubernetes Support in the Docker Platform
DEVELOPERS OPERATORS
Applications
Infrastructure
The Docker Platform in a nutshell
INDEPENDENCE
OPENNESS
SIMPLICITY
Core Principles of the Docker Platform
Docker Enterprise Edition
Container Runtime
Orchestration
Developer Tools
Management Services
Docker Community Edition
Swarm
Docker Daemon
Applications
Infrastructure
Docker Enterprise Edition
Docker Community Edition
Docker Daemon
12
34
The best containerdevelopment workflow
The best enterprise container security and management
Native Kubernetes integration provides full ecosystem compatibility Industry-standard
container runtime
Docker with Swarm and Kubernetes
Test locally on Swarm and Kubernetes
Develop with Docker Community Edition on your workstation
Deploy to production in Swarm
Deploy to production in Kubernetes
Docker Community EditionAll in one development for Swarm and Kubernetes
AnnouncingNew MTA Program Partner
Expanding the Docker + IBM Partnership
IBM software available on Docker Store
Docker EE on IBM Cloud
MTA with IBM Global Services, IBM Cloud and
IBM Watson
Announcing IBM Softwarein the Docker Store
is WebSphere MQ Gateway
WebSphere Liberty
DB2 Developer C
DB2 Warehouse
Docker for IBM Cloud
Partners and the MTA Journey
Automation Tools
MTA: The Road Ahead
Application Types
Automation Tools
MTA: The Road Ahead
Application Types
Innovate at Your PacePoC First Apps in Production Production at Scale
Application
Deploy to Cloud
Microservices Serverless Other
Maintain Only Refactor Augment
Innovate at Your PacePoC First Apps in Production Production at Scale
Application
Deploy to Cloud
Microservices Serverless Other
Maintain Only Refactor Augment
Traditional Micro services ISV / COTS IoT
Big DataMLAI
...Serverless
Cloud VM BareMetal
EdgeDevice
Docker Platform
Traditional Micro services ISV / COTS IoT
Big DataMLAI
...Serverless
Cloud VM BareMetal
EdgeDevice
Docker Platform
docker.com/mta
docker.com/enterprise
docker.com/kubernetes
beta.docker.com
Learn More
Q&A
