docker zero

A BEGINNER’S JOURNEYContainers

Credits: http://bit.ly/1VKcNoZ

and Docker

Manuel de la Peña

Software Engineer @ Liferay Inc

Interested in: SW Engineering, Coding, Testing, DevOps

Credits:http://bit.ly/1V8Hpzx

The VM model

The Container model

Docker, Inc.

The High Level Picture

Credits: http://bit.ly/24xaXwK

Credits: http://bit.ly/1SP5iHw

It’s all about…applications

APPLICATION INFRASTRUCTURE

Credits: http://bit.ly/1OetMIn

• Dedicated Server

• Purchase order

• O.S. installs & licenses

• Rack positions

• Redundant power & network

VIRTUALISATIONTO THE RESCUE

Credits: http://bit.ly/1WOfjJU

• KVM, VMWare, Xen

• Hypervisor with multiple virtual machines

• VM’s looks, feels and tastes as a physical machines

THIS MODELIS UGLY…

Credits: http://bit.ly/23pCASq

UGLY BECAUSE OF THE O.S.

• The model is one app per VM and each VM requires one O.S.

• O.S. only exists to facilitate the application

• Footprint (CPU, RAM, disk space)

• Licensing if needed

• More O.S. is not adding more Business Value

Credits: http://bit.ly/23pCASq

Secure, isolated environmentMinimal O.S. serviceSome service controls

Credits: http://bit.ly/1SP5iHw

It’s all aboutapplications

CONTAINERSTO THE RESCUE

Credits: http://bit.ly/23pIymw

• Run on Linux machines*

• An application runs in the USER SPACE

• User Space: memory area where application and some drivers execute.

http://bit.ly/23pIymw

CONTAINER (OS-LEVEL)VIRTUALISATION

• Container model tries to run multiple applications creating multiple user spaces.

• Only one O.S. installed

• Share same instance of the Linux kernel in the host.



MORE LIGHTWEIGHTTHAN VM’S


Resources used beforewe install the app

Faster and more portable


A single containershould run a single app

or a single process.

Once the processof the container exitsso does the container.

Credits: http://bit.ly/23xrJWD

• Company under the technology/platform. Previously DotCloud, a PaaS company.

• Docker&Containers = RedHat/Ubuntu&Linux Kernel.

• It’s a package you can get support for.

• They provide a very uniform standard container runtime.

• Developers can code their applications in a local docker environment and move them to AWS, Azure, On-Premise.

• Think of Android Apps that run on tablet and phones.

• Internal project by Solomon Hykes, written in Go.

• Evolving to a platform:• Image format• Container Runtime (Docker Engine)• Registry (Docker Hub)• Clustering (Swarm)• Service Discovery (Compose)• Networking (libchan), etc.

FUTURE OF DOCKER

• Windows Containers

• Cannot create Windows containers on Linux kernel, and viceversa.

• Containers enforces microservices architecture. (single process inside single container approach)

HIGH LEVEL PICTURE

Took days or weeks to load

Broken or rooted Goods

Global Trade was high Cost and Risk

THE IMPORT/EXPORT NIGHTMARE

Development

Staging

Test Environment

Works on my Laptop!

APPLICATIONDELIVERY

Production

Malcolm P. MacLean, 1956Inventor of containers

Saved 25% cost insecurity and transport

Credits: http://bit.ly/1VQaocx

CONTAINERS ANDSHIPPING YARDS

ARE EFFICIENT AND SAFE

STANDARD

THE SHIPPING YARD ANALOGY

• Shipping Yard —> Docker Engine (Daemon or Runtime)

• Manifests —> Docker Images

• Containers —> Docker Containers

Engine, Imagesand Containersmake applicationdelivery happen

Credits: http://bit.ly/1UEiX8Z

DOCKER ENGINE(SHIPPING YARD)

• Application infrastructure and runtime dependencies standardised.

• Completely the same runtime environments from docker-host to docker-host.

• De-facto industry standard for containers.

DOCKER IMAGES(MANIFEST)

• Instructions on how to build containers (static definition with data and metadata), like VM templates.

• Its required to instantiate a container.

• Images can be categorised with tags, being latest the default.

• Maintainers tend to have the images as small as possible with minimum packages installed, just the needed to provide a functional runtime.

DOCKER CONTAINERS

• Running instances of images.

• Runtime.

• Linux machines*

• Container ID & Name

Run unchanged containers in your local machine or in production

Time to production decreased


OK, Docker engine, docker images, and docker containers, but…

Credits: http://bit.ly/1Zuy3Nv

Where do I get the images?

DOCKER REGISTRIES• Images are inside repositories, categorised with tags.

• Repositories live inside a registry.

• Docker Hub is the default public registry of Docker.

• There are official (trusted) repos: Redis, Fedora, Ubuntu, MongoDB…

• And non-official repos, from members of the docker community.

• Private registries.

https://hub.docker.com/r/mdelapenya/liferay-portal/tags/

Security concern

Trust the containers you use, it can contain malicious code


CONTAINERS ARE GOING TO DESTROY VIRTUAL MACHINES

Credits: http://bit.ly/1rxYtmS