introduction to docker & coreos - symfony user group cologne
DESCRIPTION
My introduction to Docker & CoreOS at Symfony User Group Cologne.TRANSCRIPT
![Page 1: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/1.jpg)
Introduction to Docker & CoreOS
Dennis Benkert@denderello
![Page 2: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/2.jpg)
Simple service orchestration, built for developers.
Based in Cologne, Germany.Ten terrific folks, and hiring!
http://giantswarm.io/
![Page 3: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/3.jpg)
What is Docker?
![Page 4: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/4.jpg)
Docker
● Isolation of processes in linux containers● Lightweight and fast● Portable
![Page 5: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/5.jpg)
Docker Technology
● Utilized LXC until version 0.9● Now uses libcontainer which e.g. supports
systemd-nspawn, libvirt-lxc, BSD-Jails, etc.● Copy-On-Write filesystem (e.g. AUFS or
BTRFS)● Written in Go
![Page 6: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/6.jpg)
Copy-On-Write filesystem
![Page 7: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/7.jpg)
Dockerfile
FROM ubuntu:14.04
RUN apt-get update && \
apt-get -y install redis-server
EXPOSE 6379
ENTRYPOINT ["/usr/bin/redis-server"]
![Page 8: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/8.jpg)
$ docker build -t denderello/redis .
$ docker run -d --name redis -p 6379:6379 \
denderello/redis
$ nc localhost 6379
Running containers
![Page 9: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/9.jpg)
What is CoreOS?
![Page 10: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/10.jpg)
CoreOS enables warehouse-scale computing on top of a minimal, modern operating system.A new Linux Distribution to provide features needed to run modern infrastructure stacks.
Minimal Linux
![Page 11: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/11.jpg)
Features
● Automatic Updates● Docker Containers● Cluster management● Service Discovery
![Page 12: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/12.jpg)
Linux Basis
● Based on Gentoo● systemd● btrfs● Images for PXE,
OpenStack, AWS, GCE, Vagrant
![Page 13: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/13.jpg)
“Immutable” System
● Read-only rootfs● Writeable overlay on /etc
![Page 14: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/14.jpg)
No classic package manager
● ChromeOS inspired update engine● Atomic Updates● Rollbacks● Using Docker to distribute software
![Page 15: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/15.jpg)
CoreOS own tools
● Etcd● Locksmith● Cloud-config● Flannel● Fleet
https://github.com/coreos
![Page 16: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/16.jpg)
EtcdA highly-available key value store for shared configuration and service discovery.
![Page 17: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/17.jpg)
Etcd
● Basis for> Configuration management> Service Discovery
● REST Interface● Raft consensus algorithm
http://raftconsensus.github.io/
![Page 18: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/18.jpg)
Etcd Cluster
![Page 19: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/19.jpg)
Discovery API
$> curl https://discovery.etcd.io/new
https://discovery.etcd.io/463c1435f9f63c952e0899b1f459c0fe
$> curl -s https://discovery.etcd.io/463c1435f9f63c952e0899b1f459c0fe | jq ".node.nodes[].value"
"http://172.31.19.1:7001"
"http://172.31.19.0:7001"
"http://172.31.18.255:7001"
![Page 20: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/20.jpg)
LocksmithReboot manager for the CoreOS update engine.
![Page 21: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/21.jpg)
Locksmith
● Reboot strategies for CoreOS updates● Uses etcd for distributed locks● Alpha, Beta, Stable channels
![Page 22: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/22.jpg)
Cloud ConfigCustomize a CoreOS machine through user-data.
![Page 23: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/23.jpg)
Cloud Config
● Initialization of your instances● Configure etcd, fleet, locksmith● YAML file● eg. EC2 user-data, Autoscaler launch-
config
![Page 24: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/24.jpg)
Configure your cluster
#cloud-config
coreos:
update:
reboot-strategy: etcd-lock
![Page 25: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/25.jpg)
Configure your cluster
#cloud-config
coreos:
update:
reboot-strategy: etcd-lock
etcd:
discovery: https://discovery.etcd.io/<token>
![Page 26: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/26.jpg)
Configure your cluster
#cloud-config
coreos:
update:
reboot-strategy: etcd-lock
etcd:
discovery: https://discovery.etcd.io/<token>
users:
- name: denderello
ssh-authorized-keys: ...
![Page 27: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/27.jpg)
FlannelOverlay networks backed by etcd.
![Page 28: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/28.jpg)
Cloud overlay network
● One subnet per machine● Get rid of docker port mapping● Let containers talk to each other via IP
addresses
![Page 29: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/29.jpg)
Backends
● Encapsulate packets in UDP● VXLAN implementation coming
![Page 30: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/30.jpg)
FleetSystemd for the cluster
![Page 31: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/31.jpg)
Fleet
● CLI and API to start your containers● Uses etcd and systemd
![Page 32: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/32.jpg)
Fleet deployment
![Page 33: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/33.jpg)
Fleet Scheduler
● Relatively simple> By meta data> Same machine/exclusion
● Resolve service dependencies!● More to come
> Resource management (CPU, memory etc.)
![Page 34: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/34.jpg)
Unit file
[Unit]
Description=A Redis Server
[Service]
TimeoutStartSec=0
ExecStartPre=/usr/bin/docker pull denderello/redis
ExecStart=/usr/bin/docker run --rm -p 6379 --name %n denderello/redis
ExecStop=/usr/bin/docker stop %n
![Page 35: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/35.jpg)
Manage a service
$> fleetctl start redis.service
$> fleetctl list-units
$> fleetctl status redis.service
$> fleetctl journal redis.service
$> fleetctl stop redis.service
$> fleetctl destroy redis.service
![Page 36: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/36.jpg)
Service Discovery
![Page 37: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/37.jpg)
Three-Tier Application
● Load Balancer● App● Database
![Page 38: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/38.jpg)
Sidekick
Keep configuration out of your app
![Page 39: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/39.jpg)
Ambassador
Reverse proxy for your serviceKeep service discovery out of your app
![Page 40: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/40.jpg)
Using CoreOS
![Page 41: Introduction to Docker & CoreOS - Symfony User Group Cologne](https://reader034.vdocument.in/reader034/viewer/2022051109/547e606ab479599d508b4bb7/html5/thumbnails/41.jpg)
Thanks for listening!Reach out:Dennis Benkert@denderello@giantswarm