Containers are a technology that will take over infrastructure management in next few years and it is absolutely important to anyone involved in software delivery automation and maintenance to understand the principles behind it and know how to use it. This workshop offers an introduction to Linux containers using the predominant technology, Docker. The following topics will be covered: - A bit of history (LXC Containers, Docker, other players) - Setting up your environment - Docker daemon and client - Image vs. container - Docker registry - Container orchestration - Docker use cases
2. WHO'SLUCIANO
Generalist
25 years of software development
Consulting on lightweight approach to
software factory
Author of "Groovy 2 Cookbook" for Packt
Dad
github: https://github.com/luciano
fiandesio
5. DOCKERSTATS
25.000 Github stars
425M+ Docker Engine downloads
100.000+ Dockerized applications on Docker
Hub
180+ Docker Meetup Groups in 50 countries
950 community contributors
50.000 3rd party projects on Github using
Docker in PAAS, OS, CI etc.
11. LXCCONTAINERS
Available in modern kernels since 2008
Generically isolates resource usage (CPU,
memory, disk, network)
Guarantee resources to app/set of apps
Can be adjusted on the fly
Can monitor the cgroup itself to see
utilization
14. CGROUPS-CONTROLGROUPS
Built into Kernel
Generically isolates resource usage (CPU,
memory, disk, network)
Guarantee resources to app/set of apps
Can be adjusted on the fly
Can monitor the cgroup itself to see
utilization
15. WHATABOUTPERFORMANCES?
Processes are isolated, but run directly on
the host
CPU - native performance
Memory - a few % required for bean keeping
Network - small overhead, can be reduced
to 0
18. DOCKERENGINE
Docker is a simple client/server application
A Docker client talks to a Docker daemon,
which execute the work
Docker executables are written in Go
The Docker daemon also exposes a RESTFul
API
Both client and server must be executed as
root!
19. DOCKERIMAGES
Read-only templates from which containers
are launched from
Each image consists of a series of layers
using the Union File System
When an image gets modified, a new layer is
created
Docker can also use additional file systems
20. HOWDOESANIMAGELOOKLIKE?
First the bootfs is loaded
Then, the root fs is
mounted (Ubuntu, etc) in
read only mode
The remaining layers are
mounted
Thanks to the UnionFS,
the layers look like one FS
Finally, when the
container is launched,
Docker mounts a read-
write layer
22. DOCKERCONTAINERS
A container is started from an image, which
may be locally created, cached locally, or
downloaded from a registry
It "looks & feels" like a VM
Ridicolously fast boot time
Low resource usage
23. CONTAINERS-GOODTOKNOW
Containers are meant to run a single process
Decouple applications into separate
containers — one for each process
Don’t install unnecessary packages: smaller
images!
Build containers that are easy to replace
25. DOCKERFILEEXAMPLE
# Version: 0.0.1
FROM ubuntu:14.04
MAINTAINER Rocky Balboa "rocky@gmail.com"
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80
RUN echo 'deb http://download-distro.mongodb.org/repo/ubuntu-upstart dis
RUN apt-get update
# note the -y flag, for non interactive
RUN apt-get install -y mongodb-org
RUN mkdir -p /data/db
# This mongo instance will run in a container
# so it must be configured to accept connections from foreign hosts
RUN echo "bind_ip = 0.0.0.0" >> /etc/mongdodb.conf
EXPOSE 27017
# Set the default command for this image
CMD ["mongod"]
27. DOCKERREGISTRY
Application dedicated to the storage and
distribution of your Docker images
Useful when a company wants to share
images internally
Docker offers a commercial version, named
"Docker Trusted Registry"
28. DOCKERHUB
A cloud hosted service from Docker that
provides registry capabilities for public and
private content.
Useful for sharing images at large or
collaborating withing a team
Useful for automation workflows
29.
30. DOCKERMACHINE
A tool to simplify the automatic creation,
configuration and management of Docker-
enabled machines, wheter they are VMs
running locally in Virtualbox or in a cloud
provider such AWS
$ create --driver virtualbox dev # start machine locally using virtualbox
$ create --driver digitalocean dev-cloud # start machine locally using di
31. DOCKERCOMPOSE
A tool for running multi-container
applications
Single file configuration
Great for dev environments, CI, staging
Written in Python, was Fig (acquired by
Docker)
Useful for building complex environments in
a reproducible way
33. DOCKERCOMMANDLINE
$ docker search # search hub.docker.com for an image
$ docker pull # download an image
$ docker images # list all existing local images
$ docker run # starts a container from an image
$ docker ps # list running containers
$ docker build # build an image from a docker file
34. SOMEDOCKER'RUN'FLAGS
-d # runs the container in detached mode (background proces
-t # runs the container using a pseudo-tty
-i # uses interactive mode
--name # assign a name, instead of autogenerated one
35. START/KILL/REMOVECONTAINERS
docker stop # stops a container
docker start # starts a container
docker attach # attach to a container
docker remove # remove a container
docker rmi # remove an image
36. CONTAINERSCOMMUNICATION
Containers can be linked together (container
linking)
Container linking works well on a single host,
but large-scale systems need other discovery
mechanisms.
$ docker run -d --name database -e MYSQL_ROOT_PASSWORD=root mysql
$ docker run -d --link database:db --name web runseb/hostname
$ docker run -d --link web:application --name lb nginx
37. CONTAINERSVOLUMES
Docker can mount host voulumes in read/write
mode. Data are shared between host and
container
$ docker run -ti -v "$PWD":/shared ubuntu:14.04 /bin/bash