This presentation was given at the London Nutanix user group (NUG) on Oct 26 by Denis Guyadeen. If you would like to join a NUG, you can find more information here http://bit.ly/NTNXUG - Hope to see you at a community meeting!
33. sha256
address
Container is what
we call an image
when it is running
Image[s] is the
Filesystem
Snapshot
or tarball
Kernel Image – RO FS – /bin /mnt /var /proc
Base Image – RO FS – /usr/bin
Application Directory – RO FS – /usr/local/bin/node
Container – RW FS – /container/awesome
Union View
/container/awesome /usr/local/bin/node
/usr/bin /bin /mnt /var /proc
Layers [the secret sauce of Docker]
bins / libs are layered – Layers Are Reusable And Shared
Images
Container
34. Docker compared to Git
Docker Git
Image Saved State Commit
Container Used for local execution Checkout
Repository Collection of commits Repository
Docker Hub Poplar remote server for code GitHub
36. No matter how simple the API endpoint, the
OS kernel is always a huge dependency:
• Debian 5.0 is 65 million lines
• …but the Linux Kernel is over 25 million
lines (⅓) of that!
The OS is a large attack surface Tip of the
Iceberg
Code you
want to run
Code your OS
insists you need!
37. we see the VM as the only truly safe
isolation.. Until we see foolproof
security for containers, we will always
double-bag our customers' workloads
”
“
Source: http://www.informationweek.com/cloud/infrastructure-as-a-service/google-docker-does-containers-right/d/d-id/1319146
Craig McLuckie
Lead Product guy @ Google
38. 38
An Open Platform to Build, Ship, and Run Distributed Applications
“Largest splash in computing since AWS” – The Agile Admin
39. New Application
Architectures
On-Demand
Automated
Infrastructures
Culture
Agile Development
Why Docker? Why Now?
While the underlying container technology has existed for quite some time, the combination of advancing technical concepts like these listed here and the
developer centric implementation that Docker provided have created a “perfect storm” of demand and interest in container-based software stacks.
40. What is Docker?
40
• 2B+ Docker Image Downloads
• 2000+ contributors
• 40K+ GitHub stars
• 200K+ Dockerized apps
• 240 Meetups in 70 countries
• 95K Meetup members
Containers as a Service provider
• Integrated platform for dev and IT
• Commercial technical support
Docker project sponsor
• Primary sponsor of Docker project
• Supports project maintainers
The Docker Project Docker Inc
41. What is Docker?
41
Open Source
• Docker Engine
• Docker Registry
• Docker Compose
• Docker Swarm
• Docker Machine
• Docker Toolbox
• Docker for Mac
• Docker for Windows
• Docker for AWS
• Docker for Azure
Commercial Product Line
• Technical Support
• Docker Hub (SaaS)
• Docker CS Engine
• Docker Trusted Registry
• Docker Universal Control Plane
• Docker Datacenter
• Docker Cloud (SaaS)
• Docker Store (SaaS)
The Docker Project Docker Inc
42. Dev Tools
Official Repositories
Operating Systems
Big Data
Service Discovery
Build / Continuous Integration
Configuration Management
Consulting &Training
Management
Storage
Clustering & Scheduling
Networking
Infrastructure & Service Providers
Security
Monitoring & Logging
The Docker Ecosystem
43. Docker Image
The basis of a Docker container
Docker Container
The standard unit in which the application service resides
Docker Engine
Creates, ships and runs Docker containers deployable on physical or
virtual host locally, in a datacenter or cloud service provider
Docker Registry
On-premises registry for image storing and collaboration
Docker Basics
45. Virtual machines
Server Public Cloud
Disaster Recovery
Developer Laptop
Server Cluster
Data Center
Static
Website
Web Front EndBackground
Workers
User DB
Analytics
DB
Queue API
Endpoint
Development Test & QA Production Scale Out
The challenge: new matrix from hell
46. Where do developers spend their time?
Electric Cloud surveyed 443 software engineers on how much time they spent on each activity.
47. Solution: Docker containers
• Packages up software binaries and dependencies
• Isolates software from each other
• Container is a standard format
• Easily portable across environment (on-prem and
across clouds)
• Allows ecosystem to develop around its standard
Container
56. Container Persistence Models
Local Storage
DAS
Local Host Persistence
No Durability
Distributed Storage
SDS
SDS
(Local Host Persistence)
Durable Storage
Data Stores
Database
State is in a VM
or on Bare Metal
Remote Storage
SAN/NAS
3-Tier
58. https://twitter.com/mfdii/status/6975323872409968
64
Containers in Production is Hard
¤ Scheduling: Where should my containers run?
¤ Lifecycle and health: Keep my containers
running despite failures
¤ Discovery: Where are my containers now?
¤ Monitoring: What’s happening with my
containers?
¤ Auth{n,z}: Control who can do things to my
containers
¤ Aggregates: Compose sets of containers into
jobs
¤ Scaling: Making jobs bigger or smaller
¤ Secrets: How do I protect passwords, certs,
ssh keys, etc?
¤ Networking: How do I automate networking
on my containers? I need cluster store for
networking?
¤ Logging: how do I store the logs for N
62. Acropolis Container Service
Provision Containers on Demand
Multi-Tenant
Agility for developers
Control through quotas
Flexible granular RBAC
Developer
Admin
63. Resources
Acropolis Container Services
Docker Container Best Practices Guide
Blog: Containers enters Acropolis
Tech TopX: Introduction to Docker on Nutanix
Nutanix Bible - Container Services
Nutanix Acropolis 4.7 - Container Support Demo