Detailed Introduction To Docker

DockerBy:

NklMish

About Me

• Senior Software Developer around JVM

• Consultant + Coaching

Fast adoption rate

Fast adoption rate

DeploymentSingle machine vs Multiple vm’s on Single machine

Problems?

Common Problem

Commit’s code

It works onmy computer

Development & Deployment

Developer Environment

Test Environment

Production Environment

QA Environment

Environment Configuration

The instruction depends on the week in which you are running them

How about Vagrant + VM + Configuration Mangement(chef,

ansible, puppet, etc.)

• Step in a right direction• Still too heavy weight and Fragile.• Time dependent because

can return different minor versionsapt-get install xxx

• Docker is a consumer of container based technology providing lightweight packages for apps.

• Utilises containers for application deployment (provides illusion that app is running in separate OS), separating infrastructure.

What is Docker

Docker a deeper look

Containers and Linux

2005 2006 20082007 2011 2013

Open VZ CGroups Google + CGroups

LXC Unification

Patch Free

Hypervisor vs Container

Shared OS Base Emulate virtual hardware

HardwareOS

HypervisorGuest OS Guest OS

App1 App2

HardwareOS

Con-tainer

ContainerApp1 App2

Docker Components

• Daemon• Client• Image• File

Docker Benefits• Lightweight + Speed• Portable• Isolation• Security• Cloud ready

Lightweight + Speed

• No separate OS• Run’s as a process • Boot time.

Portable

• Run on all platform (i.e mac, linux, cloud, amazon linux, etc.).

• Allow developers to generate and commit container diffs

Isolation

• Each container gets :• It’s own file system• Full range of port i.e. 0-65535

Security• Root under container is “nobody” outside• Namespace are now enabled by default

Cloud Ready

• Small size, easy to scale (both vertical and horizontal!)

• Compatible with existing cloud solutions

With Docker, Development &

Deployment

Developer Environment

Test Environment

Production Environment

QA Environment

Installation• Requires kernel >= 3.9 , default nowadays• Linux

• RPM sudo rpm install docker• Debian based distribution apt-get install

docker doesn’t work instead use docker.io repo & execute sudo apt-get install docker.io

• Mac and Windows : boot2docker

Sample DockerFileFROM debian:jessie

MAINTAINER Allan Espinosa "allan.espinosa@outlook.com"

RUN apt-get update && \

apt-get --no-install-recommends install -q -y openjdk-7-jre-headless && \

rm -rf /var/lib/apt/lists/*

ADD http://mirrors.jenkins-ci.org/war/1.624/jenkins.war /opt/jenkins.war

RUN chmod 644 /opt/jenkins.war

ENV JENKINS_HOME /jenkins

ENTRYPOINT ["java", "-jar", "/opt/jenkins.war"]

EXPOSE 8080

CMD [""]

Docker Command execution

Every docker command generates new layer.

DevOps real time time saver.

Take precaution about env variables.

Docker commands

docker pull <#>

Docker commands

docker images <#>

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZEtpires/neo4j latest 0fd121ddd75b 4 days ago 892.8 MB

Docker commands

docker run <#>

docker run -i -t -d --name neo4j --cap-add=SYS_RESOURCE -p 7474:7474 tpires/neo4j

Docker commands

docker ps <#>

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES0fabcaa1e3fe tpires/neo4j "/bin/bash -c /launc 9 minutes ago Up 9 minutes 0.0.0.0:7474->7474/tcp, 1337/tcp neo4j

Docker commands

docker diff <#>

docker diff 0fabcaa1e3fe

/etcC /etc/neo4jC /etc/neo4j/neo4j-server.propertiesA /etc/neo4j/sslA /etc/neo4j/ssl/snakeoil.certA /etc/neo4j/ssl/snakeoil.keyC /tmpC /tmp/hsperfdata_rootA /tmp/hsperfdata_root/84A /tmp/jetty-0fabcaa1e3fe-7474-browser-_browser-any-24337275114314781.dirA /tmp/jetty-0fabcaa1e3fe-7474-webadmin-html-_webadmin-any-3550160901111854765.dirC /varC /var/libC /var/lib/neo4jC /var/lib/neo4j/dataA /var/lib/neo4j/data/dbmsA /var/lib/neo4j/data/dbms/authA /var/lib/neo4j/data/graph.dbA /var/lib/neo4j/data/graph.db/indexA /var/lib/neo4j/data/graph.db/lockA /var/lib/neo4j/data/graph.db/messages.logA /var/lib/neo4j/data/graph.db/neostoreA /var/lib/neo4j/data/graph.db/neostore.counts.db.aA /var/lib/neo4j/data/graph.db/neostore.idA /var/lib/neo4j/data/graph.db/neostore.labeltokenstore.dbA /var/lib/neo4j/data/graph.db/neostore.labeltokenstore.db.idA /var/lib/neo4j/data/graph.db/neostore.labeltokenstore.db.namesA /var/lib/neo4j/data/graph.db/neostore.labeltokenstore.db.names.idA /var/lib/neo4j/data/graph.db/neostore.nodestore.dbA /var/lib/neo4j/data/graph.db/neostore.nodestore.db.idA /var/lib/neo4j/data/graph.db/neostore.nodestore.db.labelsA /var/lib/neo4j/data/graph.db/neostore.nodestore.db.labels.idA /var/lib/neo4j/data/graph.db/neostore.propertystore.dbA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.arraysA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.arrays.idA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.idA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.indexA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.index.idA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.index.keysA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.index.keys.idA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.stringsA /var/lib/neo4j/data/graph.db/neostore.propertystore.db.strings.idA /var/lib/neo4j/data/graph.db/neostore.relationshipgroupstore.dbA /var/lib/neo4j/data/graph.db/neostore.relationshipgroupstore.db.idA /var/lib/neo4j/data/graph.db/neostore.relationshipstore.dbA /var/lib/neo4j/data/graph.db/neostore.relationshipstore.db.idA /var/lib/neo4j/data/graph.db/neostore.relationshiptypestore.dbA /var/lib/neo4j/data/graph.db/neostore.relationshiptypestore.db.idA /var/lib/neo4j/data/graph.db/neostore.relationshiptypestore.db.namesA /var/lib/neo4j/data/graph.db/neostore.relationshiptypestore.db.names.idA /var/lib/neo4j/data/graph.db/neostore.schemastore.dbA /var/lib/neo4j/data/graph.db/neostore.schemastore.db.idA /var/lib/neo4j/data/graph.db/neostore.transaction.db.0A /var/lib/neo4j/data/graph.db/rrdA /var/lib/neo4j/data/graph.db/schemaA /var/lib/neo4j/data/graph.db/schema/labelA /var/lib/neo4j/data/graph.db/schema/label/luceneA /var/lib/neo4j/data/graph.db/schema/label/lucene/write.lockA /var/lib/neo4j/data/graph.db/store_lockA /var/lib/neo4j/data/keystoreC /var/logC /var/log/neo4jA /var/log/neo4j/neo4j.0.0.logA /var/log/neo4j/neo4j.0.0.log.lckdeb:~ nm$

Docker commandsdocker logs <#>docker logs 0fabcaa1e3fe

Starting Neo4j Server console-mode...Using additional JVM arguments: -server -XX:+DisableExplicitGC -Dorg.neo4j.server.properties=conf/neo4j-server.properties -Djava.util.logging.config.file=conf/logging.properties -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -XX:-OmitStackTraceInFastThrow -XX:hashCode=5 -Dneo4j.ext.udc.source=debian2015-08-11 20:04:36.742+0000 INFO [API] Setting startup timeout to: 120000ms based on 1200002015-08-11 20:04:38.016+0000 INFO [API] Successfully started database2015-08-11 20:04:38.079+0000 INFO [API] Starting HTTP on port :7474 with 8 threads available2015-08-11 20:04:38.220+0000 INFO [API] Enabling HTTPS on port :74732015-08-11 20:04:38.220+0000 INFO [API] No SSL certificate found, generating a self-signed certificate..20:04:38.432 [main] INFO org.eclipse.jetty.util.log - Logging initialized @2302ms2015-08-11 20:04:38.469+0000 INFO [API] Mounting static content at [/webadmin] from [webadmin-html]2015-08-11 20:04:38.509+0000 INFO [API] Mounting static content at [/browser] from [browser]20:04:38.512 [main] INFO org.eclipse.jetty.server.Server - jetty-9.2.4.v2014110320:04:38.531 [main] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.s.h.MovedContextHandler@71da109{/,null,AVAILABLE}20:04:38.575 [main] INFO o.e.j.w.StandardDescriptorProcessor - NO JSP Support for /webadmin, did not find org.apache.jasper.servlet.JspServlet20:04:38.594 [main] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.w.WebAppContext@6602d014{/webadmin,jar:file:/usr/share/neo4j/system/lib/neo4j-server-2.2.3-static-web.jar!/webadmin-html,AVAILABLE}20:04:38.900 [main] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.s.ServletContextHandler@4e671f1e{/db/manage,null,AVAILABLE}20:04:39.036 [main] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.s.ServletContextHandler@4ad697ef{/db/data,null,AVAILABLE}20:04:39.046 [main] INFO o.e.j.w.StandardDescriptorProcessor - NO JSP Support for /browser, did not find org.apache.jasper.servlet.JspServlet20:04:39.047 [main] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.w.WebAppContext@60921cf7{/browser,jar:file:/usr/share/neo4j/system/lib/neo4j-browser-2.2.3.jar!/browser,AVAILABLE}20:04:39.110 [main] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.s.ServletContextHandler@7929a090{/,null,AVAILABLE}20:04:39.120 [main] INFO o.e.jetty.server.ServerConnector - Started ServerConnector@5129d373{HTTP/1.1}{0fabcaa1e3fe:7474}20:04:39.178 [main] INFO o.e.jetty.server.ServerConnector - Started ServerConnector@3938bdec{SSL-HTTP/1.1}{0fabcaa1e3fe:7473}20:04:39.178 [main] INFO org.eclipse.jetty.server.Server - Started @3052ms2015-08-11 20:04:39.179+0000 INFO [API] Server started on: http://0fabcaa1e3fe:7474/2015-08-11 20:04:39.179+0000 INFO [API] Remote interface ready and available at [http://0fabcaa1e3fe:7474/]

Docker commands

docker stats <#>

docker stats 0fabcaa1e3fe

CONTAINER CPU % MEM USAGE/LIMIT MEM % NET I/O0fabcaa1e3fe 2.87% 232.9 MB/4.142 GB 5.62% 162.6 kB/3.7 MB

Docker Registry

• docker pull jessie translates to docker pull registry-1.docker.io/library/jessie

• For internal registry docker pull companyDomain:port/foo/bar

Custom Registry

• Commercial - Docker trusted registry• Non-commercial - set up your own service

registry (Docker Trusted Registry can help you get started)

Docker useful tools

• Multi container application - Docker Compose

• Container clustering - Docker Swarm• Third party integration - Yes you can use

Chef and Puppet

Cons

• kernel sharing (Different flavours of same OS rather the different OS)

• You can end up with large number of containers. (Google launch every week 2 billion container instances)

Solution

• Manage containers as a single system• Kubernetes, mesos, etc. helps to achieve

this

Kubernetes

• Pods • Replication controllers• Labels• Services

Summary• Developer environment should be close to production• Works on my machine is way too common problem.• Manual setup is too time consuming , fragile and cumbersome• Vm are too bulky, fragile and carries lot of additional noise.• Container technology provides alternative approach(extremely lightweight) and

docker utilises it.• Docker, build once run anywhere.• Easy to scale , cloud ready. • Not possible to run various OS , can run various flavours .• Provides rich tools for enterprise tasks.• Tools like Kubernetes can help.

Thank you.Questions?