Top Banner
69

Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Sep 08, 2014

Download

Technology

If you're not familiar yet with Docker, here is your chance to catch up. This presentation includes a quick overview of the Open Source Docker Engine, and its associated services delivered through the Docker Hub. Recent features are listed, as well as a glimpse at what's next in the Docker world.

This presentation was given during OSCON, at a meet-up hosted by New Relic, with co-presentations from CoreOS and Rackspace OnMetal.
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !
Page 2: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker 1.0 1 0 1Docker 1.1.1 1 0 1Docker 1.1.2 1 0 1

July 2014—Docker 1.1.2

Page 3: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

@jpetazzo

● Wrote dotCloud PAAS deployment tools

– EC2, LXC, Puppet, Python, Shell, ØMQ...● Docker contributor

– Security, Networking...● Runs all kinds of crazy things in Docker

– Docker-in-Docker, VPN-in-Docker,KVM-in-Docker, Xorg-in-Docker...

Page 4: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Let's start with Questions

Page 5: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Raise your hand if you have ...

● Tried Docker (online tutorial)

Page 6: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)

Page 7: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)

Page 8: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)● Written a Dockerfile (and built it!)

Page 9: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)● Written a Dockerfile (and built it!)● An image on Docker Hub (pushed or autobuilt)

Page 10: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)● Written a Dockerfile (and built it!)● An image on Docker Hub (pushed or autobuilt)● Deployed Docker images for dev/QA/test/prod...

Page 11: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Agenda

● What is Docker and Why it matters● What are containers● The Docker ecosystem (Engine, Hub, etc.)● Deployment options and first steps● Docker 1.0, or 1.1, or 1.1.1

Page 12: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Whatis Docker

Whyit matters

Page 13: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Deploy everything

● Webapps● Backends● SQL, NoSQL● Big data● Message queues● … and more

Page 14: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Deploy almost everywhere

● Linux servers● VMs or bare metal● Any distro● Kernel 3.8+ (or RHEL 2.6.32)

Currently: focus on x86_64.

(But people reported success on arm.)

Page 15: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Deploy reliably & consistently

Page 16: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !
Page 17: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Deploy reliably & consistently

● If it works locally, it will work on the server● With exactly the same behavior● Regardless of versions● Regardless of distros● Regardless of dependencies

Page 18: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Deploy efficiently

● Containers are lightweight– Typical laptop runs 10-100 containers easily

– Typical server can run 100-1000 containers

● Containers can run at native speeds– Lies, damn lies, and other benchmarks:

http://qiita.com/syoyo/items/bea48de8d7c6d8c73435http://www.slideshare.net/BodenRussell/kvm-and-docker-lxc-benchmarking-with-openstack

Page 20: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Booting 15 OpenStack VMs:KVM vs Docker

Page 21: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Memory speed:Bare Metal vs Docker vs KVM

Page 22: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

OK, but what is

Docker?

Page 23: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker runs containers.

Page 24: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

OK, but what is a

container?

Page 25: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

High level approach:it's a lightweight VM

● Own process space● Own network interface● Can run stuff as root● Can have its own /sbin/init

(different from the host)

« Machine Container »

Page 26: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Low level approach:it's chroot on steroids

● Can also not have its own /sbin/init● Container = isolated process(es)● Share kernel with host● No device emulation (neither HVM nor PV)

« Application Container »

Page 27: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Stop.Demo time.

Page 28: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !
Page 29: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Alright, I get this.Containers = nimble Vms.

Let's just tell the CFO,and get back to work!

Page 30: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !
Page 31: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

What happens when something becomes

10-100x cheaper?

Page 32: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

Page 33: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

● Plan A: spin up 1 database, clean after each use– If we don't clean correctly, random tests will fail

– Cleaning correctly can be expensive (e.g. reload DB)

Page 34: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

● Plan B: spin up 100 databases– … in parallel: needs too much resources

– … one after the other: takes too long

Page 35: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

● Plan C: spin up 100 databases in containers– fast, efficient (no overhead, copy-on-write)

– easy to implement without virtualization black belt

Page 36: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Containers make testing(and many other things)

way easier

Page 37: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

The container metaphor

Page 38: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Problem: shipping goods

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

Page 39: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Solution:the intermodal shipping container

Page 40: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Solved!

Page 41: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Problem: shipping code

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

Page 42: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Solution:the Linux container

Page 43: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Solved!

Page 44: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Separation of concerns:Dave the Developer

● Inside my container:– my code

– my libraries

– my package manager

– my app

– my data

Page 45: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Separation of concerns:Oscar the Ops guy

● Outside the container:– logging

– remote access

– network configuration

– monitoring

Page 46: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker's Entourage

Page 47: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker: the cast

● Docker Engine● Docker Hub● Docker, the community● Docker Inc, the company

Page 48: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker Engine

● Open Source engine to commoditize LXC● Uses copy-on-write for quick provisioning● Written in Go, runs as a daemon, comes with a CLI● Everything exposed through a REST API● Allows to build images in standard, reproducible way● Allows to share images through registries● Defines standard format for containers

(stack of layers; 1 layer = tarball+metadata)

Page 49: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

… Open Source?

● Nothing up the sleeve, everything on the table– Public GitHub repository: https://github.com/dotcloud/docker

– Bug reports: GitHub issue tracker

– Mailing lists: docker-user, docker-dev (Google groups)

– IRC channels: #docker, #docker-dev (Freenode)

– New features: GitHub pull requests (see CONTRIBUTING.md)

– Docker Governance Advisory Board (elected by contributors)

Page 50: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker Hub

Collection of services to make Docker more useful.● Public registry

(push/pull your images for free)● Private registry

(push/pull secret images for $)● Automated builds

(link github/bitbucket repo; trigger build on commit)● More to come!

Page 51: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker, the community

● >500 contributors● ~20 core maintainers● >8,000 Dockerized projects on GitHub● >20,000 repositories on Docker Hub● >250 meetups in >90 cities in >30 countries● >500,000 downloads of boot2docker

Page 52: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker Inc, the company

● Headcount: ~50● Led by Open Source veteran Ben Golub

(GlusterFS)● Revenue:

– t-shirts and stickers featuring the cool blue whale

– SAAS delivered through Docker Hub

– Support & Training

Page 53: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Using Docker

Page 54: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

One-time setup

● On your dev env (Linux, OS X, Windows)– boot2docker (25 MB VM image)

– Natively (if you run Linux)

● On your servers (Linux)– Packages (Ubuntu, Debian, Fedora, Gentoo, Arch...)

– Single binary install (Golang FTW!)

– Easy provisioning on Rackspace, Digital Ocean, EC2, GCE...

– Special distros: CoreOS, Project Atomic

Page 55: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Authoring imageswith a Dockerfile

Page 56: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

FROM ubuntu:14.04

RUN apt-get updateRUN apt-get install -y nginxRUN echo 'Hi, I am in your container!' \ >/usr/share/nginx/html/index.html

CMD nginx -g "daemon off;"

EXPOSE 80

docker build -t jpetazzo/staticweb .docker run -P jpetazzo/staticweb

Page 57: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !
Page 58: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

FROM ubuntu:12.04

RUN apt-get -y updateRUN apt-get install -y g++RUN apt-get install -y erlang-dev erlang-base-hipe ...RUN apt-get install -y libmozjs185-dev libicu-dev libtool ...RUN apt-get install -y make wget

RUN wget http://.../apache-couchdb-1.3.1.tar.gz \ | tar -C /tmp -zxf-RUN cd /tmp/apache-couchdb-* && ./configure && make install

RUN printf "[httpd]\nport = 8101\nbind_address = 0.0.0.0" \ > /usr/local/etc/couchdb/local.d/docker.ini

EXPOSE 8101CMD ["/usr/local/bin/couchdb"]

docker build -t jpetazzo/couchdb .

Page 59: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

FROM debian:jessie

RUN apt-get -y updateRUN apt-get install -y python-pip

RUN mkdir /srcWORKDIR /src

ADD requirements.txt /srcRUN pip install -r requirements.txt

ADD . /srcRUN python setup.py install

Page 60: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Do you evenChef?

Puppet?Ansible?

Salt?

Page 61: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !
Page 62: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Summary

With Docker, I can:● put my software in containers● run those containers anywhere● write recipes to automatically build containers

Page 63: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Advanced concepts

● naming– give a unique name to your containers

● links– connect containers together

● volumes– separate code and data

– share data between containers

Page 64: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Recent features: 0.10

● TLS support for API access● Configurable DNS search● BTRFS is no longer experimental● Integration with systemd cgroups● Use proxy environment variables (for registry)

Page 65: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Recent features: 0.11

● SELinux integration(works better with CentOS)

● DNS integration for links(access linked containers by hostname)

● « docker run --net »– use host networking for high speed

– share network of another container

Page 66: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Recent features: 0.12

● docker pause/unpause● more importantly: 1.0 release candidate :-)

Page 67: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Docker 1.1

● .dockerignore(don't upload your .git anymore!)

● docker logs --tail– further logging improvements on the way

(truncate)

Page 68: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Coming soon(maybe)

● logging improvements● device access● device mapper tuning● image squashing● ARM support● use secrets in builds

● volume management● hairpin nat● IPV6 support● capabilities fine-tuning● seccomp + native● user namespaces

Page 69: Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of Docker 1 0 !

Thank you! Questions?

http://docker.com/

@docker

@jpetazzo