Docker 101, Alexander Ryabtsev

Alexander Ryabtsev

http://djangostars.com/

Why do we need this?

Complex systems development

Deploying on test/prod. servers, developer machines

Different target OS

Different software versions

Etc

Virtualization

HARDWARE

HOST OS

HYPERVISOR

GUEST OS 1 GUEST OS 2 GUEST OS N

LIBRARIES LIBRARIES LIBRARIES

APP 1 APP 2 APP N

Containerization

HARDWARE

HOST OS

CONTAINERIZTION ENGINE

X X X

LIBRARIES LIBRARIES LIBRARIES

APP 1 APP 2 APP N

DOCKER

HARDWARE

HOST OS

DOCKER

LIBRARIES LIBRARIES LIBRARIES

APP 1 APP 2 APP N

What is Docker?

Open-source engine that automates the deployment of applications into containers developed by Docker Inc

Based on: libcontainer - container formatnamespaces - isolationcgroups - sharingunionfs - layering

Platforms Linux Windows (over boot2docker) MacOS (over boot2docker) Cloud platforms

− Amazon EC2− Rackspace Cloud− Google Compute Engine− etc

Requirements Linux kernel with cgroups and namespaces features x86_64 & amd64 only appropriate storage driver

− dev mapper− AUFS− vfs− btrfs

Hello world

sudo docker run -i -t ubuntu /bin/bash sudo - you have to run all docker commands as

root run - start container -i - keeps STDIN open -t - assign pseudo-TTY ubuntu - image /bin/bash - command (CMD)

Some commands

run ps inspect pause / unpause start / stop / restart kill

Architecture

Image Container Registry

Images & Containers

write CONTAINER GOES HERE

read only curl example.com 701e38299831

read only ... 5171cea75fa4

read only apt-get install curl cc0f88ebb125

read only apt-get update b9474e097082

read only base image 447ff49a67a0

Life cycle

Image: build

− do some action− create intermediate image

create a container remove

Container:

start

mount volumes

expose ports

run service

remove

Registryhttps://registry.hub.docker.com/

Official repos User repos

Public repos Private repos

Dockerfile FROM RUN COPY / ADD ENV EXPOSE VOLUME ENTRYPOINT / CMD

Best practices Include only necessary context Use a .dockerignore file Avoid installing unnecessary packages Use cache Be care with volumes Use environment varaibles (in RUN, EXPOSE, VOLUME)

HTTP-server example

NGINX

80/TCP

data

HTTP-server: Dockerfile

FROM ubuntu:latest

RUN apt-get update

RUN apt-get install -y nginx

RUN ln -sf /dev/stdout /var/log/nginx/access.log

RUN ln -sf /dev/stderr /var/log/nginx/error.log

VOLUME ["/usr/share/nginx/html"]

EXPOSE 80/tcp

CMD ["nginx", "-g", "daemon off;"]

HTTP-server: Commandssudo docker build --tag='nginx' .

sudo docker run -p 8080:80 --rm nginx

sudo docker run

-p 8080:80

-v ~/docker_demo/nginx/html:/usr/share/nginx/html--rmnginx

APP-server example

Application

5000/TCP 6379/TCP

Redis

SRC

HTTP + APP examplefrom flask import Flaskfrom redis import Redisimport osapp = Flask(__name__)redis = Redis(host='redis', port=6379)

@app.route('/')def hello(): redis.incr('hits') return 'Hello World! I have been seen %s times.' % redis.get('hits')

if __name__ == "__main__": app.run(host="0.0.0.0", debug=True)

FROM python:2.7

ADD . /code

WORKDIR /code

EXPOSE 5000/tcp

RUN pip install -r requirements.txt

--link parametersudo docker build --tag='app' .

sudo docker run -d --name redis redis

sudo docker run -d -p 5000:5000 --name app --link redis:redis app python app.py

docker up (fig)web: build: . command: python app.py ports: - "5000:5000" volumes: - .:/code links: - redisredis: image: redis

Orchestration tools

Fig / Docker Compose Mesosphere / Marathon Kubernetes / Mesos etc

Docker true way 1 application = 1 container Run process in foreground Keep data out of container No SSH No manual configurations (or actions) inside container

Harsh reality supervisor docker exec nsenter (from util-linux) hard links Docker ambassador

3rd party apps CoreOS, Fleet Docker Swarm Docker Machine Panamax etc

Usefull docs Official documentation https://docs.docker.com/

Docker blog http://blog.docker.com/

Docker Hub https://registry.hub.docker.com/

The Docker Book

Thank you for your attention!