A BEGINNER’S JOURNEY Containers Credits: http://bit.ly/1VKcNoZ and Docker
Manuel de la Peña
Software Engineer @ Liferay Inc
Interested in: SW Engineering, Coding, Testing, DevOps
Credits:http://bit.ly/1V8Hpzx
APPLICATION INFRASTRUCTURE
Credits: http://bit.ly/1OetMIn
• Dedicated Server
• Purchase order
• O.S. installs & licenses
• Rack positions
• Redundant power & network
VIRTUALISATIONTO THE RESCUE
Credits: http://bit.ly/1WOfjJU
• KVM, VMWare, Xen
• Hypervisor with multiple virtual machines
• VM’s looks, feels and tastes as a physical machines
UGLY BECAUSE OF THE O.S.
• The model is one app per VM and each VM requires one O.S.
• O.S. only exists to facilitate the application
• Footprint (CPU, RAM, disk space)
• Licensing if needed
• More O.S. is not adding more Business Value
Credits: http://bit.ly/23pCASq
Secure, isolated environmentMinimal O.S. serviceSome service controls
Credits: http://bit.ly/1SP5iHw
It’s all aboutapplications
CONTAINERSTO THE RESCUE
Credits: http://bit.ly/23pIymw
• Run on Linux machines*
• An application runs in the USER SPACE
• User Space: memory area where application and some drivers execute.
CONTAINER (OS-LEVEL)VIRTUALISATION
• Container model tries to run multiple applications creating multiple user spaces.
• Only one O.S. installed
• Share same instance of the Linux kernel in the host.
Credits: http://bit.ly/23pIymw
MORE LIGHTWEIGHTTHAN VM’S
Credits: http://bit.ly/23pIymw
Resources used beforewe install the app
Faster and more portable
A single containershould run a single app
or a single process.
Once the processof the container exitsso does the container.
Credits: http://bit.ly/23xrJWD
• Company under the technology/platform. Previously DotCloud, a PaaS company.
• Docker&Containers = RedHat/Ubuntu&Linux Kernel.
• It’s a package you can get support for.
• They provide a very uniform standard container runtime.
• Developers can code their applications in a local docker environment and move them to AWS, Azure, On-Premise.
• Think of Android Apps that run on tablet and phones.
• Internal project by Solomon Hykes, written in Go.
• Evolving to a platform:• Image format• Container Runtime (Docker Engine)• Registry (Docker Hub)• Clustering (Swarm)• Service Discovery (Compose)• Networking (libchan), etc.
FUTURE OF DOCKER
• Windows Containers
• Cannot create Windows containers on Linux kernel, and viceversa.
• Containers enforces microservices architecture. (single process inside single container approach)
Took days or weeks to load
Broken or rooted Goods
Global Trade was high Cost and Risk
THE IMPORT/EXPORT NIGHTMARE
Malcolm P. MacLean, 1956Inventor of containers
Saved 25% cost insecurity and transport
Credits: http://bit.ly/1VQaocx
THE SHIPPING YARD ANALOGY
• Shipping Yard —> Docker Engine (Daemon or Runtime)
• Manifests —> Docker Images
• Containers —> Docker Containers
DOCKER ENGINE(SHIPPING YARD)
• Application infrastructure and runtime dependencies standardised.
• Completely the same runtime environments from docker-host to docker-host.
• De-facto industry standard for containers.
DOCKER IMAGES(MANIFEST)
• Instructions on how to build containers (static definition with data and metadata), like VM templates.
• Its required to instantiate a container.
• Images can be categorised with tags, being latest the default.
• Maintainers tend to have the images as small as possible with minimum packages installed, just the needed to provide a functional runtime.
Run unchanged containers in your local machine or in production
Time to production decreased
Credits: http://bit.ly/1UEiX8Z
OK, Docker engine, docker images, and docker containers, but…
Credits: http://bit.ly/1Zuy3Nv
Where do I get the images?
DOCKER REGISTRIES• Images are inside repositories, categorised with tags.
• Repositories live inside a registry.
• Docker Hub is the default public registry of Docker.
• There are official (trusted) repos: Redis, Fedora, Ubuntu, MongoDB…
• And non-official repos, from members of the docker community.
• Private registries.
Security concern
Trust the containers you use, it can contain malicious code
Credits: http://bit.ly/1UEiX8Z