CAN YOU CONTAIN THE FUTURE: Docker, Container Technologies, The Future, And YouBY: CURT GRATZ

‣ Getting started with Docker

‣ Why you should contain everything in containers that contain things

‣ Everything about Docker

‣ The Batman Equation

What we won’t be covering

‣ Learn about containers and how they differ from Vms

‣ Learn the pros and cons of using containers

‣ A little about Docker and how to integrate it into your workflow

‣ Learn how you can use Docker for easy deployments

‣ Bust some Myths about container technologies and Docker.

What we will be covering

‣ Husband

‣ Dad

‣ Coach

‣ Youth Leader

‣ Co-Owner of Computer Know How

‣ Member of Team ColdBox

‣ Lover of Open Source

The Obligatory Who Am I?

Lets talk about you

YOU? A DEVELOPER?

YOU? A SYS ADMIN?

YOU? DEV OPS?

YOU? AN ACCOUNTANT?

YOU? MARKETING?

YOU? MANAGER?

YOU? DBA?

YOU? QA/TESTER?

YOU? FULL STACK?

Lets talk about containers

Matrix of Hell

It works on my machine

How shipping solved the problem

How containers solve the problem

Traditional VM VS Containers

Pros and Cons of Containers

Isolation

Startup times

Size

CPU and Memory usage

Its a container

Deciding between containers and VMs

More then just Docker

Commands for images

‣ $ docker images # shows all images.

‣ $ docker import # creates an image from a tarball.

‣ $ docker build # creates image from Dockerfile.

‣ $ docker commit # creates image from a container.

‣ $ docker rmi # removes an image.

‣ $ docker history # list changes of an image.

Commands for Dockerfile‣ FROM - The image the new image will be based on.

‣ COPY - Copy a file or dir into the image

‣ ADD - Like copy, but can be a URL or unpack a tar

‣ RUN - Ran a command inside the container

‣ ONBUILD - Run commands when building

‣ CMD - Default command to run

‣ ENV - Set a environment variable

‣ EXPOSE - expose a port

‣ VOLUME - Specify that a directory should be stored outside the union file system

Commands for containers‣ $ docker create # creates a container but does not start it.

‣ $ docker run # creates and starts a container.

‣ $ docker stop # stops it.

‣ $ docker start # will start it again.

‣ $ docker restart # restarts a container.

‣ $ docker rm # deletes a container.

‣ $ docker kill # sends a SIGKILL to a container.

‣ $ docker exec # executes a command in a running container.

Commands for inspecting‣ $ docker ps # shows running containers.

‣ $ docker inspect # info on a container (incl. IP address).

‣ $ docker logs # gets logs from container.

‣ $ docker events # gets events from container.

‣ $ docker port # shows public facing port of container.

‣ $ docker top # shows running processes in container.

‣ $ docker diff # shows changed files in container's FS.

‣ $ docker stats # shows metrics, memory, cpu, filsystem

Deployments

Build Once, Run Anywhere

Cattle, not Pets

Contract between Dev and Ops

Why it is important to get it right

Deployments

Deployments

node-app-service.yamlapiVersion: v1kind: Servicemetadata: name: node-app-servicespec: ports: - port: 3000 protocol: TCP nodePort: 30061 selector: name: node-app type: LoadBalancer

node-app-rc.yamlapiVersion: v1kind: ReplicationControllermetadata: name: node-app-rcspec: replicas: 4 selector: name: node-app template: metadata: labels: name: node-app spec: containers: - name: node-app image: privateRepo.private.com/image-name ports: imagePullSecrets: - name: node-app

Start it up‣ kubectl create -f node-app-service.yaml

‣ kubectl create -f node-app-rc.yaml

Scale it you say‣ kubectl scale rc node-app --replicas=20

Containers Are Best Understood as Small VMs

Containers Aren’t Suitable for Critical Workloads

Containers Aren’t as Secure as Traditional Infrastructure

Containers Cannot Be Deployed and Orchestrated At Scale

Microservices are mandatory

Containers use less CPU and Memory

Developers don’t want to deploy apps and define infrastructure

Lets talk about the future

Containers are an old idea.

Containers are here to stay

Microservices grow in popularity

Standards and Maturity

Community on the rise

‣ Logging ‣ None

‣ json-file

‣ syslog

‣ jourald

‣ fluent

Other topics not covered

‣ Secrets ‣ Kubernetes

‣ Vault (open source by HashCorp)

‣ Keywhiz (open source by Square)

‣ Conjur (commercial)

Other topics not covered

‣ Service Discovery ‣ Kubernetes

‣ Consul

‣ Etcd

‣ Zookeeper

Other topics not covered

‣ Metrics

‣ Monitoring

‣ Networking

‣ Stateful services

Other topics not covered

“Thank you.”

–hold up applause sign here

‣ Email - gratzc@compknowhow.com

‣ Blog - http://www.compknowhow.com/blog/

‣ Twitter - gratzc

‣ Skype - gratzc

‣ Snapchat - gratzc

‣ League of Legends - gratzc

Contact Info