DOCKER 1.9 OVERVIEW

Presenter Name: Sreenivas MakamPresented at: Docker Meetup Bangalore

Presentation Date: Dec 5, 2015

About me

• Senior Engineering Manager at Cisco Systems Data Center group

• Like to follow SDN and Cloud related Opensource projects and write about it.

• Personal blog can be found at https://sreeninet.wordpress.com/ and my hacky code at https://github.com/smakam

• You can reach me on LinkedIn at https://in.linkedin.com/in/sreenivasmakam

Docker family

Docker

Core(Docker engine,

Network, Storage)

Security(Docker content

trust)

Getting started(Toolbox, Kitematic)

Orchestration(Machine, Compose,

Swarm)

Registry(Docker hub, Docker trusted registry)

Deployment(Tutum, UCP)

Docker 1.9 feature summary• Multi-host networking going to production• Docker Swarm going to production• Storage plugin improvements• Docker Compose, Machine enhancements• Better Docker Compose, Swarm, Machine integration• Docker orchestration tools(Compose, Swarm, Machine)

working well with multi-host networking• Registry, Toolbox and Docker engine enhancements• Docker content trust with Ubico hardware key(Experimental)• General Bug fixes

Docker Container networking model(CNM)

• Docker container attaches to the Network using the Endpoint or Service.• Multiple endpoints share a network. In other words, only endpoints located in

same network can talk to each other.• Sandbox is the network namespace where the Container resides.

Docker Libnetwork

• Libnetwork is the networking library that’s separated out from Docker engine and it’s an implementation of CNM.

• Drivers implement the APIs provided by libnetwork. • Docker provides native drivers like Bridge, Overlay. • Bridge driver allows connectivity between containers in a single host. Overlay

driver allows for connectivity across hosts.• Remote drivers are provided as plugins from different vendors like Weave,

Calico, Cisco.

Docker Overlay networking

Web

H1

Db

H2

Consul

Network n1

docker $(docker-machine config mh-keystore) run -d \ -p "8500:8500" \ -h "consul" \ progrium/consul -server -bootstrap

docker-machine create -d virtualbox \ --engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \ --engine-opt="cluster-advertise=eth1:2376" \ mhs-demo1

docker-machine create -d virtualbox \ --engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \ --engine-opt="cluster-advertise=eth1:2376" \ mhs-demo2

docker network create --driver overlay n1docker run -ti --name=web --net=n1 busybox

docker run -ti --name=db --net=n1 busybox

Docker volume• Enhanced volume plugin in 1.9.• Volumes are used to store data that’s outside scope of

container image like database.• Supported volume plugins – GlusterFS, Ceph, FlockerExample:docker run -ti -v myvolume:/data --volume-driver=flocker busybox sh• Myvolume in host machine gets mounted to /data with

Flocker volume driver.• Multiple containers can share myvolume

Docker Swarm

• Swarm is production ready with 1.9.• Swarm is integrated with docker-machine, docker-compose, multi-host

networking and docker volumes.• Tested with scale(1000 nodes and 30000 containers)

Other changes in 1.9• Docker compose(release 1.5) works with Windows and

with Toolbox.• Docker compose works with multi-host networking.• Docker Toolbox for Mac and Windows has all Docker

orchestration tools integrated.• Docker registry has a new Google storage driver and other

bug fixes.• Docker engine has some minor features and bug fixes.• Docker content trust has hardware key

support(experimental release) in collaboration with Yubico.

Demo (Multi-container counter app)

Web Mongo

Swarm

Compose

Webclient

Docker CLI

H2H1

web: image: bfirsh/compose-mongodb-demo environment: - "MONGO_HOST=counter_mongo_1" - "constraint:node==mhs-demo0" ports: - "80:5000"mongo: image: mongo

Consul

docker-compose --x-networking --project-name=counter up -d

References• https://docs.docker.com/• https://github.com/docker/libnetwork• https://docs.docker.com/engine/userguide/networking/get-start

ed-overlay/

• https://blog.docker.com/2015/11/docker-1-9-production-ready-swarm-multi-host-networking/

• https://blog.docker.com/2015/11/dockercon-eu-2015-docker-universal-control-plane/

• https://blog.docker.com/2015/11/docker-content-trust-yubikey/• https://sreeninet.wordpress.com/category/docker/