Download - Introduction to Docker at the Azure Meet-up in New York

Transcript
Page 1: Introduction to Docker at the Azure Meet-up in New York
Page 2: Introduction to Docker at the Azure Meet-up in New York

Docker

September 2014—Docker 1.2

Page 3: Introduction to Docker at the Azure Meet-up in New York

@jpetazzo

● Wrote dotCloud PAAS deployment tools

– EC2, LXC, Puppet, Python, Shell, ØMQ...● Docker contributor

– Security, Networking...● Runs all kinds of crazy things in Docker

– Docker-in-Docker, VPN-in-Docker,KVM-in-Docker, Xorg-in-Docker...

Page 4: Introduction to Docker at the Azure Meet-up in New York

Let's start with Questions

Page 5: Introduction to Docker at the Azure Meet-up in New York

Raise your hand if you have ...

● Tried Docker (online tutorial)

Page 6: Introduction to Docker at the Azure Meet-up in New York

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)

Page 7: Introduction to Docker at the Azure Meet-up in New York

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)

Page 8: Introduction to Docker at the Azure Meet-up in New York

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)● Written a Dockerfile (and built it!)

Page 9: Introduction to Docker at the Azure Meet-up in New York

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)● Written a Dockerfile (and built it!)● An image on Docker Hub (pushed or autobuilt)

Page 10: Introduction to Docker at the Azure Meet-up in New York

Raise your hand if you have ...

● Tried Docker (online tutorial)● Tried the real Docker (e.g. deployed remote VM)● Installed Docker locally (e.g. with boot2docker)● Written a Dockerfile (and built it!)● An image on Docker Hub (pushed or autobuilt)● Deployed Docker images for dev/QA/test/prod...

Page 11: Introduction to Docker at the Azure Meet-up in New York

Agenda

● What is Docker and Why it matters● What are containers● The Docker ecosystem (Engine, Hub, etc.)● Deployment options and first steps● What's new in the latest Docker?

Page 12: Introduction to Docker at the Azure Meet-up in New York

Whatis Docker

Whyit matters

Page 13: Introduction to Docker at the Azure Meet-up in New York

Deploy everything

● Webapps● Backends● SQL, NoSQL● Big data● Message queues● … and more

Page 14: Introduction to Docker at the Azure Meet-up in New York

Deploy almost everywhere

● Linux servers● VMs or bare metal● Any distro● Kernel 3.8+ (or RHEL 2.6.32)

Currently: focus on x86_64.

(But people reported success on arm.)

Page 15: Introduction to Docker at the Azure Meet-up in New York

Deploy reliably & consistently

Page 16: Introduction to Docker at the Azure Meet-up in New York
Page 17: Introduction to Docker at the Azure Meet-up in New York

Deploy reliably & consistently

● If it works locally, it will work on the server● With exactly the same behavior● Regardless of versions● Regardless of distros● Regardless of dependencies

Page 18: Introduction to Docker at the Azure Meet-up in New York

Deploy efficiently

● Containers are lightweight– Typical laptop runs 10-100 containers easily

– Typical server can run 100-1000 containers

● Containers can run at native speeds– Lies, damn lies, and other benchmarks:

http://qiita.com/syoyo/items/bea48de8d7c6d8c73435http://www.slideshare.net/BodenRussell/kvm-and-docker-lxc-benchmarking-with-openstack

Page 20: Introduction to Docker at the Azure Meet-up in New York

Booting 15 OpenStack VMs:KVM vs Docker

Page 21: Introduction to Docker at the Azure Meet-up in New York

Memory speed:Bare Metal vs Docker vs KVM

Page 22: Introduction to Docker at the Azure Meet-up in New York

OK, but what is

Docker?

Page 23: Introduction to Docker at the Azure Meet-up in New York

Docker Engine+ Docker Hub

= Docker Platform

Page 24: Introduction to Docker at the Azure Meet-up in New York

The Docker Engine runs containers.

Page 25: Introduction to Docker at the Azure Meet-up in New York

OK, but what is a

container?

Page 26: Introduction to Docker at the Azure Meet-up in New York

High level approach:it's a lightweight VM

● Own process space● Own network interface● Can run stuff as root● Can have its own /sbin/init

(different from the host)

« Machine Container »

Page 27: Introduction to Docker at the Azure Meet-up in New York

Low level approach:it's chroot on steroids

● Can also not have its own /sbin/init● Container = isolated process(es)● Share kernel with host● No device emulation (neither HVM nor PV)

« Application Container »

Page 28: Introduction to Docker at the Azure Meet-up in New York

Stop.Demo time.

Page 29: Introduction to Docker at the Azure Meet-up in New York
Page 30: Introduction to Docker at the Azure Meet-up in New York

Alright, I get this.Containers = nimble Vms.

Let's just tell the CFO,and get back to work!

Page 31: Introduction to Docker at the Azure Meet-up in New York
Page 32: Introduction to Docker at the Azure Meet-up in New York

What happens when something becomes

10-100x cheaper?

Page 33: Introduction to Docker at the Azure Meet-up in New York

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

Page 34: Introduction to Docker at the Azure Meet-up in New York

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

● Plan A: spin up 1 database, clean after each use– If we don't clean correctly, random tests will fail

– Cleaning correctly can be expensive (e.g. reload DB)

Page 35: Introduction to Docker at the Azure Meet-up in New York

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

● Plan B: spin up 100 databases– … in parallel: needs too much resources

– … one after the other: takes too long

Page 36: Introduction to Docker at the Azure Meet-up in New York

Random example:testing

● Project X has 100 unit tests● Each test needs a pristine SQL database

● Plan C: spin up 100 databases in containers– fast, efficient (no overhead, copy-on-write)

– easy to implement without virtualization black belt

Page 37: Introduction to Docker at the Azure Meet-up in New York

Containers make testing(and many other things)

way easier

Page 38: Introduction to Docker at the Azure Meet-up in New York

The container metaphor

Page 39: Introduction to Docker at the Azure Meet-up in New York

Problem: shipping goods

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

Page 40: Introduction to Docker at the Azure Meet-up in New York

Solution:the intermodal shipping container

Page 41: Introduction to Docker at the Azure Meet-up in New York

Solved!

Page 42: Introduction to Docker at the Azure Meet-up in New York

Problem: shipping code

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

? ? ? ? ? ?

Page 43: Introduction to Docker at the Azure Meet-up in New York

Solution:the Linux container

Page 44: Introduction to Docker at the Azure Meet-up in New York

Solved!

Page 45: Introduction to Docker at the Azure Meet-up in New York

Separation of concerns:Dave the Developer

● Inside my container:– my code

– my libraries

– my package manager

– my app

– my data

Page 46: Introduction to Docker at the Azure Meet-up in New York

Separation of concerns:Oscar the Ops guy

● Outside the container:– logging

– remote access

– network configuration

– monitoring

Page 47: Introduction to Docker at the Azure Meet-up in New York

Docker's Entourage

Page 48: Introduction to Docker at the Azure Meet-up in New York

Docker: the cast

● Docker Engine● Docker Hub● Docker, the community● Docker Inc, the company

Page 49: Introduction to Docker at the Azure Meet-up in New York

Docker Engine

● Open Source engine to commoditize LXC● Uses copy-on-write for quick provisioning● Written in Go, runs as a daemon, comes with a CLI● Everything exposed through a REST API● Allows to build images in standard, reproducible way● Allows to share images through registries● Defines standard format for containers

(stack of layers; 1 layer = tarball+metadata)

Page 50: Introduction to Docker at the Azure Meet-up in New York

… Open Source?

● Nothing up the sleeve, everything on the table– Public GitHub repository: https://github.com/dotcloud/docker

– Bug reports: GitHub issue tracker

– Mailing lists: docker-user, docker-dev (Google groups)

– IRC channels: #docker, #docker-dev (Freenode)

– New features: GitHub pull requests (see CONTRIBUTING.md)

– Docker Governance Advisory Board (elected by contributors)

Page 51: Introduction to Docker at the Azure Meet-up in New York

Docker Hub

Collection of services to make Docker more useful.● Public registry

(push/pull your images for free)● Private registry

(push/pull secret images for $)● Automated builds

(link github/bitbucket repo; trigger build on commit)● More to come!

Page 52: Introduction to Docker at the Azure Meet-up in New York

Docker, the community

● >500 contributors● ~20 core maintainers● >8,000 Dockerized projects on GitHub● >30,000 repositories on Docker Hub● >250 meetups in >90 cities in >30 countries● >750,000 downloads of boot2docker

Page 53: Introduction to Docker at the Azure Meet-up in New York

Docker Inc, the company

● Headcount: ~50● Led by Open Source veteran Ben Golub

(GlusterFS)● Revenue:

– t-shirts and stickers featuring the cool blue whale

– SAAS delivered through Docker Hub

– Support & Training

Page 54: Introduction to Docker at the Azure Meet-up in New York

Using Docker

Page 55: Introduction to Docker at the Azure Meet-up in New York

One-time setup

● On your dev env (Linux, OS X, Windows)– boot2docker (25 MB VM image)

– Natively (if you run Linux)

● On your servers (Linux)– Packages (Ubuntu, Debian, Fedora, Gentoo, Arch...)

– Single binary install (Golang FTW!)

– Easy provisioning on Azure, Rackspace, Digital Ocean...

– Special distros: CoreOS, Project Atomic

Page 56: Introduction to Docker at the Azure Meet-up in New York

Azure deployment

VMNAME=jpetazzoIMAGE=b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GBUSER=jpetazzoPASSWORD=1234abcdABCD@LOCATION="West US"

azure vm docker create $VMNAME \ $IMAGE $USER $PASSWORD -l "$LOCATION" export DOCKER_HOST=tcp://$VMNAME.cloudapp.net:4243docker --tls versionazure vm endpoint create $VMNAME 80

Page 57: Introduction to Docker at the Azure Meet-up in New York

Authoring imageswith a Dockerfile

Page 58: Introduction to Docker at the Azure Meet-up in New York

FROM ubuntu:14.04

RUN apt-get updateRUN apt-get install -y nginxRUN echo 'Hi, I am in your container!' \ >/usr/share/nginx/html/index.html

CMD nginx -g "daemon off;"

EXPOSE 80

docker build -t jpetazzo/staticweb .docker run -P jpetazzo/staticweb

Page 59: Introduction to Docker at the Azure Meet-up in New York
Page 60: Introduction to Docker at the Azure Meet-up in New York

FROM ubuntu:12.04

RUN apt-get -y updateRUN apt-get install -y g++RUN apt-get install -y erlang-dev erlang-base-hipe ...RUN apt-get install -y libmozjs185-dev libicu-dev libtool ...RUN apt-get install -y make wget

RUN wget http://.../apache-couchdb-1.3.1.tar.gz \ | tar -C /tmp -zxf-RUN cd /tmp/apache-couchdb-* && ./configure && make install

RUN printf "[httpd]\nport = 8101\nbind_address = 0.0.0.0" \ > /usr/local/etc/couchdb/local.d/docker.ini

EXPOSE 8101CMD ["/usr/local/bin/couchdb"]

docker build -t jpetazzo/couchdb .

Page 61: Introduction to Docker at the Azure Meet-up in New York

FROM debian:jessie

RUN apt-get -y updateRUN apt-get install -y python-pip

RUN mkdir /srcWORKDIR /src

ADD requirements.txt /srcRUN pip install -r requirements.txt

ADD . /srcRUN python setup.py install

Page 62: Introduction to Docker at the Azure Meet-up in New York

Do you evenChef?

Puppet?Ansible?

Salt?

Page 63: Introduction to Docker at the Azure Meet-up in New York
Page 64: Introduction to Docker at the Azure Meet-up in New York

Summary

With Docker, I can:● put my software in containers● run those containers anywhere● write recipes to automatically build containers

Page 65: Introduction to Docker at the Azure Meet-up in New York

Advanced concepts

● naming– give a unique name to your containers

● links– connect containers together

● volumes– separate code and data

– share data between containers

Page 66: Introduction to Docker at the Azure Meet-up in New York

Recent features: 0.10

● TLS support for API access● Configurable DNS search● BTRFS is no longer experimental● Integration with systemd cgroups● Use proxy environment variables (for registry)

Page 67: Introduction to Docker at the Azure Meet-up in New York

Recent features: 0.11

● SELinux integration(works better with CentOS)

● DNS integration for links(access linked containers by hostname)

● « docker run --net »– use host networking for high speed

– share network of another container

Page 68: Introduction to Docker at the Azure Meet-up in New York

Recent features: 0.12

● docker pause/unpause● more importantly: 1.0 release candidate :-)

Page 69: Introduction to Docker at the Azure Meet-up in New York

Docker 1.1

● .dockerignore(don't upload your .git anymore!)

● docker logs --tail– further logging improvements on the way

(truncate)

Page 70: Introduction to Docker at the Azure Meet-up in New York

Docker 1.2

● New cool options for docker run

--restart=always/no/on-failure

--cap-add=NETADMIN

--cap-drop=CHOWN

--device=/dev/kvm:/dev/kvm

Page 71: Introduction to Docker at the Azure Meet-up in New York

Coming soon(maybe)

● logging improvements● device mapper tuning● image squashing● ARM support● use secrets in builds

● volume management● hairpin nat● IPV6 support● seccomp + native● user namespaces

Page 72: Introduction to Docker at the Azure Meet-up in New York

Thank you! Questions?

http://docker.com/

@docker

@jpetazzo