Docker introduction
- 1. Introduction to Docker November, 2013
- 2. Contents • Introduction to Docker, Containers, and the Matrix from Hell • Why people care: Separation of Concerns • Technical Discussion • Ecosystem • Use Cases • Docker Futures • Advanced topics: Networking, Data • OpenStack • Learn More
- 3. In the 8 months since we launched • • • • >200,000 pulls >7,500 github stars >200 significant contributors >200 projects built on top of docker • UIs, mini-PaaS, Remote Desktop…. • 1000’s of Dockerized applications • Memcached, Redis, Node.js…and Hadoop • Integration in Jenkins, Travis, Chef, Puppet, Vagrant and OpenStack • Meetups arranged around the world…with organizations like Ebay, Cloudflare, Yandex, and Rackspace presenting on their use of Docker
- 4. Why all the excitement?
- 5. User DB Static website postgresql + pgv8 + v8 nginx 1.5 + modsecurity + openssl + bootstrap 2 Background workers Python 3.0 + celery + pyredis + libcurl + ffmpeg + libopencv + nodejs + phantomjs Queue Analytics DB Redis + redis-sentinel hadoop + hive + thrift + OpenJDK Web frontend Ruby + Rails + sass + Unicorn API endpoint Do services and apps interact appropriately? Multiplicity of Stacks The Challenge Development VM Production Cluster Public Cloud QA server Disaster recovery Contributor’s laptop Customer Data Center Production Servers Can I migrate smoothly and quickly? Multiplicity of hardware environments Python 2.7 + Flask + pyredis + celery + psycopg + postgresql-client
- 6. The Matrix From Hell Static website ? ? ? ? ? ? ? Web frontend ? ? ? ? ? ? ? Background workers ? ? ? ? ? ? ? User DB ? ? ? ? ? ? ? Analytics DB ? ? ? ? ? ? ? Queue ? ? ? ? ? ? ? Development VM QA Server Single Prod Server Onsite Cluster Public Cloud Contributor’s laptop Customer Servers
- 7. Multiplicity of Goods Do I worry about how goods interact (e.g. coffee beans next to spices) Can I transport quickly and smoothly (e.g. from boat to train to truck) Multipilicity of methods for transporting/storing Cargo Transport Pre-1960
- 8. Also a matrix from hell ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?
- 9. A standard container that is loaded with virtually any goods, and stays sealed until it reaches final delivery. …in between, can be loaded and unloaded, stacked, transported efficiently over long distances, and transferred from one mode of transport to another Can I transport quickly and smoothly (e.g. from boat to train to truck) Multiplicity of methods for transporting/storing Do I worry about how goods interact (e.g. coffee beans next to spices) Multiplicity of Goods Solution: Intermodal Shipping Container
- 10. Static website User DB Web frontend Queue Analytics DB An engine that enables any payload to be encapsulated as a lightweight, portable, self-sufficient container… Multiplicity of hardware environments Development VM QA server Customer Data Center Public Cloud Production Cluster Contributor’s laptop Can I migrate smoothly and quickly …that can be manipulated using standard operations and run consistently on virtually any hardware platform Do services and apps interact appropriately? Multiplicity of Stacks Docker is a shipping container system for code
- 11. Docker eliminates the matrix from Hell Static website Web frontend Background workers User DB Analytics DB Queue Development VM QA Server Single Prod Server Onsite Cluster Public Cloud Contributor’s laptop Customer Servers
- 12. Why Developers Care • Build once…(finally) run anywhere* • A clean, safe, hygienic and portable runtime environment for your app. • No worries about missing dependencies, packages and other pain points during subsequent deployments. • Run each app in its own isolated container, so you can run various versions of libraries and other dependencies for each app without worrying • Automate testing, integration, packaging…anything you can script • Reduce/eliminate concerns about compatibility on different platforms, either your own or your customers. • Cheap, zero-penalty containers to deploy services? A VM without the overhead of a VM? Instant replay and reset of image snapshots? That’s the power of Docker * With the 0.7 release, we support any x86 server running a modern Linux kernel (3.2+ generally. 2.6.32+ for RHEL 6.5+, Fedora, & related)
- 13. Why Devops Cares? • Configure once…run anything • Make the entire lifecycle more efficient, consistent, and repeatable • Increase the quality of code produced by developers. • Eliminate inconsistencies between development, test, production, and customer environments • Support segregation of duties • Significantly improves the speed and reliability of continuous deployment and continuous integration systems • Because the containers are so lightweight, address significant performance, costs, deployment, and portability issues normally associated with VMs
- 14. Why it works—separation of concerns • Dan the Developer • Worries about what’s ―inside‖ the container • His Apps • • His Package Manager • His Data All Linux servers look the same Worries about what’s ―outside‖ the container • • • • His Libraries • • His code • • Oscar the Ops Guy • Logging Remote access Monitoring Network config All containers start, stop, copy, attach, migrate, etc. the same way
- 15. More technical explanation WHY • Run everywhere • Regardless of kernel version (2.6.32+) • Regardless of host distro • Physical or virtual, cloud or not • Container and host architecture must match* • Run anything • If it can run on the host, it can run in the container • i.e. if it can run on a Linux kernel, it can run WHAT • High Level—It’s a lightweight VM • • • • Own process space Own network interface Can run stuff as root Can have its own /sbin/init (different from host) • <<machine container>> • Low Level—It’s chroot on steroids • Can also not have its own /sbin/init • Container=isolated processes • Share kernel with host • No device emulation (neither HVM nor PV) from host) • <<application container>>
- 16. Containers vs. VMs App A App A’ App B Bins/ Libs Bins/ Libs Bins/ Libs Guest OS Guest OS Guest OS Guest OS Guest OS VM Containers are isolated, but share OS and, where appropriate, bins/libraries …result is significantly faster deployment, much less overhead, easier migration, faster restart Host OS Host OS Server Server Docker Bins/Libs App B’ App B’ App B’ Bins/Libs App B App A’ Hypervisor (Type 2) App A Container
- 17. Why are Docker containers lightweight? VMs Bins/ Libs Bins/ Libs Bins/ Libs Guest OS Guest OS Guest OS Bins/ Libs Original App (No OS to take up space, resources, or require restart) VMs Every app, every copy of an app, and every slight modification of the app requires a new virtual server App Δ App A App A App A Bins/ App A’ App A Guest OS Containers Copy of App No OS. Can Share bins/libs Modified App Copy on write capabilities allow us to only save the diffs Between container A and container A’
- 18. What are the basics of the Docker system? Container A Push Docker Container Image Registry Search Run Build Dockerfile For A Docker Container C Host 1 OS (Linux) Container B Docker Engine Container A Source Code Repository Pull Host 2 OS (Linux)
- 19. Changes and Updates Push App Δ App A Bins/ Bins/ Libs Docker Container Image Registry Container Mod A’ Container Mod A’’ App Δ Base Container Image Bins/ Libs Bins/ App A Bins/ Libs Bins/ App A’’ Update Docker Engine Host is now running A’’ Docker Engine Host running A wants to upgrade to A’’. Requests update. Gets only diffs
- 20. Ecosystem Support • Operating systems • • • • OpenStack • • Integrations with Chef, Puppet, Jenkins, Travis, Salt, Ansible +++ Orchestration tools • • • Native support in Rackspace, Digital Ocean,+++ AMI (or equivalent) available for AWS & other DevOps Tools • • Deis, Voxoz, Cocaine (Yandex), Baidu PaaS Public IaaS • • • OpenShift Solum (Rackspace, OpenStack) Other TBA Public PaaS • • Docker integration into NOVA (& compatibility with Glance, Horizon, etc.) accepted for Havana release Private PaaS • • • • Virtually any distribution with a 2.6.32+ kernel Red Hat/Docker collaboration to make work across RHEL 6.4+, Fedora, and other members of the family (2.6.32 +) CoreOS—Small core OS purpose built with Docker Mesos, Heat, ++ Shipyard & others purpose built for Docker Applications • 1000’s of Dockerized applications available at index.docker.io
- 21. Use Cases • Ted Dziuba on the Use of Docker for Continuous Integration at Ebay Now • https://speakerdeck.com/teddziuba/docker-at-ebay • http://www.youtube.com/watch?feature=player_embedded&v=0Hi0W4gX--4 • Sasha Klizhentas on use of Docker at Mailgun/Rackspace • http://www.youtube.com/watch?feature=player_embedded&v=CMC3xdAo9RI • Sebastien Pahl on use of Docker at CloudFlare • http://www.youtube.com/watch?feature=player_embedded&v=-Lj3jt_-3r0 • Cambridge HealthCare • http://blog.howareyou.com/post/62157486858/continuous-delivery-with-docker-and-jenkinspart-i • Red Hat Openshift and Docker • https://www.openshift.com/blogs/technical-thoughts-on-openshift-and-docker
- 22. Use Cases—From Our Community Use Case Clusters Examples Building a MongoDB cluster using docker Link http://bit.ly/1acbjZf Build your own PaaS Production Quality MongoDB Setup with Docker Wildfly cluster using Docker on Fedora OpenSource PaaS built on Docker, Chef, and Heroku Buildpacks http://bit.ly/15CaiHb http://bit.ly/1bClX0O http://deis.io Web Based Environment for Instruction JiffyLab – web based environment for the instruction, or lightweight use of, Python and UNIX shell http://bit.ly/12oaj2K Easy Application Deployment Deploy Java Apps With Docker = Awesome How to put your development environment on docker Running Drupal on Docker Installing Redis on Docker Docker makes creating secure sandboxes easier than ever http://bit.ly/11BCvvu http://bit.ly/1b4XtJ3 http://bit.ly/15MJS6B http://bit.ly/16EWOKh http://bit.ly/13mZGJH Memcached as a Service Multi-cloud Deployment with Docker http://bit.ly/11nL8vh http://bit.ly/1bF3CN6 Next Generation Continuous Integration & Deployment with dotCloud’s Docker and Strider Testing Salt States Rapidly With Docker http://bit.ly/ZwTfoy Docker Desktop: Your Desktop Over SSH Running Inside Of A Docker Container http://bit.ly/14RYL6x Create Secure Sandboxes Create your own SaaS Automated Application Deployment Continuous Integration and Deployment Lightweight Desktop Virtualization http://bit.ly/1eFBtcm
- 23. Docker Futures* • Docker 0.7 (current release) • • • • LXC Docker 0.1-0.6 AUFS Docker 0.8+ Fedora compatibility Reduce kernel dependencies Device mapper Container linking • Docker 0.8 (Dec) • • • • • Shrink and stabilize Core Provide stable, pluggable API RHEL compatibility Nested containers Beam: Introspection API based on Redis • expand snapshot management features for data volumes • We will consider this ―production ready‖ • Docker 0.9 (Jan) • Docker 1.0 (Feb) • We will offer support for this product * We shoot for time based releases (1x/5wks), features are targeted, but not guaranteed for particular releases
- 24. Advanced topics • Data • Today: Externally mounted volumes • • Share volumes between containers Share volume between a containers and underlying hosts • • • • • high-performance storage backend for your production database making live development changes available to a container, etc. Optional: specify memory limit for containers, CPU priority Device mapper/ LVM snapshots in 0.7 Futures: • • • • I/O limits Container resource monitoring (CPU & memory usage) Orchestration (linking & synchronization between containers) Cluster orchestration (multi-host environment) • Networking • Supported today: • UDP/TCP port allocation to containers • • • IP allocation to containers • • specify which public port to redirect. If you don’t specify a public port, Docker will revert to allocating a random public port. Docker uses IPtables/netfilter Docker uses virtual interfaces, network bridge, Futures: • • • See Pipework (Upstream) : Software-Defined Networking for Linux Containers (https://github.com/jpetazzo/pipework) Certain pipework concepts will move from upstream to part of core Docker Additional capabilities come with libvirt support in 0.8-0.9 timeframe
- 25. OpenStack / Docker New hypervisor to enable Nova to deploy Linux containers
- 26. Why Docker + OpenStack • Alternative to VMs within OpenStack-today • Easier deployment of OpenStack itself-near future • Cross cloud application deployment • At OpenStack Summit we will show: • Building and testing an application from source • Running on a laptop • Running it, without modification or noticeable downtime, on a public cloud • Running it, without modification or noticeable downtime, on an openstack cluster • Doing all of the above using Nova, Glance and Horizon • Containers orchestration with OpenStack Heat (Demo at summit)
- 27. Why a new hypervisor? • Nova a computing controller for OpenStack • Nova support for containers is minimal (via LibVirt) • Enables control of Docker through OpenStack projects (ex: deploy containers via Horizon Web UI)
- 28. Want to learn more? • www.docker.io: • Documentation • Getting started: interactive tutorial, installation instructions, getting started guide, • About: Introductory whitepaper: http://www.docker.io/the-whole-story/ • Github: dotcloud/docker • IRC: freenode/#docker • Google groups: groups.google.com/forum/#!forum/docker-user • Twitter: follow @docker • Meetups: Scheduled for Boston, San Francisco, Austin, London, Paris, Boulder…and Nairobi. https://www.docker.io/meetups/
- 29. www.docker.io