Post on 19-Jun-2020
May 15, 2015
“What the Heck are Linux Containers Anyway?”
Ge@ng Started with Docker
May 15, 2015
Let’s Get this Out of the Way
• Tony Garcia • ScienIfic Analyst/Programmer at
Vertex PharmaceuIcals in Boston, MA • @tonyrgarcia
May 15, 2015
Back in Simpler Times…
image: www.thegeekstuff.com FTP
May 15, 2015
But Then… • More languages • More frameworks • More tools • More environments • ‘The Cloud’ • ConInuous IntegraIon/Delivery • IteraIve development • MORE COMPLEXITY
May 15, 2015
The CompaIbility Matrix from Hell
May 15, 2015
“Works on My Machine”
May 15, 2015
Early 20th Century Shipping Industry
May 15, 2015
Another Matrix From Hell ? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
May 15, 2015
Malcolm Purcell McLean • American Transport Entrepreneur • Invented the Shipping Container in 1956
"Malcolm McLean at railing, Port Newark, 1957 (7312751706)" by Maersk Line -‐ Malcolm McLean at railing, Port Newark, 1957 Uploaded by russavia. Licensed under CC BY-‐SA 2.0 via Wikimedia Commons – hkp://commons.wikimedia.org/wiki/File:Malcolm_McLean_at_railing,_Port_Newark,_1957_(7312751706).jpg#/media/File:Malcolm_McLean_at_railing,_Port_Newark,_1957_(7312751706).jpg
May 15, 2015
Containers Standardized the Shipping Yard
May 15, 2015
Our SoluIon – Linux Containers
May 15, 2015
Linux Containers 101 • Made possible by 3 Linux kernel features – Namespaces
• Isolated instances of system resources. (mnt, net, pid, ipc, users)
– Control Groups (Cgroups) • Grouping of resources and se@ng limits to memory, CPU, block IO, etc. for each container. Containers map to Cgroups 1:1
– CapabiliIes • Fine-‐grained control over privileges to run processes
• Also -‐ Union File Systems (UnionFS)
May 15, 2015
Linux Containers 101
• Containers provide isolated instances of user space – Root file systems – Binaries – Process trees (pid0, init, systemd, etc)
• Processes can only send messages to other processes in the same container.
– Networking stacks • IP addresses, port range, rouIng tables, etc.
May 15, 2015
Linux Containers 101 • SeparaIon of Concerns – Inside of Container: Developer concerns
• Apps, data, code, libs, package manager, etc.
– Outside of Container: Ops concerns • Network configuraIon, logging, monitoring, etc.
• EncapsulaIon – Write and Configure once, run anywhere – Self contained – avoids dependency conflicts with other containerized applicaIons.
May 15, 2015
Wait…What about VMs??
May 15, 2015
VMs vs. Containers
• VM – hypervisor virtualizaIon • Container – OS level virtualizaIon
images: www.docker.com
May 15, 2015
Container Formats
• LXC • BSD Jails • OpenVZ • Linux V-‐Server • Solaris Zones (UNIX)
May 15, 2015
Docker – A Linux Container Plasorm
May 15, 2015
Docker • Open Source runIme for Linux Containers • Developed by Solomon Hykes as an internal tool to manage Linux containers at dotCloud, a PAAS provider (now Docker, Inc).
• Originally wriken in python • Rewriken in Go for open source version • Demoed to the public for the first Ime as a lightning talk at PyCon 2013.
• Version 1.0 in Summer of 2014
May 15, 2015
Docker • As of May 1, 2015 – 21,000+ stars on Github – 900+ commikers – Thousands of Dockerized applicaIons. – Hundreds of projects built on top of Docker – IntegraIons with well-‐known tools (Travis, Jenkins, Vagrant, Chef, Puppet, OpenStack, etc)
– Many well-‐known cloud providers jumping on the Docker bandwagon (including AWS, Google, Azure, Rackspace, Digital Ocean)
– Many Docker-‐specific plasorms and services (Tutum, StackDock, Quay.io…)
– Docker conferences in the US and Europe
May 15, 2015
Docker and ExecuIon Drivers
May 15, 2015
The Docker Plasorm • Docker Engine – Daemon (Service) – Client
• Docker Registry – Public (hub.docker.com) – Private registry possible via ‘distribuIon’ project
• OrchestraIon, clustering, and host management tools – Compose, Swarm, Machine
May 15, 2015
Installing the Docker Engine • OS X and Windows – Install Boot2Docker via installers (hkp://boot2docker.io/)
– Sets up VirtualBox (if not on your system already) with a VM running Tiny Core Linux to host Docker containers.
• Linux – Available via package managers (apt-‐get, yum, emerge, zypper, etc.)
May 15, 2015
The Docker Engine
May 15, 2015
Demo Time! Running Your First Container
May 15, 2015
What Happened?
• Docker downloaded the latest Ubuntu image from hub.docker.com.
• Docker launched a new container based on the Ubuntu image, including an isolated process tree and root file system (enIrely in memory)
• Within the container, it executed the specified command, and the result was visible in stdout.
• Once the echo process terminated, the container was stopped.
May 15, 2015
Demo: Running Persistent Processes in Containers
May 15, 2015
Copy-‐on Write and UnionFS • In Linux, the rooss changes to read-‐write mode axer mounIng and integrity check
• In containers, rooss is read-‐only. • A writeable layer is available for copy-‐on-‐write. – When a process edits a file, the appropriate file(s) are copied to the write layer for ediIng. New files are placed in this top layer
– Files in upper layers ‘override’ those in lower layers • Many ‘flavors’: AuFS (default on Linux), devicemapper (CentOS, RH), overlay
May 15, 2015
Docker Container Layers
May 15, 2015
Using Dockerfiles • Dockerfile – plain text file that is comprised of human-‐readable instrucIons on how to build a Docker image.
• Enables the automaIon of construcIng images via the ‘docker build’ command
• LocaIon of file can be anywhere but it’s important in relaIon to its build context.
May 15, 2015
Example Dockerfile
docker build -‐t simpleserver:0.1 .
May 15, 2015
Demo: Building Images from Dockerfiles
May 15, 2015
Docker Compose
• Docker Compose is an container orchestraIon tool which lets users easily assemble applicaIons made up of linked containers
• Services that make up the applicaIon are defined in a .yml file
May 15, 2015
Demo: Se@ng up a MulI-‐Container ApplicaIon using Docker Compose
May 15, 2015
Demo: Deploying a Dockerized ApplicaIon to a Cloud Provider
May 15, 2015
Docker and Microservice Architecture
May 15, 2015
The Docker Partner Ecosystem
May 15, 2015
Resources • Docker.com & hub.docker.com • hkps://github.com/docker/ • Docker blog and weekly newsleker – blog.docker.com – blog.docker.com/docker-‐weekly-‐archives/
• meetup.com/Docker-‐Online-‐Meetup/ • Dockercon & DockerCon EU videos on YouTube
• Twiker: @docker
May 15, 2015
QuesIons?