Docker Introduction

By Walter Liu 2014/08/25

Agenda

• What is Docker?• How to use Docker?• Miscellaneous– Pitfall during POC– Tips and tricks– Some references

What is Docker?

Difference with VM

Virtual Machines

Docker

Difference with VM

– Memory is acquired when needed.– Disk is acquired when needed. • (If use devicemapper has had 10 GB limitation)

– Some file system is readonly.• Need to use priority mode to change it, but be careful

about that. I destroyed the container during functional test.

Copy on writeFile System

What does Docker want to solve?

The Matrix From Hell

Many Payloads …...

• RHEL 4• CentOS 5• CentOS 6• CentOS 7• ……

Many Payloads …...

• C/C++• C/C++ libraries• Python2.3/2.4/2.6• Python Libs• Boostpython• Ruby• Php• Java• …..

Many Payloads …...

• Nginx• Apache• Uwsgi• Django• Bottle• …..

Many Payloads …...

+ our application

Many targets

• Your dev environment• Co-worker dev environment• QA test environment• Staging environment• Production environment• Customized environment

How do we want to use it?

• Same environment between RD and OPS.• Faster delivery• Run old Linux in new Linux environment.– OPS could upgrade system OS without worry if old

application’s env.– If 2 applications are bound together, by using Docker

their OS env could be upgraded at different time.• Upgrade host OS without changing application.

How others use it?

• Easy Application Deployment• Continuous Integration• Continuous Delivery• Platform-as-a-Service (PaaS)• Development Environments & Build Pipelines -

Spotify

Easy Application Deployment

Continuous Integration/Delivery

• Write code• Push to git• Jenkins is triggered to build container and test the

container.• If the test is successful, push to private docker

registry. (Continuous Integration)• Automatic pull newest docker image to

staging/production server and switch load balance from previous version. (Continuous Delivery)

Development Environments & Build Pipelines

Docker Requirement/Dependency

• Linux Kernel 3.8+– CentOS 6.5+ (CentOS 7 is recommended)– Ubuntu is officially recommended.

• AUFS Support– (Not in CentOS, need Kernel patch)

• Cgroups and namespaces (Kernel 2.6.38+)• lxc• xz-utils

HOW TO USE DOCKER?

Installation

• yum install docker-io #EPEL repo• service docker start• chkconfig docker on• Option:– Add a user to run docker as root.

Import Image

• From docker repository– CMD: docker pull centos

• From a tar ball– CMD: docker load centos-wcs-build-1000.tar

• From private docker repository

Run container

• docker run –it <image_id> /bin/bash• Run docker container as a service– Use supervisor is a good choice.– Check example https://github.com/Krijger/docker-cookbooks

– And http://docs.docker.com/articles/using_supervisord/

• Note: if the process terminated, the container is terminated too.

Mount volume in a container

• option: -v , could be used multiple times to mount multiple volume.

• syntax: – docker run -v <host_path>:<container_path> …..– docker run -v <host_path>:<container_path>:rw ….. – docker run -v <host_path>:<container_path>:ro …..

• Example: docker run –it –v /trend/wcs/ptn:/trend/wcs/ptn:ro <image_id> /bin/bash

Publish port

• Option: “-p" Could be used multiple times to publish multiple ports to host.

• syntax:– docker run –P …. # Publish all ports to host, it’s big P.– docker run –p <host_container_port> …. # random port– docker run –p <host_port>:<container_port> ….– docker run –p

<host_interface_ip>:<host_port>:<container_port> ….

• Example: docker run –P <image_id> "/trend/wcs/wcsd" "/trend/wcs/conf/wcs.config"

Dockerfile example

This is not correct.

MISCELLANEOUS

Pitfall during POC

• Use too old Linux kernel (CentOS 6.4)• Use priority mode– Crash the container, all commands printed core

dump.• Run IO-heavy job on devicemapper. (4x slow)• Host and container uid is not sync.– WORKAROUND: adduser –u 1000 –g 1000 wcs

Tips and tricks

• Kill all containers– docker kill $(docker ps -q)

• Remove contents of all containers– docker rm $(docker ps -a –q)

• Remove all images– docker rmi $(docker images -q -a)

• Inspect IP of the container that just ran,– CID=$(docker run -d -p 4321 base nc -lk 4321)– docker inspect --format '{{ .NetworkSettings.IPAddress }}' ${CID}

Some References

• 使用 DEVICE MAPPER 插件来改变 DOCKER 容器的大小https://www.dockboard.org/resizing-docker-containers-with-the-device-mapper-plugin/

• WHY YOU DON'T NEED TO RUN SSHD IN YOUR DOCKER CONTAINERS?– http://blog.docker.com/2014/06/why-you-dont-

need-to-run-sshd-in-docker/

Backup slides

The problems

• OPS needs to do – Installation, – Dependency– Monitor

• Environment conflict• Environment diff between Dev and production