KEMBAR78
Why everyone is excited about Docker (and you should too...) - Carlo Bonamico - Codemotion Milan 2014 | PDF
Codemotion, profile picture
Uploaded byCodemotion
PDF, PPTX826 views

Why everyone is excited about Docker (and you should too...) - Carlo Bonamico - Codemotion Milan 2014

The document highlights the significance of Docker in simplifying the creation of development, testing, and production environments, making deployment significantly faster and more portable. It discusses the evolution of Docker from an internal project to a major open-source platform, emphasizing its benefits over traditional virtual machines, including resource efficiency and ease of management. The text also touches on the integration of Docker within DevOps practices for continuous delivery and the use of Dockerfiles for building images, along with various best practices for security and container management.

Download as PDF, PPTX
MILAN november 28th/29th 2014 Carlo Bonamico Why everyone is excited about Docker (and you should too...) carlo.bonamico@nispro.it - NIS s.r.l. carlo.bonamico@gmail.com – Genova Java User Group Twitter: @carlobonamico
Didn't you hear these at least once?  Can you deploy my application? It's for Linux...  Yes, but which distribution? release? patch?  Why the deploy failed? Didn't you test the app?  Yes, but the production environment is slightly different  The new version is having some issues, can you rollback to the previous one, please?  Yes, but it will take some hours – if John hasn't already gone home – in that case he'll do it on monday  Can you debug this production problem?  Yes, but I need an hosted DEV environment as I can't run all the needed VMs on my laptop
In the beginning...  We moved from physical server to VMs  performance and resource usage issues  Got more security and hardware independence  but creating a VM still takes time  Some hosting / cloud providers took advantage of kernel-level virtualization  LXC  OpenVZ  But out-of-reach of the common man Dev  Try setting up LXC...
Then in 2013 (please fake drum roll)  Solomon Hykes (@solomonstre) started Docker as an internal project within dotCloud.com hosting  to make Linux Containers an order of magnitude easier  and more powerful, too  Open Sourced in March 2013  in a week, it went to the top projects on GitHub  https://github.com/docker/docker  A catalyst for innovative work on containers  shortly, several other key projects converged
Fast Forward to mid-2014  Major Open Source project with contributions from all the big names in IT  Google, RedHat, OpenShift, Ubuntu ...  DotCloud → Docker Inc.  https://www.docker.com/  All cloud big and small names are in a rush to provide Docker hosting  Amazon, CloudFoundry, Linode, Digital Ocean…  and Microsoft !  both for Azure and soon for the new Windows Server...
But why should I join the party?  In short, Docker makes creating  Development  Test  and Production  environments an order of magnitude  simpler  faster  and completely portable  across both local and cloud infrastructure
Docker hello world...  What's happening here? user@laptop:~$ docker pull ubuntu:14.04.1 user@laptop:~$ docker run ubuntu:14.04.1 echo "Hello World" Hello World  And here? user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@d1fa8fcb4518:/# python bash: python: command not found root@d1fa8fcb4518:/#
Behind the scenes...  I run the docker cli (Command Line Interface ) user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash  the CLI connects to docker daemon by REST API,  which asks the Linux kernel to create a new container d1fa8fcb4518  and runs /bin/bash in it, so root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media ...  lists the filesystem of the container (!= from host OS) root@d1fa8fcb4518:/# python bash: python: command not found
So what's inside Docker?  Isolation layer based on kernel namespaces  separate process trees, network, user IDs and mounted file systems  Resource isolation through cgroups  CPU, memory, block I/O and network  Standard interface through libcontainer  based on libvirt, LXC and systemd-nspawn  And more...
How are data & containers stored?  AUFS Another Union Filesystem  possibly other snapshotting fs (zfs) / block device (LVM)  Layered approach  rootfs → kernel layer  bootfs → a Linux distribution  emacs  apache  application  Copy-on-Write approach – à la subversion (SVN)
Containers, Images and Index  A Container is a running instance  can run 100-1000 containers per host  An Image is a static snapshot  in turn based on a series of layers  unique hash for each layer, so  Images are basically versioned (think git)  can be tagged ubuntu:14.04.1  can be updated by applying layer deltas  Images can be stored in an Index  local and remote indexes (think maven / npm repos)
So a container is like a lighter/better Virtual Machine? Well...
VM vs Container  A Virtual Machine  needs an hypervisor  and a full OS inside  Bigger footprint  RAM needed  Storage space  Tend to be slower  2 filesystems, 2 OSes  Strong resource management  A Container  talks to the host kernel  Smaller footprint  no RAM needed for Guest OS  differential storage  Tend to be faster  direct CPU access  Less sophisticated resource management
VM vs Container
Great! but tell me about security  Are containers less secure than Vms?  the answer is nuanced...  https://docs.docker.com/articles/security/  Can I use Docker in Production?  Sure! many Internet companies trust it  But a container still needs good System Administration & InfoSec practices!  limiting privileges, avoiding unsecure defaults, etc...  http://www.slideshare.net/jpetazzo/docker­linux­conta iners­lxc­and­security  http://opensource.com/business/14/7/docker­security­s elinux Avoid This!
Docker workflow
Start with a dockerfile  Define an image for running Tomcat 7  inspired by https://registry.hub.docker.com/_/tomcat/ FROM java:7­jre RUN groupadd ­r tomcat && useradd ­r ­­create­home ­g tomcat tomcat ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH RUN mkdir ­p "$CATALINA_HOME" && chown tomcat:tomcat "$CATALINA_HOME" WORKDIR $CATALINA_HOME USER tomcat ENV TOMCAT_MAJOR 7 ENV TOMCAT_VERSION 7.0.57
Dockerfiles - continued ENV TOMCAT_TGZ_URL https://www.apache.org/dist/tomcat/tomcat­$ TOMCAT_MAJ OR/v$TOMCAT_VERSION/bin/apache­tomcat­$ TOMCAT_VERSION .tar.gz RUN curl ­SL "$TOMCAT_TGZ_URL" ­o tomcat.tar.gz && curl ­SL "$TOMCAT_TGZ_URL.asc" ­o tomcat.tar.gz.asc && tar ­xvf tomcat.tar.gz ­­strip­components= 1 && rm bin/*.bat && rm tomcat.tar.gz* EXPOSE 8080 CMD ["catalina.sh", "run"]  Public repo of Dockerfiles, with automatic build  http://dockerfile.github.io/
Building an image  Build the image from the Dockerfile docker build .  You can then do further edits, then docker build .  And archive the image locally docker commit 38b73dfecc3c docker­simple­samples­web  And tag it docker tag 47432ccfea81 docker­simple­samples­web: 1.0  List local images docker images
Starting a container  Start a container interactively docker run ­i ­t docker­simple­samples­web /bin/bash  Start a container as a daemon  using defaul entrypoint docker run ­d docker­simple­samples­web: 1.0  Check running containers docker ps  And stopping it  docker stop <<id>>  Check also stopped containers docker ps ­a
Attaching to a running container  Using nsenter docker inspect ­­format "{{ .State.Pid }}" determined_bardeen nsenter ­­target $PID ­­mount ­­uts ­­ipc ­­net ­­pid
Storing and Sharing data  Creating a Container to host a data Volume #Dockerfile FROM busybox VOLUME /var/lib/mysql CMD /bin/sh  Create the Image docker build ­­tag carlobonamico/datastore  Create the Container docker run ­d ­name pgsql_data ­v /var/lib/pgsql/ carlobonamico/datastore  Attach the volume to another container docker run ­d ­volumes­from pgsql_data cb/postgres­db
Publishing  To the Central Registry docker push carlobonamico/docker­simple­samples­web  need a free account on https://hub.docker.com/  see result at https://registry.hub.docker.com/u/carlobonamico/docke r­simple­samples­web/  Tag and publish to a private repository  docker tag 8dbd9e392a96 my­local­repo: 5000/docker­simple­samples­web  You need  https://github.com/docker/docker­registry
Deploy to the cloud  On cloud server docker pull carlobonamico/docker­simple­samples­web: 2  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2  Upgrade it docker pull carlobonamico/docker­s... ­samples­web: 2.1  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2.1  Rollback to previous version docker run ­d carlobonamico/docker­s... ­samples­web: 2
So what do I get?  If I am a Dev  recreate complex environments on a laptop  If I am a Tester  easy to recreate applications deployments and data  If I am an Ops person  less configuration effort  more standardization  In general  lots of pre-packaged components  https://registry.hub.docker.com/  quickly deploy (groups of) packages  even multiple versions at the same time But many other benefits to come...
Docker and DevOps DevOps is a software development method that stresses communication, collaboration and integration between software developers and IT professionals, as a response to the interdependence of Dev and Ops.  http://en.wikipedia.org/wiki/DevOps  Docker gives a common, seamless collaboration model and workflow between Dev and Ops  clearer separation of responsibilities  Docker and DevOps by Gene Kim  https://www.youtube.com/watch?v=SaHbtEeu37M
Docker helps Continuous Delivery Continuous Delivery of value to users through a constant flow of incremental product/service improvements along the entire pipeline Idea → Implementation → Test → Deploy → Prod http://continuousdelivery.com/  4 Practices of Continuous Delivery (from the book)  Build binaries only once  package them in containers  Same mechanism to deploy to every environment  and move the containers across environments  Smoke test your deployment, & If anything fails, stop the line!
Docker helps with CD's 8 principles  Releasing/deploying MUST be repeatable and reliable  containers  Automate everything!  docker is fully scriptable and has an API  If somethings difficult or painful, do it more often  containers are quick to deploy many times a day  Keep everything in source control  including dockerfiles!  Done means “released”  it's containers all the way to production  Build quality in!  containers support frequent and realistic testing  Everybody has responsibility for the release process  see DevOps slide...  Improve continuously
What do I put in a Docker image?  The traditional Way  VM-like approach  SSH, init.d  several apps in the same container  http://phusion.github.io/baseimage-docker/  https://registry.hub.docker.com/u/phusion/baseimage/  Useful in the transition phase or to run existing SW  The Docker Way  run a service per container  purists say a single process per container!
From a single container
To many containers  Two key drivers  Scalability  Microservices
Microservices Instead of big, monolitic, black-hole-like single app implement a network of collaborating simple services http://martinfowler.com/articles/microservices.html “a bit like SOA, but done right”  Componentization via Services  Organized around Business Capabilities  Products not Projects  Smart endpoints and dumb pipes  Decentralized Governance  Decentralized Data Management  Infrastructure Automation  Design for failure  Evolutionary Design It looks like Docker is a perfect match!
SOLID Design Principles  Apply @unclebobmartin S.O.L.I.D. principles to entire architecture  Separation of Concerns → microservices  Open for extension, Closed for modification → Immutable Infrastructure  never “change” a container: add a new one with the new version then discard the old one  http://blog.codeship.com/immutable­infrastructure/  Liskov Substitution Principle → APIs, service contracts  Interface Segregation Principle → micro-APIs  Dependency Inversion Principle → container linking
Linking containers  Run a DB  and give it a name docker run ­d ­­name db postgres:9.3.5  Run a Web server docker rm ­f carlobonamico/web  does not see the db  Run a Web Server linked to the DB  with automatic local dns alias registration docker run ­d ­P ­­link db:db carlobonamico/d­s­s­web
Principles of Package Design  How do I split functionality across Containers?  REP The Release Reuse Equivalency Principle  The granule of reuse is the granule of release  CCP The Common Closure Principle  Classes that change together are packaged together  CRP The Common Reuse Principle  Classes that are used together are packaged together  ADP The Acyclic Dependencies Principle  The dependency graph must have no cycles  SDP The Stable Dependencies Principle  Depend in the direction of stability  SAP The Stable Abstractions Principle  Abstractness increases with stability  Thank you again, Uncle Bob http://butunclebob.com/ArticleS.UncleBob.PrinciplesOfOod
Managing Development and Production clusters  Fig http://www.fig.sh/  create DEV environm.  fig.yml web: build: . command: catalina .sh run links: ­db ports: ­" 8000:8000" db: image: postgres  Then (think vagrant-up) fig up   open source  https://github.com/g ooglecloudplatform/k ubernetes  manage prod clusters  use it on Google Compute Engine  or download on premises
Ansible and Docker  So I do not need a configuration management system anymore?  Well, you still need to  Create images  Manage the Docker host  Ansible to the rescue!
Ansible  Simple yet incredibly powerful Open Source configuration management and orchestration tool  Infrastructure as data  http://www.slideshare.net/carlo.bonamico/infrastructu re­as­data­with­ansible­for­easier­continuous­deliver y  Ansible can support Docker in two ways  http://www.ansible.com/docker  1) Manage the docker host with docker module  e.g. create a container running Tomcat docker: image=centos command="service tomcat6 start" ports=808
Building Images with Ansible  2) Copy and launch ansible playbook in Dockerfile  http://www.ansible.com/2014/02/12/installing­and­buil ding­docker­with­ansible  https://github.com/CaptTofu/ansible­docker­presentati on  Use base image with ansible from https://registry.hub.docker.com/repos/ansible/ FROM ansible/ubuntu14.04­ansible MAINTAINER yourname RUN git clone http://github.com/user/myapp.git /tmp/myapp WORKDIR /tmp/myapp ADD inventory /etc/ansible/hosts RUN ansible­playbook myapp.yml ­c local EXPOSE 22 3000 ENTRYPOINT [“/home/app/tomcat/bin/catalina.sh run”]
So, where do I start?  Try the samples  https://github.com/carlobonamico/docker­simple­sample s  Great interactive tutorial at  https://docs.docker.com/  https://docs.docker.com/articles/dockerfile_best­prac tices/  Try Docker in the Cloud  with Koding ide  http://learn.koding.com/guides/what­is­docker/
References  Cloud architectures  http://sites.oreilly.com/odewahn/dds­field­guide/  http://12factor.net/  Microservices  https://skillsmatter.com/conferences/6312­mucon  http://douglassquirrel.com/microservices/  Distributions to put around and inside a container?  https://coreos.com/  Docker and Windows  http://weblogs.asp.net/scottgu/docker­and­microsoft­i ntegrating­docker­with­windows­server­and­microsoft­a zure
Thank you!  Other presentations  http://www.slideshare.net/carlo.bonamico/presentations  Follow me on Twitter  @carlobonamico  updates on Docker, Ansible, Continuous Delivery  and some AngularJS!  Contact me  carlo.bonamico@gmail.com / carlo.bonamico@nispro.it  My company  http://www.nispro.it
Running on Mac/Windows  Boot2docker  A minimalistic VM – just SSH + docker  http://boot2docker.io/  Download and launch the installer  https://github.com/boot2docker/windows­installer/ rele ases/latest  Launch docker Boot2Docker Start

More Related Content

PPTX
Introducción a los contenedores Docker
byCarlos E. Vasquez P.
 
PDF
Dockerfile
byJeffrey Ellin
 
PPTX
Docker
byMutlu Okuducu
 
PDF
Cluster management with Kubernetes
bySatnam Singh
 
PPTX
Virtual machines and containers
byPatrick Pierson
 
PDF
What is Docker | Docker Tutorial for Beginners | Docker Container | DevOps To...
byEdureka!
 
PPTX
Docker introduction
bydotCloud
 
PDF
Docker in real life
byNguyen Van Vuong
 
Introducción a los contenedores Docker
byCarlos E. Vasquez P.
 
Dockerfile
byJeffrey Ellin
 
Docker
byMutlu Okuducu
 
Cluster management with Kubernetes
bySatnam Singh
 
Virtual machines and containers
byPatrick Pierson
 
What is Docker | Docker Tutorial for Beginners | Docker Container | DevOps To...
byEdureka!
 
Docker introduction
bydotCloud
 
Docker in real life
byNguyen Van Vuong
 

What's hot

PDF
Introduction to docker
byInstruqt
 
PDF
Docker Swarm 0.2.0
byDocker, Inc.
 
PDF
Linux Container Technology 101
byinside-BigData.com
 
ODP
¿Qué es docker?
byDiego Gabriel Calbo Elizondo
 
PDF
Docker Introduction
bySparkbit
 
PDF
Docker Containers Deep Dive
byWill Kinard
 
PDF
Docker swarm
byAlberto Guimarães Viana
 
PPTX
Docker.pptx
bybalaji257
 
PPTX
Docker introduction (1)
byGourav Varma
 
PPTX
Kubernetes and container security
byVolodymyr Shynkar
 
PPTX
Docker: From Zero to Hero
byfazalraja
 
PDF
Containers: The What, Why, and How
bySneha Inguva
 
PPTX
Docker introduction
byGourav Varma
 
PDF
Introducción a Kubernetes
byParadigma Digital
 
PDF
Docker - Containervirtualisierung leichtgemacht
byB1 Systems GmbH
 
PDF
Introduction to Docker storage, volume and image
byejlp12
 
PPT
VMware Virtualization
byAshwani Kumar
 
PDF
Docker Introduction
byPeng Xiao
 
PDF
Docker, Linux Containers (LXC), and security
byJérôme Petazzoni
 
PPTX
Clean architecture
byTravis Frisinger
 
Introduction to docker
byInstruqt
 
Docker Swarm 0.2.0
byDocker, Inc.
 
Linux Container Technology 101
byinside-BigData.com
 
¿Qué es docker?
byDiego Gabriel Calbo Elizondo
 
Docker Introduction
bySparkbit
 
Docker Containers Deep Dive
byWill Kinard
 
Docker swarm
byAlberto Guimarães Viana
 
Docker.pptx
bybalaji257
 
Docker introduction (1)
byGourav Varma
 
Kubernetes and container security
byVolodymyr Shynkar
 
Docker: From Zero to Hero
byfazalraja
 
Containers: The What, Why, and How
bySneha Inguva
 
Docker introduction
byGourav Varma
 
Introducción a Kubernetes
byParadigma Digital
 
Docker - Containervirtualisierung leichtgemacht
byB1 Systems GmbH
 
Introduction to Docker storage, volume and image
byejlp12
 
VMware Virtualization
byAshwani Kumar
 
Docker Introduction
byPeng Xiao
 
Docker, Linux Containers (LXC), and security
byJérôme Petazzoni
 
Clean architecture
byTravis Frisinger
 

Similar to Why everyone is excited about Docker (and you should too...) - Carlo Bonamico - Codemotion Milan 2014

PDF
codemotion-docker-2014
byCarlo Bonamico
 
PDF
Introduction to Docker and deployment and Azure
byJérôme Petazzoni
 
PDF
Introduction to Docker at the Azure Meet-up in New York
byJérôme Petazzoni
 
PDF
Introduction to Docker at Glidewell Laboratories in Orange County
byJérôme Petazzoni
 
PPTX
Java developer intro to environment management with vagrant puppet and docker
byGetting value from IoT, Integration and Data Analytics
 
PPTX
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
byLucas Jellema
 
PPTX
Dockerize the World - presentation from Hradec Kralove
bydamovsky
 
PDF
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
byJérôme Petazzoni
 
PPTX
Dockerize the World
bydamovsky
 
PPTX
Containerization using docker and its applications
byPuneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
PPTX
Containerization using docker and its applications
byPuneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
PDF
Docker 2014
byOpen Networking Perú (Opennetsoft)
 
PPTX
Intro to Docker November 2013
byDocker, Inc.
 
PDF
Docker From Scratch
byGiacomo Vacca
 
PPTX
The challenge of application distribution - Introduction to Docker (2014 dec ...
bySébastien Portebois
 
PDF
Docker 101: An Introduction
byPOSSCON
 
PDF
Docker basic
bySomenath Ghosh
 
PPTX
Introduction to automated environment management with Docker Containers - for...
byLucas Jellema
 
PPTX
Docker Ecosystem on Azure
byPatrick Chanezon
 
PDF
Faster and Easier Software Development using Docker Platform
bymsyukor
 
codemotion-docker-2014
byCarlo Bonamico
 
Introduction to Docker and deployment and Azure
byJérôme Petazzoni
 
Introduction to Docker at the Azure Meet-up in New York
byJérôme Petazzoni
 
Introduction to Docker at Glidewell Laboratories in Orange County
byJérôme Petazzoni
 
Java developer intro to environment management with vagrant puppet and docker
byGetting value from IoT, Integration and Data Analytics
 
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
byLucas Jellema
 
Dockerize the World - presentation from Hradec Kralove
bydamovsky
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
byJérôme Petazzoni
 
Dockerize the World
bydamovsky
 
Containerization using docker and its applications
byPuneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
Containerization using docker and its applications
byPuneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
Docker 2014
byOpen Networking Perú (Opennetsoft)
 
Intro to Docker November 2013
byDocker, Inc.
 
Docker From Scratch
byGiacomo Vacca
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
bySébastien Portebois
 
Docker 101: An Introduction
byPOSSCON
 
Docker basic
bySomenath Ghosh
 
Introduction to automated environment management with Docker Containers - for...
byLucas Jellema
 
Docker Ecosystem on Azure
byPatrick Chanezon
 
Faster and Easier Software Development using Docker Platform
bymsyukor
 

More from Codemotion

PDF
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
byCodemotion
 
PDF
Pompili - From hero to_zero: The FatalNoise neverending story
byCodemotion
 
PPTX
Pastore - Commodore 65 - La storia
byCodemotion
 
PPTX
Pennisi - Essere Richard Altwasser
byCodemotion
 
PPTX
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
byCodemotion
 
PPTX
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
byCodemotion
 
PPTX
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
byCodemotion
 
PPTX
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
byCodemotion
 
PDF
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
byCodemotion
 
PDF
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
byCodemotion
 
PDF
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
byCodemotion
 
PDF
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
byCodemotion
 
PDF
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
byCodemotion
 
PDF
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
byCodemotion
 
PPTX
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
byCodemotion
 
PPTX
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
byCodemotion
 
PDF
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
byCodemotion
 
PDF
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
byCodemotion
 
PDF
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
byCodemotion
 
PDF
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
byCodemotion
 
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
byCodemotion
 
Pompili - From hero to_zero: The FatalNoise neverending story
byCodemotion
 
Pastore - Commodore 65 - La storia
byCodemotion
 
Pennisi - Essere Richard Altwasser
byCodemotion
 
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
byCodemotion
 
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
byCodemotion
 
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
byCodemotion
 
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
byCodemotion
 
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
byCodemotion
 
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
byCodemotion
 
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
byCodemotion
 
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
byCodemotion
 
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
byCodemotion
 
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
byCodemotion
 
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
byCodemotion
 
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
byCodemotion
 
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
byCodemotion
 
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
byCodemotion
 
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
byCodemotion
 
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
byCodemotion
 

Recently uploaded

PDF
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
PDF
Beyond Generative AI: Creating Demand for Compute in the 2030s
byReidar Wasenius
 
PPTX
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 
PDF
Cassandra vs. ScyllaDB: Evolutionary Differences
byScyllaDB
 
PDF
Using Copilot with Microsoft Office Apps
byDeb Walther
 
PDF
A fool with a tool is still a fool - Plone Conference 2025
byAndreas Jung
 
PDF
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
PDF
How to Measure Microsoft 365 Copilot Success and Manage AI Risk: Advanced Str...
byNikki Chapple
 
PDF
NSSHOEU-J 4x35mm² Cable Specification.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PPTX
Session 5 - Specialized AI Associate Series: Build a Document Understanding ...
byDianaGray10
 
PDF
Getting the Best of TrueDEM – October News & Updates
bypanagenda
 
PDF
UnityNet Digital Sovereignty Checklist 2025-10-13
byLHelferty
 
PDF
Session 4 - Specialized AI Associate Series: UiPath Document Understanding O...
byDianaGray10
 
PDF
What is Google Cloud Platform (GCP)? A 5-Minute Guide for Beginners (2025)
byTeleglobal International
 
PDF
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
PPTX
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
PDF
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
PPTX
Hybrid Active Directory Cyber Resiliency
byFrancesco Faenzi
 
PDF
Planetek Italia Corporate Profile brochure
byPlanetek Italia Srl
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
Beyond Generative AI: Creating Demand for Compute in the 2030s
byReidar Wasenius
 
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 
Cassandra vs. ScyllaDB: Evolutionary Differences
byScyllaDB
 
Using Copilot with Microsoft Office Apps
byDeb Walther
 
A fool with a tool is still a fool - Plone Conference 2025
byAndreas Jung
 
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
How to Measure Microsoft 365 Copilot Success and Manage AI Risk: Advanced Str...
byNikki Chapple
 
NSSHOEU-J 4x35mm² Cable Specification.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
Session 5 - Specialized AI Associate Series: Build a Document Understanding ...
byDianaGray10
 
Getting the Best of TrueDEM – October News & Updates
bypanagenda
 
UnityNet Digital Sovereignty Checklist 2025-10-13
byLHelferty
 
Session 4 - Specialized AI Associate Series: UiPath Document Understanding O...
byDianaGray10
 
What is Google Cloud Platform (GCP)? A 5-Minute Guide for Beginners (2025)
byTeleglobal International
 
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
Hybrid Active Directory Cyber Resiliency
byFrancesco Faenzi
 
Planetek Italia Corporate Profile brochure
byPlanetek Italia Srl
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 

Why everyone is excited about Docker (and you should too...) - Carlo Bonamico - Codemotion Milan 2014

  • 1.
    MILAN november 28th/29th2014 Carlo Bonamico Why everyone is excited about Docker (and you should too...) carlo.bonamico@nispro.it - NIS s.r.l. carlo.bonamico@gmail.com – Genova Java User Group Twitter: @carlobonamico
  • 2.
    Didn't you hearthese at least once?  Can you deploy my application? It's for Linux...  Yes, but which distribution? release? patch?  Why the deploy failed? Didn't you test the app?  Yes, but the production environment is slightly different  The new version is having some issues, can you rollback to the previous one, please?  Yes, but it will take some hours – if John hasn't already gone home – in that case he'll do it on monday  Can you debug this production problem?  Yes, but I need an hosted DEV environment as I can't run all the needed VMs on my laptop
  • 3.
    In the beginning...  We moved from physical server to VMs  performance and resource usage issues  Got more security and hardware independence  but creating a VM still takes time  Some hosting / cloud providers took advantage of kernel-level virtualization  LXC  OpenVZ  But out-of-reach of the common man Dev  Try setting up LXC...
  • 4.
    Then in 2013(please fake drum roll)  Solomon Hykes (@solomonstre) started Docker as an internal project within dotCloud.com hosting  to make Linux Containers an order of magnitude easier  and more powerful, too  Open Sourced in March 2013  in a week, it went to the top projects on GitHub  https://github.com/docker/docker  A catalyst for innovative work on containers  shortly, several other key projects converged
  • 5.
    Fast Forward tomid-2014  Major Open Source project with contributions from all the big names in IT  Google, RedHat, OpenShift, Ubuntu ...  DotCloud → Docker Inc.  https://www.docker.com/  All cloud big and small names are in a rush to provide Docker hosting  Amazon, CloudFoundry, Linode, Digital Ocean…  and Microsoft !  both for Azure and soon for the new Windows Server...
  • 6.
    But why shouldI join the party?  In short, Docker makes creating  Development  Test  and Production  environments an order of magnitude  simpler  faster  and completely portable  across both local and cloud infrastructure
  • 7.
    Docker hello world...  What's happening here? user@laptop:~$ docker pull ubuntu:14.04.1 user@laptop:~$ docker run ubuntu:14.04.1 echo "Hello World" Hello World  And here? user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@d1fa8fcb4518:/# python bash: python: command not found root@d1fa8fcb4518:/#
  • 8.
    Behind the scenes...  I run the docker cli (Command Line Interface ) user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash  the CLI connects to docker daemon by REST API,  which asks the Linux kernel to create a new container d1fa8fcb4518  and runs /bin/bash in it, so root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media ...  lists the filesystem of the container (!= from host OS) root@d1fa8fcb4518:/# python bash: python: command not found
  • 9.
    So what's insideDocker?  Isolation layer based on kernel namespaces  separate process trees, network, user IDs and mounted file systems  Resource isolation through cgroups  CPU, memory, block I/O and network  Standard interface through libcontainer  based on libvirt, LXC and systemd-nspawn  And more...
  • 10.
    How are data& containers stored?  AUFS Another Union Filesystem  possibly other snapshotting fs (zfs) / block device (LVM)  Layered approach  rootfs → kernel layer  bootfs → a Linux distribution  emacs  apache  application  Copy-on-Write approach – à la subversion (SVN)
  • 11.
    Containers, Images andIndex  A Container is a running instance  can run 100-1000 containers per host  An Image is a static snapshot  in turn based on a series of layers  unique hash for each layer, so  Images are basically versioned (think git)  can be tagged ubuntu:14.04.1  can be updated by applying layer deltas  Images can be stored in an Index  local and remote indexes (think maven / npm repos)
  • 12.
    So a containeris like a lighter/better Virtual Machine? Well...
  • 13.
    VM vs Container  A Virtual Machine  needs an hypervisor  and a full OS inside  Bigger footprint  RAM needed  Storage space  Tend to be slower  2 filesystems, 2 OSes  Strong resource management  A Container  talks to the host kernel  Smaller footprint  no RAM needed for Guest OS  differential storage  Tend to be faster  direct CPU access  Less sophisticated resource management
  • 14.
  • 15.
    Great! but tellme about security  Are containers less secure than Vms?  the answer is nuanced...  https://docs.docker.com/articles/security/  Can I use Docker in Production?  Sure! many Internet companies trust it  But a container still needs good System Administration & InfoSec practices!  limiting privileges, avoiding unsecure defaults, etc...  http://www.slideshare.net/jpetazzo/docker­linux­conta iners­lxc­and­security  http://opensource.com/business/14/7/docker­security­s elinux Avoid This!
  • 16.
  • 17.
    Start with adockerfile  Define an image for running Tomcat 7  inspired by https://registry.hub.docker.com/_/tomcat/ FROM java:7­jre RUN groupadd ­r tomcat && useradd ­r ­­create­home ­g tomcat tomcat ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH RUN mkdir ­p "$CATALINA_HOME" && chown tomcat:tomcat "$CATALINA_HOME" WORKDIR $CATALINA_HOME USER tomcat ENV TOMCAT_MAJOR 7 ENV TOMCAT_VERSION 7.0.57
  • 18.
    Dockerfiles - continued ENV TOMCAT_TGZ_URL https://www.apache.org/dist/tomcat/tomcat­$ TOMCAT_MAJ OR/v$TOMCAT_VERSION/bin/apache­tomcat­$ TOMCAT_VERSION .tar.gz RUN curl ­SL "$TOMCAT_TGZ_URL" ­o tomcat.tar.gz && curl ­SL "$TOMCAT_TGZ_URL.asc" ­o tomcat.tar.gz.asc && tar ­xvf tomcat.tar.gz ­­strip­components= 1 && rm bin/*.bat && rm tomcat.tar.gz* EXPOSE 8080 CMD ["catalina.sh", "run"]  Public repo of Dockerfiles, with automatic build  http://dockerfile.github.io/
  • 19.
    Building an image  Build the image from the Dockerfile docker build .  You can then do further edits, then docker build .  And archive the image locally docker commit 38b73dfecc3c docker­simple­samples­web  And tag it docker tag 47432ccfea81 docker­simple­samples­web: 1.0  List local images docker images
  • 20.
    Starting a container  Start a container interactively docker run ­i ­t docker­simple­samples­web /bin/bash  Start a container as a daemon  using defaul entrypoint docker run ­d docker­simple­samples­web: 1.0  Check running containers docker ps  And stopping it  docker stop <<id>>  Check also stopped containers docker ps ­a
  • 21.
    Attaching to arunning container  Using nsenter docker inspect ­­format "{{ .State.Pid }}" determined_bardeen nsenter ­­target $PID ­­mount ­­uts ­­ipc ­­net ­­pid
  • 22.
    Storing and Sharingdata  Creating a Container to host a data Volume #Dockerfile FROM busybox VOLUME /var/lib/mysql CMD /bin/sh  Create the Image docker build ­­tag carlobonamico/datastore  Create the Container docker run ­d ­name pgsql_data ­v /var/lib/pgsql/ carlobonamico/datastore  Attach the volume to another container docker run ­d ­volumes­from pgsql_data cb/postgres­db
  • 23.
    Publishing  Tothe Central Registry docker push carlobonamico/docker­simple­samples­web  need a free account on https://hub.docker.com/  see result at https://registry.hub.docker.com/u/carlobonamico/docke r­simple­samples­web/  Tag and publish to a private repository  docker tag 8dbd9e392a96 my­local­repo: 5000/docker­simple­samples­web  You need  https://github.com/docker/docker­registry
  • 24.
    Deploy to thecloud  On cloud server docker pull carlobonamico/docker­simple­samples­web: 2  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2  Upgrade it docker pull carlobonamico/docker­s... ­samples­web: 2.1  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2.1  Rollback to previous version docker run ­d carlobonamico/docker­s... ­samples­web: 2
  • 25.
    So what doI get?  If I am a Dev  recreate complex environments on a laptop  If I am a Tester  easy to recreate applications deployments and data  If I am an Ops person  less configuration effort  more standardization  In general  lots of pre-packaged components  https://registry.hub.docker.com/  quickly deploy (groups of) packages  even multiple versions at the same time But many other benefits to come...
  • 26.
    Docker and DevOps DevOps is a software development method that stresses communication, collaboration and integration between software developers and IT professionals, as a response to the interdependence of Dev and Ops.  http://en.wikipedia.org/wiki/DevOps  Docker gives a common, seamless collaboration model and workflow between Dev and Ops  clearer separation of responsibilities  Docker and DevOps by Gene Kim  https://www.youtube.com/watch?v=SaHbtEeu37M
  • 27.
    Docker helps ContinuousDelivery Continuous Delivery of value to users through a constant flow of incremental product/service improvements along the entire pipeline Idea → Implementation → Test → Deploy → Prod http://continuousdelivery.com/  4 Practices of Continuous Delivery (from the book)  Build binaries only once  package them in containers  Same mechanism to deploy to every environment  and move the containers across environments  Smoke test your deployment, & If anything fails, stop the line!
  • 28.
    Docker helps withCD's 8 principles  Releasing/deploying MUST be repeatable and reliable  containers  Automate everything!  docker is fully scriptable and has an API  If somethings difficult or painful, do it more often  containers are quick to deploy many times a day  Keep everything in source control  including dockerfiles!  Done means “released”  it's containers all the way to production  Build quality in!  containers support frequent and realistic testing  Everybody has responsibility for the release process  see DevOps slide...  Improve continuously
  • 29.
    What do Iput in a Docker image?  The traditional Way  VM-like approach  SSH, init.d  several apps in the same container  http://phusion.github.io/baseimage-docker/  https://registry.hub.docker.com/u/phusion/baseimage/  Useful in the transition phase or to run existing SW  The Docker Way  run a service per container  purists say a single process per container!
  • 30.
    From a singlecontainer
  • 31.
    To many containers  Two key drivers  Scalability  Microservices
  • 32.
    Microservices Instead ofbig, monolitic, black-hole-like single app implement a network of collaborating simple services http://martinfowler.com/articles/microservices.html “a bit like SOA, but done right”  Componentization via Services  Organized around Business Capabilities  Products not Projects  Smart endpoints and dumb pipes  Decentralized Governance  Decentralized Data Management  Infrastructure Automation  Design for failure  Evolutionary Design It looks like Docker is a perfect match!
  • 33.
    SOLID Design Principles  Apply @unclebobmartin S.O.L.I.D. principles to entire architecture  Separation of Concerns → microservices  Open for extension, Closed for modification → Immutable Infrastructure  never “change” a container: add a new one with the new version then discard the old one  http://blog.codeship.com/immutable­infrastructure/  Liskov Substitution Principle → APIs, service contracts  Interface Segregation Principle → micro-APIs  Dependency Inversion Principle → container linking
  • 34.
    Linking containers Run a DB  and give it a name docker run ­d ­­name db postgres:9.3.5  Run a Web server docker rm ­f carlobonamico/web  does not see the db  Run a Web Server linked to the DB  with automatic local dns alias registration docker run ­d ­P ­­link db:db carlobonamico/d­s­s­web
  • 35.
    Principles of PackageDesign  How do I split functionality across Containers?  REP The Release Reuse Equivalency Principle  The granule of reuse is the granule of release  CCP The Common Closure Principle  Classes that change together are packaged together  CRP The Common Reuse Principle  Classes that are used together are packaged together  ADP The Acyclic Dependencies Principle  The dependency graph must have no cycles  SDP The Stable Dependencies Principle  Depend in the direction of stability  SAP The Stable Abstractions Principle  Abstractness increases with stability  Thank you again, Uncle Bob http://butunclebob.com/ArticleS.UncleBob.PrinciplesOfOod
  • 36.
    Managing Development and Production clusters  Fig http://www.fig.sh/  create DEV environm.  fig.yml web: build: . command: catalina .sh run links: ­db ports: ­" 8000:8000" db: image: postgres  Then (think vagrant-up) fig up   open source  https://github.com/g ooglecloudplatform/k ubernetes  manage prod clusters  use it on Google Compute Engine  or download on premises
  • 37.
    Ansible and Docker  So I do not need a configuration management system anymore?  Well, you still need to  Create images  Manage the Docker host  Ansible to the rescue!
  • 38.
    Ansible  Simpleyet incredibly powerful Open Source configuration management and orchestration tool  Infrastructure as data  http://www.slideshare.net/carlo.bonamico/infrastructu re­as­data­with­ansible­for­easier­continuous­deliver y  Ansible can support Docker in two ways  http://www.ansible.com/docker  1) Manage the docker host with docker module  e.g. create a container running Tomcat docker: image=centos command="service tomcat6 start" ports=808
  • 39.
    Building Images withAnsible  2) Copy and launch ansible playbook in Dockerfile  http://www.ansible.com/2014/02/12/installing­and­buil ding­docker­with­ansible  https://github.com/CaptTofu/ansible­docker­presentati on  Use base image with ansible from https://registry.hub.docker.com/repos/ansible/ FROM ansible/ubuntu14.04­ansible MAINTAINER yourname RUN git clone http://github.com/user/myapp.git /tmp/myapp WORKDIR /tmp/myapp ADD inventory /etc/ansible/hosts RUN ansible­playbook myapp.yml ­c local EXPOSE 22 3000 ENTRYPOINT [“/home/app/tomcat/bin/catalina.sh run”]
  • 40.
    So, where doI start?  Try the samples  https://github.com/carlobonamico/docker­simple­sample s  Great interactive tutorial at  https://docs.docker.com/  https://docs.docker.com/articles/dockerfile_best­prac tices/  Try Docker in the Cloud  with Koding ide  http://learn.koding.com/guides/what­is­docker/
  • 41.
    References  Cloudarchitectures  http://sites.oreilly.com/odewahn/dds­field­guide/  http://12factor.net/  Microservices  https://skillsmatter.com/conferences/6312­mucon  http://douglassquirrel.com/microservices/  Distributions to put around and inside a container?  https://coreos.com/  Docker and Windows  http://weblogs.asp.net/scottgu/docker­and­microsoft­i ntegrating­docker­with­windows­server­and­microsoft­a zure
  • 42.
    Thank you! Other presentations  http://www.slideshare.net/carlo.bonamico/presentations  Follow me on Twitter  @carlobonamico  updates on Docker, Ansible, Continuous Delivery  and some AngularJS!  Contact me  carlo.bonamico@gmail.com / carlo.bonamico@nispro.it  My company  http://www.nispro.it
  • 43.
    Running on Mac/Windows  Boot2docker  A minimalistic VM – just SSH + docker  http://boot2docker.io/  Download and launch the installer  https://github.com/boot2docker/windows­installer/ rele ases/latest  Launch docker Boot2Docker Start