Docker, how to use it. Organize a meeting with IBM products

a.fontana@net2action.com
a.fontana@vantagepartners.ch
Docker, how to use it. Organize a
meeting with IBM products.
Andrea Fontana
SNoUG
Swiss Notes User Group
IBM Collaboration Software

About me
• Andrea Fontana – WebSphere & Collaborative Architect
• IBM Champion Social Business 2015,16,17
• IBM Champion for WebSphere 2012,13,14
• IBM Advocate since 2012
• Blogger – razioni-k.net2action.com
• Social: @net2action
https://it.linkedin.com/in/afontana
SNoUG

Docker, IBM Software and Other
what, who and why
[www]
SNoUG

Docker
• Docker is an open platform for developing, shipping, and running applications.
• Docker is designed to deliver your applications faster.
• With Docker you can separate your applications from your infrastructure and
treat it like a managed application.
SNoUG

Docker and containers in a few slides
Docker is a way to “package” your software in an image:
 File system
 System security (user/groups) & settings
 TCP Network (ports that needs to be reachable)
 Image inheritance is possible (incremental specialization)
Docker is a way to “ship & run” your software to other systems:
• Start an “image” to get a container where your software runs
• Manage containers (start/stop/control etc)
• The container runs regardless of the actual (underlying)
system (VM, bare metal, etc)
SNoUG

Docker History
• Docker was released as an open source in March 2013.
• Solomon Hykes started Docker in France as an internal project within dotCloud, a platform-as-a-
service company,
with initial contributions by other dotCloud engineers including Andrea Luzzardi
and Francois-Xavier Bourlet.
• With the release of version 0.9, Docker dropped LXC as the default execution environment and
replaced it with its own libcontainer library written in the Go programming language (Google’s
OpenSource Programming Language).
• In 2015, the project had over 25,600 GitHub, over 6,800 forks, and nearly 1,100 contributors.
• In May 2016 analysis showed the following organizations as main contributors to Docker: The
Docker team, Cisco, Google, Huawei, IBM, Microsoft, and Red Hat.
SNoUG

The underlying technology
Namespaces
• Pod: pid isolation
• Net: network interface
• Ipc: interProcess
Communication
• Mnt: managing mount point
• Uts: isolating kernel and
version identifier
Control groups
limits and isolates
the resource usage
of a collection of processes
Union File Systems
operate by creating layers
very lightweight and fast
CONTAINER (libcontainer)
SNoUG

Docker key components
• Docker engine
• Docker machine
• Docker registry
SNoUG
SNoUG

Docker Engine
Docker Engine is a client-server application with these major components:
• A server which is a type of long-running program called a daemon process.
• A REST API which specifies interfaces where programs can be used to talk to the daemon and instruct it
on what to do.
• A command line interface (CLI) client.
SNoUG

Docker Machine
• Docker Machine is a tool that lets you install
Docker Engine on virtual hosts, and manage the
hosts with docker-machine commands.
• You can use Machine to create Docker hosts on
your local Mac or Windows box, on your
company network, in your data center, or on
cloud providers like AWS or Digital Ocean.
SNoUG

Docker registry
The registry is a server application that lets you distribute Docker images.
https://hub.docker.com/explore/
https://hub.docker.com/u/ibmcom/
SNoUG

Docker registry… On-premises
Docker hub free-to-use, hosted Registry, plus additional features
(organization accounts, automated builds, and more).
https://hub.docker.com/_/registry/ SNoUG

Docker registry… On-premises
Running your own Registry is a great solution to integrate with your CI/CD system
(Continuous Integration/Delivery).
A notification from the Registry would then trigger to notify other systems that a new
image is available.
It’s also an essential component if you want to quickly deploy a new image over a large
cluster of machines.
Finally, it’s the best way to distribute images inside an isolated network.
SNoUG

Availability
• Linux
• Windows
• Mac
• Aws
• Azure
• Bluemix
• …
Docker’s architecture
Docker uses a client-server
architecture !
The same image can run
on your laptop, on your server, on your cloud.
SNoUG

High Availability or
Business Continuities
Starting from version 1.12 Docker swarm was integrated into Docker Engine in swarm
mode:
Highlights:
• Cluster management integrated with Docker Engine
• Multi-host networking
• Load balancing
• Secure by default (TLS stricly enforced for communications)
• Scaling
• The tasks run independently from each other on nodes in the swarm
SNoUG

Swarm mode
There are two types of nodes: managers and workers.
SNoUG

Swarm mode
There are two types of nodes: managers and workers.
Manager nodes
Manager nodes handle cluster management tasks:
• maintaining cluster state
• scheduling services
• serving swarm mode HTTP API endpoints
Using a Raft implementation, the managers maintain a
consistent internal state of the entire swarm and all the
services running on it
.
To take advantage of swarm mode’s fault-tolerance features, Docker recommends you more then one node in
accord which your high-availability requirements.When you have multiple managers you can recover from the
failure of a manager node without downtime.
• An N managed cluster will tolerate the loss of at most (N-1)/2 managers.
• Docker recommends a maximum of seven (7) manager nodes for a swarm
Worker nodes
Worker nodes are also instances of
Docker Engine whose sole purpose is
to execute containers.
Worker nodes don’t participate in the
Raft distributed state
SNoUG

Why Docker
• Create images to support developers (standard deployment)
• Keep an archive of images for every software release to perform back-
version debugging/testing (start a clean server in minutes)
• Consolidate multiple servers on a single powerful machine but maintain
complete isolation
SNoUG

Virtual MachineVs Container
Virtual machine runs a dedicatedoperating
system.
EachVM has its own binaries / libraries and
application(s) that it services, and theVM may be
many gigabytes in size
Each container shares the host OS kernel and,
usually, the binaries and libraries, too.
Shared components are read-only.
This makes containers exceptionally “light–
containers” are some MB in size and take just
seconds to start, versus minutes for aVM.
SNoUG

Your containers can be shipped! SNoUG

Someone uses it!
SNoUG

And
SNoUG

IBM Elite and Enhanced Support for DockerTrusted Registry
23
Region Announce Letter number
IBM Americas – United States 215-423
IBM Europe, Middle East, and Africa ZP15-0561
Include: Austria, Belgium, Denmark, Finland, France, Germany, Greece, Greenland, Iceland, Ireland, Israel, Italy, Liechtenstein, Luxembourg, Malta, Netherlands, Norway, Portugal, San
Marino, Spain, Sweden, Switzerland, United Kingdom
IBM Asia Pacific AP15-0413
Include: Australia, New Zealand
IBM Americas - Canada A15-0801
IBM has announced that it will partner with Docker to sell the product Docker Trusted
Registry.
IBMTechnical Support for this product may be purchased through
IBM Elite and Enhanced Support.
•For clients who have active support contracts, IBM support will provide
a single point of contact for this offering.
• IBM support will team with Docker to provide support for problems you experience.
• Since the product is provided by Docker, any fixes will be provided by Docker.

More…..
SNoUG

IBM announces zSystem
for Docker
Download here: http://www.ibm.com/developerworks/linux/linux390/docker.html
IBM and Docker offer integrated container solutions that can
meet the diverse needs of enterprises.
Supporting the creation and deployment of multi-platform,
multi-container workloads across hybrid infrastructures.
IBM and Docker accelerate application delivery and enable
application life-cycle management for Dockerized containers.
SNoUG

IBM announces Docker on
IBM PureApplication System
The good news is that Docker is now supported on IBM PureApplication
v2.1!You can now use Docker containers in the virtual system patterns that
you create and you can reference Docker images that are stored on Docker
Hub or in a private Docker registry that runs inside PureApplication.Taking
advantage of the Docker containers on PureApplication is as easy as
building patterns.
SNoUG

Public CLOUD
Portability
Application
Extensibility
Accelerate
Application Delivery
Public CLOUD
Portability
Application
Extensibility
Accelerate
Application Delivery
IBM can help you to :
SNoUG

IBM Bluemix
• IBM Bluemix provides built in DevOps services to manage source code and to build, test and
deploy applications to Bluemix.
• For more complex scenarios IBM provides the Continuous Delivery toolset UrbanCode to deploy
hybrid applications to the cloud and on-premises and to deploy composite applications with
multiple components or microservices.
• The store application uses one container on Bluemix . Containers running in a Docker Swarm
cluster on-premises.
Does anyone know this guy?
http://heidloff.net/article/11.11.2015100203NHECLU.htm
He is Niklas Heidloff, Developer Advocate for IBM Bluemix,
working on Docker on Bluemix Environment.
SNoUG

IBM sw supported
• Db2 from 10.1 10.5 , 11.1
• DB2 express *
• Websphere Application Server 8.5.5 and 9.0
• Websphere Liberty profiles *
• Domino is not supported (yet..)
• Digital experience is not supported (yet..), but
announced
Offical images available on docker hub
SNoUG

Think Pink
IBM Connect 2017 provided insights into the future of
IBM Connections known as Connections Pink
Pink will be developed with entirely open source tools and technologies
•Modern CI-CD framework
•StrongLoop / IBM API Connect (node.js/express)
•SWIFT / Go
•React.js
•MongoDB
•Redis
•Ngnx
•Docker
And one last message, Pink is a journey, not a destination.
and docker will be the shipper

HowTo: Create Docker images with IBM Social Software
SNoUG

Prepare your Container
• Prepare the Installation script
• Using Silent installation method
• Preparing the response file and whatever you need in
order to complete the setup
• Create your Docker File and deploy it
SNoUG

Docker Image
A docker image is a read-only template for creating containers.
• Manual: Start from a base image, build your customization and commit to the new
image.
• DockerFile: use a script.
DockerFile anatomy
A “DockerFile” is a text file with docker commands, it:
• Declares the “base image” to inherit from
• Copies files to the image file system
• Executes commands in the image to setup things
• Declares “VOLUME” mappings
• Declares ports to “EXPOSE”-d.
SNoUG

Docker File Anatomy
Identifies which folder you need to share between
container and host
Identifies which image you want to use
Identifies which command you need to execute
inside the containers
FROM ubuntu:latest
VOLUME [/opt/data]
VOLUME [/etc]
VOLUME [/home]
RUN apt-get install -y
aptitude
net-tools
libxtst6
libxi6
libcanberra-gtk3
gtk+
COPY DB2_Svr_10.5.0.3_Linux_x86-64.tar.gz /tmp/db210.5/ Copy your Packages into the containers
SNoUG

Prepare IBM Silent Installation
You can use the IBM installation manager from command line, and create
your response file sample!
IBMIM –record /tmp/was9.xml -skipInstall /tmp/IBM/
<?xml version='1.0' encoding='UTF-8'?>
<agent-input>
<variables>
<variable name='sharedLocation' value='/opt/ibm/IMShared'/>
</variables>
<server>
<repository location='/tmp/sw-repo/WAS_ND_9'/>
<repository location='/tmp/sw-repo/SDK_JAVA_V8'/>
</server>
<profile id='IBMWebSphere Application ServerV9.0' installLocation='/opt/ibm/WebSphere/AppServer'>
<data key='cic.selector.arch' value='x86_64'/>
<data key='cic.selector.nl' value='en,en'/>
</profile>
<install>

<offering profile='IBMWebSphere Application ServerV9.0' id='com.ibm.websphere.ND.v90' version='9.0.0.20160526_1854'
features='core.feature,ejbdeploy,thinclient,embeddablecontainer'/>

<offering profile='IBMWebSphere Application ServerV9.0' id='com.ibm.java.jdk.v8' version='8.0.3000.20160526_1317' features='com.ibm.sdk.8'/>
</install>
SNoUG

/opt/ibm/im/eclipse/tools/imcl input /tmp/was9.xml -acceptLicense
Ready to go?
imcl install packageID[_version][,featureID]
-repositories source_repository
-installationDirectory installation_directory
-accessRights mode
We can use our response file
Install from command line
SNoUG

Was9 Docker File
# Select the base image to inherit from
FROM ubuntu:latest
# Image description
LABEL Description="WebSphere 9, HTTP 9, Plugin 9"Vendor="net2action"Version="1.0"
# Execute unix command
COPY sw-repo/* /tmp/sw-repo/
RUN apt-get update && apt-get install vim –y
RUN apt-get install -y
vim
psmisc
SNoUG

Was9 Docker File
RUN /tmp/sw-repo/IM185_LNX64/installc -log log_file -acceptLicense -installationDirectory /opt/ibm/im/
RUN /opt/ibm/im/eclipse/tools/imcl input /tmp/sw-repo/RESPONSE/was9.xml
-acceptLicense
RUN /opt/ibm/im/eclipse/tools/imcl input /tmp/sw-repo/RESPONSE/was9supp.xml –acceptLicense
RUN echo $(head -1 /etc/hosts | cut -f1) dmgr.ondemand.com >> /etc/hosts &&
/opt/ibm/WebSphere/AppServer/bin/manageprofiles.sh -response /tmp/sw-repo/RESPONSE/dmgr
RUN echo $(head -1 /etc/hosts | cut -f1) dmgr.ondemand.com >> /etc/hosts &&
/opt/ibm/WebSphere/AppServer/bin/manageprofiles.sh -response /tmp/sw-repo/RESPONSE/appsrv01
SNoUG

Was9 Image
RUN /opt/ibm/WebSphere/AppServer/bin/wasservice.sh -add docker-DMGR -servername dmgr
-profilePath /opt/ibm/WebSphere/AppServer/profiles/Dmgr01/ -stopArgs
‘-username waslocal -password docker'
RUN /opt/ibm/WebSphere/AppServer/bin/wasservice.sh -add docker-NA -servername nodeagent
-profilePath /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/ -stopArgs
'-username waslocal -password docker -stopservers‘
RUN mkdir /var/lock/subsys
#Volume definition
VOLUME ["/opt/ibm/WebSphere/AppServer"]
# port exposed to external world
EXPOSE 80 443 9060 9043
RUN rm /tmp/sw-repo -R
The EXPOSE instruction informs Docker that the container listens on the specified network ports at runtime
A data volume is a specially-designated directory within one or more containers that bypasses the
Union File System.
Data volumes provide several useful features for persistent or shared data:
Volumes are initialized when a container is created. Data volumes can be shared and reused among containers.
Changes to a data volume are made directly.
Changes to a data volume will not be included when you update an image.
Data volumes persist even if the container itself is deleted.
Data volumes are designed to persist data, independent of the life cycle of the container.
SNoUG

An idea for a beautiful
infrastructure
Own registry
Docker Host
Docker engineDocker Client
Get Images
Docke Run
Run it
Docke Build
Build
Images
Get Pack
Own Bin Repository
Docker Run ------ ship a container in execution
Docker build ------ build an images getting packges from repository or partnerworld
Docker Pull ------ get an images
Docker Push ------ deploy images to registry
Docke Push
Docke Pull Get
Images
SNoUG

Links
Docker training – online video course
https://training.docker.com/self-paced-training
IBM Installation Manager resources
http://tinyurl.com/ibm-im-command-line-arg
http://tinyurl.com/ibm-im-record-response
DB2 and docker some suggestion from IBM
http://tinyurl.com/db2-and-docker-from-ibm
Docker and Domino
http://tinyurl.com/domino-container-docker
SNoUG

SNoUG

Docker, how to use it. Organize a meeting with IBM products

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Destacado

Destacado (20)

Similar a Docker, how to use it. Organize a meeting with IBM products

Similar a Docker, how to use it. Organize a meeting with IBM products (20)

Más de Andrea Fontana

Más de Andrea Fontana (7)

Último

Último (20)

Docker, how to use it. Organize a meeting with IBM products