SlideShare una empresa de Scribd logo
1 de 95
Descargar para leer sin conexión
inBloom, Inc.
Server to Cloud
Convert a legacy platform to a micro-PaaS using Docker
Todd Fritz
April 15. 2014
inBloom, Inc.
Agenda
• Whoami
• Important Announcement
• Background
• Containers
• Create Local Environment
• Using Vagrant
• Using Docker
• Graphical Interfaces for Docker
• Shipyard
• Two Container Example
• Advanced Docker
• Questions
• References
APRIL 2014 1
inBloom, Inc.
Whoami
Bio: http://www.linkedin/com/in/tfritz
• Software Architect at inBloom
 The opinions contained within this presentation may not represent my employer, but
I think they should.
• Evangelist of layered, distributed, Message-oriented-Middleware
• Current focus is middleware through caching, noSQL data store
• Exposed to different companies, projects, people and technologies
• Novice bass player
• Recent father of a five month old
• Scuba diver; next adventure:
 https://www.bikiniatoll.com/divetour.html
APRIL 2014 2
No sleep for you!
inBloom, Inc.
Important Announcement
APRIL 2014 3
inBloom, Inc.
Today is April 15th...
APRIL 2014 4
inBloom, Inc.
And, I am not a Dev Ops specialist.
Just took an interest and within a few weeks this is
what I learned.
APRIL 2014 5
inBloom, Inc.
Background
APRIL 2014 6
inBloom, Inc.
Note: This presentation will available via slideshare after
today.
This talk is part two of:
 http://www.slideshare.net/ToddFritz/2014-04-03legacytocloud
 Presented at Great Wide Open, April 3, 2014
Some files used while compiling this presentation
 https://github.com/inbloom/AJUG-2014-04-15-docker
APRIL 2014 7
inBloom, Inc.
Approach the Legacy Monolith
APRIL 2014 8
I’m a proud stovepipe,
just bolted together,
vroom vroom vroom vroom vroom.
inBloom, Inc.
Decompose the Monolith
APRIL 2014 9
Oh, nooo... My
job security...
inBloom, Inc.
Assemble a Decoupled, Modular System
APRIL 2014 10
I have free weeknights
and weekends now...
inBloom, Inc.
Replacing a legacy system. Decompose. Analyze.
Employ an iterative methodology
 Leverage existing knowledge and literature
 Some analysis before
 Decompose and modularize (scale cube)
 Separation of concerns
 Proof of concepts are your friend
Deployment environments
 Private servers
 Cloud (private, public)
 Hybrid
Platform architectures
 Legacy
 PaaS
 xPaaS
APRIL 2014 11
inBloom, Inc.
xPaaS Topology
APRIL 2014 12
https://img.en25.com/Web/RedHat/JB_xPaaS_Tech_Overview_11454037_v3_0913cd_web.pdf
Enables specialization, layering, separated concerns, decoupling
inBloom, Inc.
Containers
APRIL 2014 13
inBloom, Inc.
Container Technologies (VEs)
• Warden (Cloud Foundry)
 https://github.com/cloudfoundry/warden
• Docker (from dotCloud, cloudlets)
 https://www.docker.io/
• Google LMCTFY (let me contain that for you)
 https://github.com/google/lmctfy
 december, 2013
• OpenVZ
APRIL 2014 14
inBloom, Inc.
Virtual Environment (Container)
vs. Virtual Machine
APRIL 2014 15
http://www.slideshare.net/dotCloud/docker-intro-november
inBloom, Inc.
Docker (per Wikipedia) (1/2)
Docker:
• Automates the deployment of applications inside
software containers.
• Extends Linux Containers (LXC) with a high-level API
to provide a lightweight virtualization solution that runs
processes in isolation.
• Utilizes LXC, cgroups, and the kernel itself –
• Unlike traditional virtual machines it does not include a
separate operating system.
• Kernel provides resource isolation (CPU, memory,
block I/O, network, etc.) and separate namespaces to
completely isolate application's view of the operating
environment.
APRIL 2014 16
inBloom, Inc.
Docker (per Wikipedia) (2/2)
Docker containers can be used to extend distributed
systems so they run autonomously on a single
physical machine, or with a single instance per node.
Enables nodes to be deployed as resources are
available to provide a seamless platform as a service
(PaaS) – style deployment for systems like Apache
Cassandra, Riak and related distributed systems.’
Integrates with Chef, Puppet, Vagrant, Nova, etc.
APRIL 2014 17
inBloom, Inc.
More
Docker is a micro container framework for PaaS
• https://www.docker.io/learn_more/
• Open-source
• Easier scalability
• Lightweight, portable, insulated containers
• Reusable from dev (“local cloud”) through production
• Can run at scale on VMs, bare metal, cloud; virtually
anywhere
• Encapsulate any payload (application)
• Run consistently on and between virtually any server
APRIL 2014 18
inBloom, Inc.APRIL 2014 19
http://www.slideshare.net/dotCloud/docker-intro-november
inBloom, Inc.
How it Works
• Docker builds on lxc which offers system-level virtualization and has existed since
linux 2.6.32 (December, 2009) – but prefer kernel 3.8+
• Docker has three parts
 docker daemon runs as root to manage containers
 docker containers spawn from images, which are tiny and can be versioned
 docker repository allows images to be exchanged and versioned like code
(public or private)
• Each container has its own ip address
• Link exposed ports and variables across containers through configuration using
abassador containers to avoid hard coding (svendowideit):
 consumer  redis-ambassador  redis
• Port and pipework to expose containers outside host
• Can share volumes, multi home, integrate containers into host network, and much
more (ajug)
• Continuous integration can generate versioned docker images, web hooks, repo
notifications
• Supervisor management tool to manage processes within container
(http://supervisord.org/introduction.html)
APRIL 2014 20
inBloom, Inc.
Docker Uses
• Common use cases:
 Automate application packaging and deployment
 Lightweight PaaS environments
 Automate testing, continuous integration, and deployment
 Deploy and scale web apps, databases, backend services
• Growing adoption since dec 2013
• Red Hat fast-tracks Docker apps for enterprise Linux
 http://www.infoworld.com/t/application-virtualization/red-
hat-fast-tracks-docker-apps-enterprise-linux-238122
• Production ready deployment planned for December, 2014.
 Support services planned for early 2015
APRIL 2014 21
inBloom, Inc.
Reusable Containers and Cook Books
APRIL 2014 22
http://www.slideshare.net/dotCloud/docker-intro-november
A Docker container image may already exist
inBloom, Inc.
Docker Basics
APRIL 2014 23
http://www.slideshare.net/dotCloud/docker-intro-november
Artifactory for virtualization images?
inBloom, Inc.
Docker Images
• The basic building block of a Docker container
• Analogous to a slice of a VM image, containing
application code or binaries, as well as the execution
environment and dependencies
• Images may be built atop each other
• An image contains only the incremental changes
required to transform its base image to the state
required by the image
• May contain metadata, such as how to run what is
inside the image, expose ports, etc
• Acts as an instantiable container template
APRIL 2014 24
inBloom, Inc.
Docker Containers
• The result of starting a running process from an
image and its dependencies
• Represent a single process or service
• Intra-container communication via sockets (Docker
links). Containers can talk to each other.
• Familiar lifecycle: started, stopped, or kill
• Can create images from previously run
containers, to persist changes made while
container was executing
APRIL 2014 25
inBloom, Inc.
New in Docker 0.9
• Execution driver API
 Customize execution environment around container; enables
use of other isolation tools
• Built in execution container – libcontainer
 Alongside LXC, boosts stability, insulates Docker from different
versions of LXC
APRIL 2014 26
inBloom, Inc.
But...we have Chef (or <other>)...
(Do not upset Dev Ops, ever...)
APRIL 2014 27
inBloom, Inc.
Step Away from the Ledge...
APRIL 2014 28
Image from the movie “The Lair of Filth” – no pun intended...
inBloom, Inc.
Chef & Docker
• Docker is new and not ready for Production (yet)
• Docker is for light Virtual Images
• Chef for Virtual Machines
• Chef is tried and true
• Chef proven for provisioning VMs or changes to
existing machines (small or complex)
• Chef and Docker can be used together
 Example: The Deis framework scales Chef nodes and
Docker containers. But both are new.
 Several other options including Tsuru (open source PaaS)
• Docker useful to encapsulate applications or services
APRIL 2014 29
inBloom, Inc.
“The Docker Book”
Not yet released, but available for pre-order
http://www.dockerbook.com/
1. Introduction to Docker
2. Installing Docker
3. Getting started with Docker
4. Working with Docker images and repositories
5. Testing with Docker
6. Building services with Docker
7. Using the Docker API
8. Extending Docker
Also useful
http://kencochrane.net/blog/2013/08/the-docker-guidebook/
APRIL 2014 30
inBloom, Inc.APRIL 2014 31
Docker Deep Dive
inBloom, Inc.APRIL 2014 32
inBloom, Inc.
Create Local Environment
APRIL 2014 33
inBloom, Inc.
Install Prerequisites
• Talk will focus on VM which fits more deployment scenarios
• Install VirtualBox (4.3.x)
 https://www.virtualbox.org/
 Download and install into Host OS
• Github repo for demo
 https://github.com/inbloom/AJUG-2014-04-15-docker.git
• Install Vagrant (1.5.x) – used for this talk
 http://www.vagrantup.com/
 Download and install into Host OS
 Available Boxes: http://www.vagrantbox.es/
APRIL 2014 34
inBloom, Inc.
Running Docker
APRIL 2014 35
Common use case is to run within a VM
 Optional if host OS is Linux (e.g. Ubuntu)
 Benefit: A configured VM can be exported
 OS X users can try boot2docker
• “lighter” than VM, uses tiny core linux (24 Mb)
• brew install boot2docker
• https://github.com/boot2docker/boot2docker/
• Has limitations so not used in this talk (better for PoCs)
• https://github.com/boot2docker/boot2docker/blob/master/
README.md
inBloom, Inc.
Create an Account with the Docker Index
https://index.docker.io/account/signup/
Sure looks like Maven Central. Versioned containers.
From a host with Docker installed:
$ docker login
Username (): myusername
Password:
Email (): myusername@example.com
Login Succeeded
credentials are stored after login
~/.dockercfg
/var/lib/docker/.dockercfg
APRIL 2014 36
inBloom, Inc.
Search the Index
APRIL 2014 37
Search the Docker Index for images to reuse. (You may find places to contribute
back images to the open source public repository.)
inBloom, Inc.
Command Line Search
APRIL 2014 38
Use search and be curious, for example, what has the founder of Docker pushed?
You can download containers to reuse or examine contents for ideas.
inBloom, Inc.
Pull an Image
APRIL 2014 39
The index figures out the details.
Can also push images, etc.
inBloom, Inc.
Create a Private Repo
https://github.com/dotcloud/docker-registry
git clone https://github.com/dotcloud/docker-registry.git
cd docker-registry
cp config_sample.yml config.yml
pip install -r requirements.txt
gunicorn --access-logfile - --log-level debug --debug -b
0.0.0.0:5000 -w 1 wsgi:application
APRIL 2014 40
inBloom, Inc.
Configure Private Repo
https://github.com/dotcloud/docker-registry/blob/master/README.md
http://blog.docker.io/2013/07/how-to-use-your-own-registry/
cp config/config_sample.yml config/config.yml
Example config:
prod:
loglevel: warn
storage: s3
s3_access_key: _env:AWS_S3_ACCESS_KEY
s3_secret_key: _env:AWS_S3_SECRET_KEY
s3_bucket: _env:AWS_S3_BUCKET
storage_path: /srv/docker
smtp_host: localhost
from_addr: docker@myself.com
to_addr: my@myself.com
APRIL 2014 41
inBloom, Inc.
Pull from Public Push to Private Repo
# First, make sure you have the "ubuntu" repository:
docker pull ubuntu
# Find the image id that corresponds to the ubuntu repository
docker images | grep ubuntu | grep latest
ubuntu latest 8dbd9e392a96 12 weeks ago 263 MB (virtual
263 MB)
# Tag to create a repository with the full registry location.
# The location becomes a permanent part of the repository
name.
docker tag 8dbd9e392a96 localhost.localdomain:5000/ubuntu
# Finally, push the new repository to its home location.
docker push localhost.localdomain:5000/ubuntu
APRIL 2014 42
inBloom, Inc.
Dockerfiles
• Dockerfiles are used to build containers by scripting
actions to make up each layer of an image
• Not as powerful as traditional configuration
management software
• For example, in discrete steps you can instruct Docker
to build an image by taking a default Ubuntu image,
apt-get installing several dependencies, and then
adding your application code. Each Dockerfile
command creates a new image layer, and clever
structuring of the commands will allow them to
becached and re-used.
APRIL 2014 43
inBloom, Inc.
Anatomy of a Dockerfile (1/2)
https://www.docker.io/learn/dockerfile/level1/
# Always comment your code
FROM ubuntu
MAINTAINER Uncle Sam, uncle.sam@irs.gov
RUN echo "deb http://archive.ubuntu.com/ubuntu precise main
universe" > /etc/apt/sources.list
RUN apt-get update
RUN apt-get install -y memcached
The first line in a Dockerfile is FROM, which defines the base image (e.g.
obtained via a docker search).
RUN instructions execute any command against the current image and
commits. Commands can be layered to conform to version control paradigms.
APRIL 2014 44
inBloom, Inc.
Anatomy of a Dockerfile (2/2)
https://www.docker.io/learn/dockerfile/level2/
The ENTRYPOINT instruction triggers a command when the container
starts
# Launch memcached when launching the container
ENTRYPOINT ["memcached", "-u", "daemon"]
May want ENTRYPOINT instructions to run as user other than root.
ENTRYPOINT ["memcached"]
USER daemon
The EXPOSE instruction exposes a port outside the container
EXPOSE 11211
APRIL 2014 45
inBloom, Inc.
Building an Image from a Dockerfile
If Dockerfile is in current directory
docker build .
From stdin
docker build - < Dockerfile
From github
docker build github.com/creack/docker-firefox
Then, do a “docker images” to view
REPOSITORY TAG ID CREATED SIZE
ubuntu 12.04 8dbd9e392a96 4 months ago 131.5 MB
(virtual 131.5 MB)
<none> <none> 1dcfa24c8ca6 About a minute ago 52.27 MB
(virtual 183.8 MB)
APRIL 2014 46
inBloom, Inc.
Name the New Image
The new image lacks a name, so give it one
docker tag 1dcfa24c8ca6 memcached
Using the –t with build removes the added step
docker build -t memcached .
APRIL 2014 47
inBloom, Inc.
Create VM
clone git repo for this talk (OS X example)
$ cd ~/Projects
$ git clone git://github.com/inbloom/AJUG-2014-04-
15-docker.git
$ cd AJUG-2014-04-15-docker/01_create_env
Create VM using provided Vagrantfile
 Preconfigured to setup Docker
 Vagrant’s Docker Provisioner is your friend
• http://docs.vagrantup.com/v2/provisioning/docker.html
 http://blog.phusion.nl/2013/11/08/docker-friendly-vagrant-boxes/
$ vagrant up
$ vagrant ssh
APRIL 2014 48
inBloom, Inc.
Vagrantfile (1/2)
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know
what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "phusion-open-ubuntu-12.04-amd64"
config.vm.box_url = "https://oss-
binaries.phusionpassenger.com/vagrant/boxes/ubuntu-12.04.3-
amd64-vbox.box"
config.vm.box_check_update = true
config.vm.provider "virtualbox" do |v|
v.name = "docker1"
v.memory = 8192
v.cpus = 4
end
APRIL 2014 49
inBloom, Inc.
Vagrantfile (2/2)
if
Dir.glob("#{File.dirname(__FILE__)}/.vagrant/machines/default/*/id").empty?
# Install Docker
pkg_cmd = "wget -q -O - https://get.docker.io/gpg | apt-key add -;" 
"echo deb http://get.docker.io/ubuntu docker main >
/etc/apt/sources.list.d/docker.list;" 
"apt-get update -qq; apt-get install -q -y --force-yes lxc-docker; ”
# Add vagrant user to the docker group
pkg_cmd << "usermod -a -G docker vagrant; ”
config.vm.provision :shell, :inline => pkg_cmd
end
end
Vagrant.configure("2") do |config|
for i in 8000..9000
config.vm.network "forwarded_port", guest: i, host: i
end
end
APRIL 2014 50
inBloom, Inc.
Using Vagrant
APRIL 2014 51
inBloom, Inc.
Vagrant CLI (1/4)
A brief overview of Vagrant commands; not intended
to replace other Production tools.
Usage
$ vagrant [options] <command> [<args>]
-v, --version Print the version and exit.
-h, --help Print this help.
APRIL 2014 52
inBloom, Inc.
Vagrant CLI (2/4)
Common commands
box manages boxes: installation, removal, etc.
connect connect to a remotely shared Vagrant environment
destroy stops and deletes all traces of the vagrant machine
halt stops the vagrant machine
help shows the help for a subcommand
init initializes a new Vagrant environment by creating a Vagrantfile
login log in to Vagrant Cloud
package packages a running vagrant environment into a box
plugin manages plugins: install, uninstall, update, etc.
provision provisions the vagrant machine
reload restarts vagrant machine, loads new Vagrantfile configuration
resume resume a suspended vagrant machine
share share your Vagrant environment with anyone in the world
ssh connects to machine via SSH
ssh-config outputs OpenSSH valid configuration to connect to the machine
status outputs status of the vagrant machine
suspend suspends the machine
up starts and provisions the vagrant environment
APRIL 2014 53
inBloom, Inc.
Vagrant CLI (3/4)
For help on any individual command
vagrant <command> -h
Or to see subcommand features
vagrant box <subcommand> -h
To see all subcommands
vagrant list-commands
APRIL 2014 54
inBloom, Inc.
Vagrant CLI (4/4)
$ vagrant package –h
Usage: vagrant package [options] [name]
Options:
--base NAME Name of a VM in virtualbox to package as a base box
--output NAME Name of the file to output
--include FILE... Additional files to package with the box
--vagrantfile FILE Vagrantfile to package with the box
-h, --help Print this help
APRIL 2014 55
inBloom, Inc.
Vagrant Plugins
vagrant plugin install --plugin-source
https://rubygems.org --plugin-
prerelease vagrant-vbguestvagrant
vagrant plugin install vagrant-winnfsd
APRIL 2014 56
inBloom, Inc.
Export a Vagrant Box
Once your VM is setup and configured, you can create
an image from it
$ vagrant package --base my_base_box
To export a Vagrant box
$ vagrant box add my_box package.box
$ mkdir test_environment
$ cd test_environment
$ vagrant init my_box
$ vagrant up
$ vagrant ssh
APRIL 2014 57
inBloom, Inc.
Install Docker
whale you be my container?
APRIL 2014 58
inBloom, Inc.
Installation
It already is...
(starting with a “bare” base box may required more
effort to setup the OS, install components)
APRIL 2014 59
inBloom, Inc.
Verify the Installation
vagrant@ubuntu-12:/vagrant$ docker info
Containers: 0
Images: 0
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Dirs: 0
Execution Driver: native-0.1
Kernel Version: 3.8.0-35-generic
vagrant@ubuntu-12:/vagrant$ docker pull busybox
vagrant@ubuntu-12:/vagrant$ docker info
Containers: 0
Images: 4
APRIL 2014 60
inBloom, Inc.
Testing Docker
Hello World
http://docs.docker.io/en/latest/examples/hello_world/
vagrant@ubuntu-12:/vagrant$ sudo docker pull busybox
docker run busybox /bin/echo hello world
C1=$(sudo docker run -d ubuntu /bin/sh -c "while
true; do echo hello world; sleep 1; done”)
docker ps list
docker logs `C1`
APRIL 2014 61
inBloom, Inc.
Docker Container Lifecycle
docker run creates a container.
docker stop stops it.
docker start will start it again.
docker restart restarts a container.
docker rm deletes a container.
docker kill sends a SIGKILL to a container. Has issues.
docker attach will connect to a running container.
docker wait blocks until container stops.
APRIL 2014 62
inBloom, Inc.
Container Info
Info
docker ps shows running containers.
docker inspect looks at all the info on a container (including IP address).
docker logs gets logs from container.
docker events gets events from container.
docker port shows public facing port of container.
docker top shows running processes in container.
docker diff shows changed files in the container's FS.
Import / Export
No easy way to use Docker to import files into a container filesystem
• Could use something like Cargo within a container to push in artifacts
docker cp copies files or folders out of container filesystem
docker export creates tarball from container filesystem
APRIL 2014 63
inBloom, Inc.
Docker Image Lifecycle
docker images shows all images
docker import creates an image from a tarball
docker build creates image from Dockerfile
docker commit creates image from a container
docker rmi removes an image
docker insert inserts a file from URL into image. (kind of odd, you'd think
images would be immutable after create)
docker load loads an image from a tar archive as STDIN, including images and
tags (as of 0.7)
docker save saves an image to a tar archive stream to STDOUT with all parent
layers, tags & versions (as of 0.7)
APRIL 2014 64
inBloom, Inc.
15 Docker Tips
http://www.centurylinklabs.com/15-quick-docker-tips
APRIL 2014 65
inBloom, Inc.
Graphical Interfaces for Docker
APRIL 2014 66
inBloom, Inc.
Two main options for a graphical UI to manage
Docker
 Shipyard
• https://github.com/shipyard/shipyard/wiki/QuickStart
 DockerUI
• https://github.com/crosbymichael/dockerui
Shipyard allows containers to be
managed, linked, and inspected via a UI
APRIL 2014 67
inBloom, Inc.
Shipyard
APRIL 2014 68
inBloom, Inc.
Shipyard features
• Multiple host support
• Create / Delete containers
• View Images
• Build Images (via uploaded Dockerfile or URL)
• Import repositories
• Private containers
• Container metadata (description, etc.)
• Applications: bind containers to applications that are setup
with hipache
• Attach container (terminal emulation in the browser)
• Container recovery (mark container as "protected" and it
will auto-restart upon fail/destroy/stop)
• RESTful API
APRIL 2014 69
inBloom, Inc.
Shipyard (1/2)
1 line to install within a docker host:
docker run -i -t -v
/var/run/docker.sock:/docker.sock shipyard/deploy
setup
Shipyard Stack Deployed
You should be able to login with
http://<docker-host-ip>:8000
admin:shipyard
APRIL 2014 70
inBloom, Inc.
Shipyard (2/2)
Within each container to shipyard manage you will also need to setup and register the Shipyard Agent.
See http://github.com/shipyard/shipyard-agent for details.
Download to the host:
sudo curl https://github.com/shipyard/shipyard-
agent/releases/download/v0.2.5/shipyard-agent -L -o /usr/local/bin/shipyard-agent
sudo chmod +x /usr/local/bin/shipyard-agent
Register the host:
./shipyard-agent -url http://myshipyardhost:shipyardport -register
vagrant@ubuntu-12:/usr/local/bin$ ./shipyard-agent -url http://0.0.0.0:8000 -
register
2014/04/14 02:27:48 Using 10.0.2.15 for the Docker Host IP for Shipyard
2014/04/14 02:27:48 If this is not correct or you want to use a different IP, please
update the host in Shipyard
2014/04/14 02:27:48 Registering at http://0.0.0.0:8000
2014/04/14 02:27:48 Agent Key: 597d7d4db3d44daca47ff114e48144d2
Register a host with the shipyard deployment.
shipyard-agent -url http://my-shipyard-host:port -key
597d7d4db3d44daca47ff114e48144d2
APRIL 2014 71
inBloom, Inc.APRIL 2014 72
Containers
inBloom, Inc.APRIL 2014 73
Container (Redis)
inBloom, Inc.APRIL 2014 74
Container (Redis logs)
inBloom, Inc.APRIL 2014 75
Images
inBloom, Inc.APRIL 2014 76
Applications
inBloom, Inc.APRIL 2014 77
Container Console
inBloom, Inc.
Two Container Example
APRIL 2014 78
inBloom, Inc.
Linking Containers
Links allow containers to communicate through TCP/IP ports.
Suppose we start a container that exposes port 1337
docker run -name CONTAINER
docker run -d -link CONTAINER:ALIAS -name LINKED
user/wordpress
Exposed ports and aliases of parent will show up in child container
$ALIAS_PORT_1337_TCP_PORT
$ALIAS_PORT_1337_TCP_ADDR
More robust example (many more can be found via Googling)
http://blogs.atlassian.com/2013/11/docker-all-the-things-at-atlassian-automation-and-wiring/
APRIL 2014 79
inBloom, Inc.
About Ambassador Containers
Encourage portability by avoiding hardcoding and linking
via an ambassador.
(consumer) -> (redis-ambassador) --network--> (redis-ambassador) ->
(redis)
• Avoids restarting a consumer to attach to a different service
• Restart the client ambassador container that the consumer
is connected to, to rewire a consumer to talk to a different
service
• This pattern allows a transparent transition to to a different
docker host for a consumer
http://docs.docker.io/en/latest/use/ambassador_pattern_linking/
APRIL 2014 80
inBloom, Inc.
Ambassador Container Linking
- Host A: Startup Redis
big-server $ docker run -d --name redis crosbymichael/redis
- Host A: Add ambassador linked to Redis
big-server $ docker run -d --link redis:redis --name
redis_ambassador -p 6379:6379 svendowideit/ambassador
- Host B: Add ambassador that sets env
client-server $ docker run -d --name redis_ambassador --
expose 6379 -e REDIS_PORT_6379_TCP=tcp://192.168.1.52:6379
svendowideit/ambassador
- Host B: Use Redis client container to talk to remote server
client-server $ docker run -i -t --rm --link
redis_ambassador:redis relateiq/redis-cli
redis 172.17.0.160:6379> ping
PONG
APRIL 2014 81
inBloom, Inc.
Advanced Docker
APRIL 2014 82
inBloom, Inc.
Load Balanced
APRIL 2014 83
http://mdavey.wordpress.com/2014/01/07/devops-docker/
inBloom, Inc.
Distributed Producer-Consumer
APRIL 2014 84
http://www.appneta.com/blog/automated-testing-with-docker/
inBloom, Inc.
Docker and Open vSwitch (1/2)
• Docker and Open vSwitch for container isolation with VLANs
between 2 hosts running Open vSwitch
• Containers 1 & 3 are on VLAN 10 whereas containers 2 & 4 are on
VLAN 20
 1 & 3 can ping each other but cannot ping 2 or 4
• 4 bridges, 10 interfaces, 2 VLANs, 1 GRE tunnel and 4
containers.
• Starts in 1 second...
• Source (with code and cook book):
http://fbevmware.blogspot.com/2013/12/coupling-docker-and-open-vswitch.html
APRIL 2014 85
inBloom, Inc.
Docker and Open vSwitch (1/2)
APRIL 2014 86
inBloom, Inc.
PaaS Frameworks
• Deus
• CoreOS
• Flynn
APRIL 2014 87
inBloom, Inc.
Flynn uses etcd
A highly-available key value store for shared configuration and service discovery.
etcd is an open-source distributed key value store that provides the backbone of CoreOS
clusters and the etcd client runs on each machine in a cluster. etcd gracefully handles master
election during network partitions and the loss of the current master.
Your applications can read and write data into etcd. Common examples are storing database
connection details, cache settings, feature flags, and more.
Features
• Simple, curl-able API (HTTP + JSON)
• Optional SSL client cert authentication
• Benchmarked 1000s of writes/s per instance
• Properly distributed using Raft protocol
• Keys support TTL
• Atomic test and set
• Easily listen for changes to a prefix via HTTP long-polling
https://coreos.com/using-coreos/etcd/
APRIL 2014 88
inBloom, Inc.APRIL 2014 89
inBloom, Inc.
Flynn uses Systemd
CoreOS uses systemd as the core of its distributed init system, fleet.
Systemd is well supported in many Linux distros, making it familiar to most
engineers. Every aspect of CoreOS is deeply integrated with systemd.
• Performance
Systemd boots extremely fast, with our goal to keep it under 1s.
• Journal
Systemd's logging journal has modern features such as JSON
export, forward sealing, and indexing for fast querying.
• Socket Activation
While this might be a bit of a throw back to the inetd
days, we think socket activation is particularly useful for inter-service
dependency management.
Systemd has an extremely rich syntax that can describe the attributes of a particular
service. Your services can express hard or soft dependencies, the order of launch
relative to those dependencies, and identify conflicting services.
Docker containers are much easier to manage when you can specify whether they
automatically restart per container and customize the timing for restarting.
APRIL 2014 90
inBloom, Inc.
Flynn uses Discoverd
A simple but powerful service discovery system written in Go. Backed by
etcd, but can be extended to use ZooKeeper or other distributed consistent
stores.
Discoverd lets your services find each other in a constantly changing
environment. With discoverd and a client you can:
• Register a service as online
• Locate online instances of a service
• Get notified when instances of a service change
• Determine a "leader" for any set of services
There are three pieces to the discoverd system:
• discoverd itself
• Client library and API
• Backend store (etcd, Zookeeper, etc)
APRIL 2014 91
inBloom, Inc.
questions
APRIL 2014 92
inBloom, Inc.
references
APRIL 2014 93
inBloom, Inc.
reference material
https://www.docker.io/
http://deis.io/overview/
http://cjlarose.com/2014/03/08/run-docker-with-vagrant.html
http://www.vagrantup.com/
http://blog.docker.io/2014/04/docker-0-10-quality-and-ops-tooling/
http://docs.docker.io/en/latest/examples/hello_world/#running-examples
http://mesosphere.io/2013/09/26/docker-on-mesos/
https://medium.com/devops-programming/7f5fd023158f
http://docs-v1.vagrantup.com/v1/docs/base_boxes.html
http://docs.docker.io/en/latest/installation/ubuntulinux/
https://phunehehe.net/docker-vs-chef-vagrant/
http://www.centurylinklabs.com/top-10-startups-built-on-docker/
http://www.slideshare.net/julienbarbier42/building-a-saas-using-docker
http://coreos.com/blog/docker-dynamic-ambassador-powered-by-etcd/
https://github.com/shipyard/shipyard-agent
http://blog.docker.io/
http://blog.relateiq.com/why-docker-why-not-chef/
http://www.dockerbook.com/
http://www.centurylinklabs.com/building-complex-apps-for-docker-on-coreos-and-fig/
http://txt.fliglio.com/2013/12/service-discovery-with-docker-docker-links-and-beyond/
http://www.centurylinklabs.com/auto-loadbalancing-with-fig-haproxy-and-serf/
http://www.centurylinklabs.com/build-a-2-container-app-with-docker/
http://sysadvent.blogspot.com/2013/12/day-13-controlling-cluster-of-servers.html
http://txt.fliglio.com/2013/12/service-discovery-with-docker-docker-links-and-beyond/
APRIL 2014 94

Más contenido relacionado

La actualidad más candente

Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...
Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...
Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...Daniel Krook
 
Top 5 benefits of docker
Top 5 benefits of dockerTop 5 benefits of docker
Top 5 benefits of dockerJohn Zaccone
 
IBM Container Service Overview
IBM Container Service OverviewIBM Container Service Overview
IBM Container Service OverviewKyle Brown
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDocker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDr Ganesh Iyer
 
Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!Steve Wilson
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapPatrick Chanezon
 
Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!Daniel Krook
 
IBM Bluemix and Docker Guest Lecture at Cork Institute of Technology
IBM Bluemix and Docker Guest Lecture at Cork Institute of TechnologyIBM Bluemix and Docker Guest Lecture at Cork Institute of Technology
IBM Bluemix and Docker Guest Lecture at Cork Institute of TechnologySanjay Nayak
 
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...Edureka!
 
Docker Containers Deep Dive
Docker Containers Deep DiveDocker Containers Deep Dive
Docker Containers Deep DiveWill Kinard
 
Containers 101 - CloudCamp London
Containers 101 - CloudCamp LondonContainers 101 - CloudCamp London
Containers 101 - CloudCamp LondonEd Hoppitt
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainAjeet Singh Raina
 
Finding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User GroupFinding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User GroupDaniel Krook
 
Crash Course in Open Source Cloud Computing
Crash Course in Open Source Cloud Computing Crash Course in Open Source Cloud Computing
Crash Course in Open Source Cloud Computing Mark Hinkle
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Krishna-Kumar
 
Building a Platform-as-a-Service with Docker and Node.js
Building a Platform-as-a-Service with Docker and Node.jsBuilding a Platform-as-a-Service with Docker and Node.js
Building a Platform-as-a-Service with Docker and Node.jsKevin Swiber
 
Docker and Containers overview - Docker Workshop
Docker and Containers overview - Docker WorkshopDocker and Containers overview - Docker Workshop
Docker and Containers overview - Docker WorkshopJonas Rosland
 
Docker, a new LINUX container technology based light weight virtualization
Docker, a new LINUX container technology based light weight virtualizationDocker, a new LINUX container technology based light weight virtualization
Docker, a new LINUX container technology based light weight virtualizationSuresh Balla
 

La actualidad más candente (20)

Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...
Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...
Quickly build and deploy a scalable OpenStack Swift application using IBM Blu...
 
Top 5 benefits of docker
Top 5 benefits of dockerTop 5 benefits of docker
Top 5 benefits of docker
 
IBM Container Service Overview
IBM Container Service OverviewIBM Container Service Overview
IBM Container Service Overview
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDocker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containers
 
Docker benefits v0.1
Docker benefits v0.1Docker benefits v0.1
Docker benefits v0.1
 
Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!
 
IBM Bluemix and Docker Guest Lecture at Cork Institute of Technology
IBM Bluemix and Docker Guest Lecture at Cork Institute of TechnologyIBM Bluemix and Docker Guest Lecture at Cork Institute of Technology
IBM Bluemix and Docker Guest Lecture at Cork Institute of Technology
 
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...
 
Docker Containers Deep Dive
Docker Containers Deep DiveDocker Containers Deep Dive
Docker Containers Deep Dive
 
Containers 101 - CloudCamp London
Containers 101 - CloudCamp LondonContainers 101 - CloudCamp London
Containers 101 - CloudCamp London
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker Captain
 
Finding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User GroupFinding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User Group
 
Crash Course in Open Source Cloud Computing
Crash Course in Open Source Cloud Computing Crash Course in Open Source Cloud Computing
Crash Course in Open Source Cloud Computing
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)
 
Building a Platform-as-a-Service with Docker and Node.js
Building a Platform-as-a-Service with Docker and Node.jsBuilding a Platform-as-a-Service with Docker and Node.js
Building a Platform-as-a-Service with Docker and Node.js
 
Docker and Containers overview - Docker Workshop
Docker and Containers overview - Docker WorkshopDocker and Containers overview - Docker Workshop
Docker and Containers overview - Docker Workshop
 
Docker, a new LINUX container technology based light weight virtualization
Docker, a new LINUX container technology based light weight virtualizationDocker, a new LINUX container technology based light weight virtualization
Docker, a new LINUX container technology based light weight virtualization
 

Destacado

2015 03-11_todd-fritz_devnexus_2015
2015 03-11_todd-fritz_devnexus_20152015 03-11_todd-fritz_devnexus_2015
2015 03-11_todd-fritz_devnexus_2015Todd Fritz
 
Building Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Building Reactive Fast Data & the Data Lake with Akka, Kafka, SparkBuilding Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Building Reactive Fast Data & the Data Lake with Akka, Kafka, SparkTodd Fritz
 
Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, SparkReactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, SparkTodd Fritz
 
Operating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesOperating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesUniversität Rostock
 
CQRS and EventSourcing
CQRS and EventSourcingCQRS and EventSourcing
CQRS and EventSourcingDevOWL Meetup
 
A Pattern Language for Microservices (@futurestack)
A Pattern Language for Microservices (@futurestack)A Pattern Language for Microservices (@futurestack)
A Pattern Language for Microservices (@futurestack)Chris Richardson
 
Что такое современная Frontend разработка
Что такое современная Frontend разработкаЧто такое современная Frontend разработка
Что такое современная Frontend разработкаDevOWL Meetup
 
Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...
Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...
Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...Jonas Bonér
 
Kick-Start with SMACK Stack
Kick-Start with SMACK StackKick-Start with SMACK Stack
Kick-Start with SMACK StackKnoldus Inc.
 
Akka Finite State Machine
Akka Finite State MachineAkka Finite State Machine
Akka Finite State MachineKnoldus Inc.
 
Kafka as Message Broker
Kafka as Message BrokerKafka as Message Broker
Kafka as Message BrokerHaluan Irsad
 
Introduction to AWS IAM
Introduction to AWS IAMIntroduction to AWS IAM
Introduction to AWS IAMKnoldus Inc.
 
Akka-chan's Survival Guide for the Streaming World
Akka-chan's Survival Guide for the Streaming WorldAkka-chan's Survival Guide for the Streaming World
Akka-chan's Survival Guide for the Streaming WorldKonrad Malawski
 
Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...
Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...
Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...Lightbend
 

Destacado (16)

2015 03-11_todd-fritz_devnexus_2015
2015 03-11_todd-fritz_devnexus_20152015 03-11_todd-fritz_devnexus_2015
2015 03-11_todd-fritz_devnexus_2015
 
Building Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Building Reactive Fast Data & the Data Lake with Akka, Kafka, SparkBuilding Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Building Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
 
Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, SparkReactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
 
Operating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesOperating Guidelines for Finite-State Services
Operating Guidelines for Finite-State Services
 
CQRS and EventSourcing
CQRS and EventSourcingCQRS and EventSourcing
CQRS and EventSourcing
 
A Pattern Language for Microservices (@futurestack)
A Pattern Language for Microservices (@futurestack)A Pattern Language for Microservices (@futurestack)
A Pattern Language for Microservices (@futurestack)
 
Что такое современная Frontend разработка
Что такое современная Frontend разработкаЧто такое современная Frontend разработка
Что такое современная Frontend разработка
 
BDD with Cucumber
BDD with CucumberBDD with Cucumber
BDD with Cucumber
 
Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...
Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...
Akka: Simpler Scalability, Fault-Tolerance, Concurrency & Remoting through Ac...
 
Kick-Start with SMACK Stack
Kick-Start with SMACK StackKick-Start with SMACK Stack
Kick-Start with SMACK Stack
 
Akka Finite State Machine
Akka Finite State MachineAkka Finite State Machine
Akka Finite State Machine
 
Kafka as Message Broker
Kafka as Message BrokerKafka as Message Broker
Kafka as Message Broker
 
Introduction to AWS IAM
Introduction to AWS IAMIntroduction to AWS IAM
Introduction to AWS IAM
 
Cldch8
Cldch8Cldch8
Cldch8
 
Akka-chan's Survival Guide for the Streaming World
Akka-chan's Survival Guide for the Streaming WorldAkka-chan's Survival Guide for the Streaming World
Akka-chan's Survival Guide for the Streaming World
 
Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...
Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...
Building Streaming And Fast Data Applications With Spark, Mesos, Akka, Cassan...
 

Similar a 2014, April 15, Atlanta Java Users Group

Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with DockerGeeta Vinnakota
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...Matteo Bisi
 
.docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c....docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c...Andrea Fontana
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...ICON UK EVENTS Limited
 
Upping your NiFi Game with Docker
Upping your NiFi Game with DockerUpping your NiFi Game with Docker
Upping your NiFi Game with DockerAldrin Piri
 
Discussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machinesDiscussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machinesSteven Grzbielok
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the Worlddamovsky
 
Cohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel PalstraCohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel PalstraDaniel Palstra
 
You, and Me, and Docker Makes Three
You, and Me, and Docker Makes ThreeYou, and Me, and Docker Makes Three
You, and Me, and Docker Makes ThreeChristopher Grayson
 
Docker, Cloud Foundry, Bosh & Bluemix
Docker, Cloud Foundry, Bosh & BluemixDocker, Cloud Foundry, Bosh & Bluemix
Docker, Cloud Foundry, Bosh & BluemixIBM
 
Shipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOSShipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOSRoss Kukulinski
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemVan Phuc
 
Docker on Power Systems
Docker on Power SystemsDocker on Power Systems
Docker on Power SystemsCesar Maciel
 

Similar a 2014, April 15, Atlanta Java Users Group (20)

Docker
DockerDocker
Docker
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with Docker
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...
 
.docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c....docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c...
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
 
Upping your NiFi Game with Docker
Upping your NiFi Game with DockerUpping your NiFi Game with Docker
Upping your NiFi Game with Docker
 
Discussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machinesDiscussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machines
 
Docker slides
Docker slidesDocker slides
Docker slides
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the World
 
Cohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel PalstraCohesion Techsessie Docker - Daniel Palstra
Cohesion Techsessie Docker - Daniel Palstra
 
You, and Me, and Docker Makes Three
You, and Me, and Docker Makes ThreeYou, and Me, and Docker Makes Three
You, and Me, and Docker Makes Three
 
Docker, Cloud Foundry, Bosh & Bluemix
Docker, Cloud Foundry, Bosh & BluemixDocker, Cloud Foundry, Bosh & Bluemix
Docker, Cloud Foundry, Bosh & Bluemix
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Shipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOSShipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOS
 
Docker
DockerDocker
Docker
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
 
Docker on Power Systems
Docker on Power SystemsDocker on Power Systems
Docker on Power Systems
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for Developers
 
Docker handons-workshop-for-charity
Docker handons-workshop-for-charityDocker handons-workshop-for-charity
Docker handons-workshop-for-charity
 

Último

Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 

Último (20)

Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 

2014, April 15, Atlanta Java Users Group

  • 1. inBloom, Inc. Server to Cloud Convert a legacy platform to a micro-PaaS using Docker Todd Fritz April 15. 2014
  • 2. inBloom, Inc. Agenda • Whoami • Important Announcement • Background • Containers • Create Local Environment • Using Vagrant • Using Docker • Graphical Interfaces for Docker • Shipyard • Two Container Example • Advanced Docker • Questions • References APRIL 2014 1
  • 3. inBloom, Inc. Whoami Bio: http://www.linkedin/com/in/tfritz • Software Architect at inBloom  The opinions contained within this presentation may not represent my employer, but I think they should. • Evangelist of layered, distributed, Message-oriented-Middleware • Current focus is middleware through caching, noSQL data store • Exposed to different companies, projects, people and technologies • Novice bass player • Recent father of a five month old • Scuba diver; next adventure:  https://www.bikiniatoll.com/divetour.html APRIL 2014 2 No sleep for you!
  • 5. inBloom, Inc. Today is April 15th... APRIL 2014 4
  • 6. inBloom, Inc. And, I am not a Dev Ops specialist. Just took an interest and within a few weeks this is what I learned. APRIL 2014 5
  • 8. inBloom, Inc. Note: This presentation will available via slideshare after today. This talk is part two of:  http://www.slideshare.net/ToddFritz/2014-04-03legacytocloud  Presented at Great Wide Open, April 3, 2014 Some files used while compiling this presentation  https://github.com/inbloom/AJUG-2014-04-15-docker APRIL 2014 7
  • 9. inBloom, Inc. Approach the Legacy Monolith APRIL 2014 8 I’m a proud stovepipe, just bolted together, vroom vroom vroom vroom vroom.
  • 10. inBloom, Inc. Decompose the Monolith APRIL 2014 9 Oh, nooo... My job security...
  • 11. inBloom, Inc. Assemble a Decoupled, Modular System APRIL 2014 10 I have free weeknights and weekends now...
  • 12. inBloom, Inc. Replacing a legacy system. Decompose. Analyze. Employ an iterative methodology  Leverage existing knowledge and literature  Some analysis before  Decompose and modularize (scale cube)  Separation of concerns  Proof of concepts are your friend Deployment environments  Private servers  Cloud (private, public)  Hybrid Platform architectures  Legacy  PaaS  xPaaS APRIL 2014 11
  • 13. inBloom, Inc. xPaaS Topology APRIL 2014 12 https://img.en25.com/Web/RedHat/JB_xPaaS_Tech_Overview_11454037_v3_0913cd_web.pdf Enables specialization, layering, separated concerns, decoupling
  • 15. inBloom, Inc. Container Technologies (VEs) • Warden (Cloud Foundry)  https://github.com/cloudfoundry/warden • Docker (from dotCloud, cloudlets)  https://www.docker.io/ • Google LMCTFY (let me contain that for you)  https://github.com/google/lmctfy  december, 2013 • OpenVZ APRIL 2014 14
  • 16. inBloom, Inc. Virtual Environment (Container) vs. Virtual Machine APRIL 2014 15 http://www.slideshare.net/dotCloud/docker-intro-november
  • 17. inBloom, Inc. Docker (per Wikipedia) (1/2) Docker: • Automates the deployment of applications inside software containers. • Extends Linux Containers (LXC) with a high-level API to provide a lightweight virtualization solution that runs processes in isolation. • Utilizes LXC, cgroups, and the kernel itself – • Unlike traditional virtual machines it does not include a separate operating system. • Kernel provides resource isolation (CPU, memory, block I/O, network, etc.) and separate namespaces to completely isolate application's view of the operating environment. APRIL 2014 16
  • 18. inBloom, Inc. Docker (per Wikipedia) (2/2) Docker containers can be used to extend distributed systems so they run autonomously on a single physical machine, or with a single instance per node. Enables nodes to be deployed as resources are available to provide a seamless platform as a service (PaaS) – style deployment for systems like Apache Cassandra, Riak and related distributed systems.’ Integrates with Chef, Puppet, Vagrant, Nova, etc. APRIL 2014 17
  • 19. inBloom, Inc. More Docker is a micro container framework for PaaS • https://www.docker.io/learn_more/ • Open-source • Easier scalability • Lightweight, portable, insulated containers • Reusable from dev (“local cloud”) through production • Can run at scale on VMs, bare metal, cloud; virtually anywhere • Encapsulate any payload (application) • Run consistently on and between virtually any server APRIL 2014 18
  • 20. inBloom, Inc.APRIL 2014 19 http://www.slideshare.net/dotCloud/docker-intro-november
  • 21. inBloom, Inc. How it Works • Docker builds on lxc which offers system-level virtualization and has existed since linux 2.6.32 (December, 2009) – but prefer kernel 3.8+ • Docker has three parts  docker daemon runs as root to manage containers  docker containers spawn from images, which are tiny and can be versioned  docker repository allows images to be exchanged and versioned like code (public or private) • Each container has its own ip address • Link exposed ports and variables across containers through configuration using abassador containers to avoid hard coding (svendowideit):  consumer  redis-ambassador  redis • Port and pipework to expose containers outside host • Can share volumes, multi home, integrate containers into host network, and much more (ajug) • Continuous integration can generate versioned docker images, web hooks, repo notifications • Supervisor management tool to manage processes within container (http://supervisord.org/introduction.html) APRIL 2014 20
  • 22. inBloom, Inc. Docker Uses • Common use cases:  Automate application packaging and deployment  Lightweight PaaS environments  Automate testing, continuous integration, and deployment  Deploy and scale web apps, databases, backend services • Growing adoption since dec 2013 • Red Hat fast-tracks Docker apps for enterprise Linux  http://www.infoworld.com/t/application-virtualization/red- hat-fast-tracks-docker-apps-enterprise-linux-238122 • Production ready deployment planned for December, 2014.  Support services planned for early 2015 APRIL 2014 21
  • 23. inBloom, Inc. Reusable Containers and Cook Books APRIL 2014 22 http://www.slideshare.net/dotCloud/docker-intro-november A Docker container image may already exist
  • 24. inBloom, Inc. Docker Basics APRIL 2014 23 http://www.slideshare.net/dotCloud/docker-intro-november Artifactory for virtualization images?
  • 25. inBloom, Inc. Docker Images • The basic building block of a Docker container • Analogous to a slice of a VM image, containing application code or binaries, as well as the execution environment and dependencies • Images may be built atop each other • An image contains only the incremental changes required to transform its base image to the state required by the image • May contain metadata, such as how to run what is inside the image, expose ports, etc • Acts as an instantiable container template APRIL 2014 24
  • 26. inBloom, Inc. Docker Containers • The result of starting a running process from an image and its dependencies • Represent a single process or service • Intra-container communication via sockets (Docker links). Containers can talk to each other. • Familiar lifecycle: started, stopped, or kill • Can create images from previously run containers, to persist changes made while container was executing APRIL 2014 25
  • 27. inBloom, Inc. New in Docker 0.9 • Execution driver API  Customize execution environment around container; enables use of other isolation tools • Built in execution container – libcontainer  Alongside LXC, boosts stability, insulates Docker from different versions of LXC APRIL 2014 26
  • 28. inBloom, Inc. But...we have Chef (or <other>)... (Do not upset Dev Ops, ever...) APRIL 2014 27
  • 29. inBloom, Inc. Step Away from the Ledge... APRIL 2014 28 Image from the movie “The Lair of Filth” – no pun intended...
  • 30. inBloom, Inc. Chef & Docker • Docker is new and not ready for Production (yet) • Docker is for light Virtual Images • Chef for Virtual Machines • Chef is tried and true • Chef proven for provisioning VMs or changes to existing machines (small or complex) • Chef and Docker can be used together  Example: The Deis framework scales Chef nodes and Docker containers. But both are new.  Several other options including Tsuru (open source PaaS) • Docker useful to encapsulate applications or services APRIL 2014 29
  • 31. inBloom, Inc. “The Docker Book” Not yet released, but available for pre-order http://www.dockerbook.com/ 1. Introduction to Docker 2. Installing Docker 3. Getting started with Docker 4. Working with Docker images and repositories 5. Testing with Docker 6. Building services with Docker 7. Using the Docker API 8. Extending Docker Also useful http://kencochrane.net/blog/2013/08/the-docker-guidebook/ APRIL 2014 30
  • 32. inBloom, Inc.APRIL 2014 31 Docker Deep Dive
  • 34. inBloom, Inc. Create Local Environment APRIL 2014 33
  • 35. inBloom, Inc. Install Prerequisites • Talk will focus on VM which fits more deployment scenarios • Install VirtualBox (4.3.x)  https://www.virtualbox.org/  Download and install into Host OS • Github repo for demo  https://github.com/inbloom/AJUG-2014-04-15-docker.git • Install Vagrant (1.5.x) – used for this talk  http://www.vagrantup.com/  Download and install into Host OS  Available Boxes: http://www.vagrantbox.es/ APRIL 2014 34
  • 36. inBloom, Inc. Running Docker APRIL 2014 35 Common use case is to run within a VM  Optional if host OS is Linux (e.g. Ubuntu)  Benefit: A configured VM can be exported  OS X users can try boot2docker • “lighter” than VM, uses tiny core linux (24 Mb) • brew install boot2docker • https://github.com/boot2docker/boot2docker/ • Has limitations so not used in this talk (better for PoCs) • https://github.com/boot2docker/boot2docker/blob/master/ README.md
  • 37. inBloom, Inc. Create an Account with the Docker Index https://index.docker.io/account/signup/ Sure looks like Maven Central. Versioned containers. From a host with Docker installed: $ docker login Username (): myusername Password: Email (): myusername@example.com Login Succeeded credentials are stored after login ~/.dockercfg /var/lib/docker/.dockercfg APRIL 2014 36
  • 38. inBloom, Inc. Search the Index APRIL 2014 37 Search the Docker Index for images to reuse. (You may find places to contribute back images to the open source public repository.)
  • 39. inBloom, Inc. Command Line Search APRIL 2014 38 Use search and be curious, for example, what has the founder of Docker pushed? You can download containers to reuse or examine contents for ideas.
  • 40. inBloom, Inc. Pull an Image APRIL 2014 39 The index figures out the details. Can also push images, etc.
  • 41. inBloom, Inc. Create a Private Repo https://github.com/dotcloud/docker-registry git clone https://github.com/dotcloud/docker-registry.git cd docker-registry cp config_sample.yml config.yml pip install -r requirements.txt gunicorn --access-logfile - --log-level debug --debug -b 0.0.0.0:5000 -w 1 wsgi:application APRIL 2014 40
  • 42. inBloom, Inc. Configure Private Repo https://github.com/dotcloud/docker-registry/blob/master/README.md http://blog.docker.io/2013/07/how-to-use-your-own-registry/ cp config/config_sample.yml config/config.yml Example config: prod: loglevel: warn storage: s3 s3_access_key: _env:AWS_S3_ACCESS_KEY s3_secret_key: _env:AWS_S3_SECRET_KEY s3_bucket: _env:AWS_S3_BUCKET storage_path: /srv/docker smtp_host: localhost from_addr: docker@myself.com to_addr: my@myself.com APRIL 2014 41
  • 43. inBloom, Inc. Pull from Public Push to Private Repo # First, make sure you have the "ubuntu" repository: docker pull ubuntu # Find the image id that corresponds to the ubuntu repository docker images | grep ubuntu | grep latest ubuntu latest 8dbd9e392a96 12 weeks ago 263 MB (virtual 263 MB) # Tag to create a repository with the full registry location. # The location becomes a permanent part of the repository name. docker tag 8dbd9e392a96 localhost.localdomain:5000/ubuntu # Finally, push the new repository to its home location. docker push localhost.localdomain:5000/ubuntu APRIL 2014 42
  • 44. inBloom, Inc. Dockerfiles • Dockerfiles are used to build containers by scripting actions to make up each layer of an image • Not as powerful as traditional configuration management software • For example, in discrete steps you can instruct Docker to build an image by taking a default Ubuntu image, apt-get installing several dependencies, and then adding your application code. Each Dockerfile command creates a new image layer, and clever structuring of the commands will allow them to becached and re-used. APRIL 2014 43
  • 45. inBloom, Inc. Anatomy of a Dockerfile (1/2) https://www.docker.io/learn/dockerfile/level1/ # Always comment your code FROM ubuntu MAINTAINER Uncle Sam, uncle.sam@irs.gov RUN echo "deb http://archive.ubuntu.com/ubuntu precise main universe" > /etc/apt/sources.list RUN apt-get update RUN apt-get install -y memcached The first line in a Dockerfile is FROM, which defines the base image (e.g. obtained via a docker search). RUN instructions execute any command against the current image and commits. Commands can be layered to conform to version control paradigms. APRIL 2014 44
  • 46. inBloom, Inc. Anatomy of a Dockerfile (2/2) https://www.docker.io/learn/dockerfile/level2/ The ENTRYPOINT instruction triggers a command when the container starts # Launch memcached when launching the container ENTRYPOINT ["memcached", "-u", "daemon"] May want ENTRYPOINT instructions to run as user other than root. ENTRYPOINT ["memcached"] USER daemon The EXPOSE instruction exposes a port outside the container EXPOSE 11211 APRIL 2014 45
  • 47. inBloom, Inc. Building an Image from a Dockerfile If Dockerfile is in current directory docker build . From stdin docker build - < Dockerfile From github docker build github.com/creack/docker-firefox Then, do a “docker images” to view REPOSITORY TAG ID CREATED SIZE ubuntu 12.04 8dbd9e392a96 4 months ago 131.5 MB (virtual 131.5 MB) <none> <none> 1dcfa24c8ca6 About a minute ago 52.27 MB (virtual 183.8 MB) APRIL 2014 46
  • 48. inBloom, Inc. Name the New Image The new image lacks a name, so give it one docker tag 1dcfa24c8ca6 memcached Using the –t with build removes the added step docker build -t memcached . APRIL 2014 47
  • 49. inBloom, Inc. Create VM clone git repo for this talk (OS X example) $ cd ~/Projects $ git clone git://github.com/inbloom/AJUG-2014-04- 15-docker.git $ cd AJUG-2014-04-15-docker/01_create_env Create VM using provided Vagrantfile  Preconfigured to setup Docker  Vagrant’s Docker Provisioner is your friend • http://docs.vagrantup.com/v2/provisioning/docker.html  http://blog.phusion.nl/2013/11/08/docker-friendly-vagrant-boxes/ $ vagrant up $ vagrant ssh APRIL 2014 48
  • 50. inBloom, Inc. Vagrantfile (1/2) # -*- mode: ruby -*- # vi: set ft=ruby : # Vagrantfile API/syntax version. Don't touch unless you know what you're doing! VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| config.vm.box = "phusion-open-ubuntu-12.04-amd64" config.vm.box_url = "https://oss- binaries.phusionpassenger.com/vagrant/boxes/ubuntu-12.04.3- amd64-vbox.box" config.vm.box_check_update = true config.vm.provider "virtualbox" do |v| v.name = "docker1" v.memory = 8192 v.cpus = 4 end APRIL 2014 49
  • 51. inBloom, Inc. Vagrantfile (2/2) if Dir.glob("#{File.dirname(__FILE__)}/.vagrant/machines/default/*/id").empty? # Install Docker pkg_cmd = "wget -q -O - https://get.docker.io/gpg | apt-key add -;" "echo deb http://get.docker.io/ubuntu docker main > /etc/apt/sources.list.d/docker.list;" "apt-get update -qq; apt-get install -q -y --force-yes lxc-docker; ” # Add vagrant user to the docker group pkg_cmd << "usermod -a -G docker vagrant; ” config.vm.provision :shell, :inline => pkg_cmd end end Vagrant.configure("2") do |config| for i in 8000..9000 config.vm.network "forwarded_port", guest: i, host: i end end APRIL 2014 50
  • 53. inBloom, Inc. Vagrant CLI (1/4) A brief overview of Vagrant commands; not intended to replace other Production tools. Usage $ vagrant [options] <command> [<args>] -v, --version Print the version and exit. -h, --help Print this help. APRIL 2014 52
  • 54. inBloom, Inc. Vagrant CLI (2/4) Common commands box manages boxes: installation, removal, etc. connect connect to a remotely shared Vagrant environment destroy stops and deletes all traces of the vagrant machine halt stops the vagrant machine help shows the help for a subcommand init initializes a new Vagrant environment by creating a Vagrantfile login log in to Vagrant Cloud package packages a running vagrant environment into a box plugin manages plugins: install, uninstall, update, etc. provision provisions the vagrant machine reload restarts vagrant machine, loads new Vagrantfile configuration resume resume a suspended vagrant machine share share your Vagrant environment with anyone in the world ssh connects to machine via SSH ssh-config outputs OpenSSH valid configuration to connect to the machine status outputs status of the vagrant machine suspend suspends the machine up starts and provisions the vagrant environment APRIL 2014 53
  • 55. inBloom, Inc. Vagrant CLI (3/4) For help on any individual command vagrant <command> -h Or to see subcommand features vagrant box <subcommand> -h To see all subcommands vagrant list-commands APRIL 2014 54
  • 56. inBloom, Inc. Vagrant CLI (4/4) $ vagrant package –h Usage: vagrant package [options] [name] Options: --base NAME Name of a VM in virtualbox to package as a base box --output NAME Name of the file to output --include FILE... Additional files to package with the box --vagrantfile FILE Vagrantfile to package with the box -h, --help Print this help APRIL 2014 55
  • 57. inBloom, Inc. Vagrant Plugins vagrant plugin install --plugin-source https://rubygems.org --plugin- prerelease vagrant-vbguestvagrant vagrant plugin install vagrant-winnfsd APRIL 2014 56
  • 58. inBloom, Inc. Export a Vagrant Box Once your VM is setup and configured, you can create an image from it $ vagrant package --base my_base_box To export a Vagrant box $ vagrant box add my_box package.box $ mkdir test_environment $ cd test_environment $ vagrant init my_box $ vagrant up $ vagrant ssh APRIL 2014 57
  • 59. inBloom, Inc. Install Docker whale you be my container? APRIL 2014 58
  • 60. inBloom, Inc. Installation It already is... (starting with a “bare” base box may required more effort to setup the OS, install components) APRIL 2014 59
  • 61. inBloom, Inc. Verify the Installation vagrant@ubuntu-12:/vagrant$ docker info Containers: 0 Images: 0 Storage Driver: aufs Root Dir: /var/lib/docker/aufs Dirs: 0 Execution Driver: native-0.1 Kernel Version: 3.8.0-35-generic vagrant@ubuntu-12:/vagrant$ docker pull busybox vagrant@ubuntu-12:/vagrant$ docker info Containers: 0 Images: 4 APRIL 2014 60
  • 62. inBloom, Inc. Testing Docker Hello World http://docs.docker.io/en/latest/examples/hello_world/ vagrant@ubuntu-12:/vagrant$ sudo docker pull busybox docker run busybox /bin/echo hello world C1=$(sudo docker run -d ubuntu /bin/sh -c "while true; do echo hello world; sleep 1; done”) docker ps list docker logs `C1` APRIL 2014 61
  • 63. inBloom, Inc. Docker Container Lifecycle docker run creates a container. docker stop stops it. docker start will start it again. docker restart restarts a container. docker rm deletes a container. docker kill sends a SIGKILL to a container. Has issues. docker attach will connect to a running container. docker wait blocks until container stops. APRIL 2014 62
  • 64. inBloom, Inc. Container Info Info docker ps shows running containers. docker inspect looks at all the info on a container (including IP address). docker logs gets logs from container. docker events gets events from container. docker port shows public facing port of container. docker top shows running processes in container. docker diff shows changed files in the container's FS. Import / Export No easy way to use Docker to import files into a container filesystem • Could use something like Cargo within a container to push in artifacts docker cp copies files or folders out of container filesystem docker export creates tarball from container filesystem APRIL 2014 63
  • 65. inBloom, Inc. Docker Image Lifecycle docker images shows all images docker import creates an image from a tarball docker build creates image from Dockerfile docker commit creates image from a container docker rmi removes an image docker insert inserts a file from URL into image. (kind of odd, you'd think images would be immutable after create) docker load loads an image from a tar archive as STDIN, including images and tags (as of 0.7) docker save saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7) APRIL 2014 64
  • 66. inBloom, Inc. 15 Docker Tips http://www.centurylinklabs.com/15-quick-docker-tips APRIL 2014 65
  • 67. inBloom, Inc. Graphical Interfaces for Docker APRIL 2014 66
  • 68. inBloom, Inc. Two main options for a graphical UI to manage Docker  Shipyard • https://github.com/shipyard/shipyard/wiki/QuickStart  DockerUI • https://github.com/crosbymichael/dockerui Shipyard allows containers to be managed, linked, and inspected via a UI APRIL 2014 67
  • 70. inBloom, Inc. Shipyard features • Multiple host support • Create / Delete containers • View Images • Build Images (via uploaded Dockerfile or URL) • Import repositories • Private containers • Container metadata (description, etc.) • Applications: bind containers to applications that are setup with hipache • Attach container (terminal emulation in the browser) • Container recovery (mark container as "protected" and it will auto-restart upon fail/destroy/stop) • RESTful API APRIL 2014 69
  • 71. inBloom, Inc. Shipyard (1/2) 1 line to install within a docker host: docker run -i -t -v /var/run/docker.sock:/docker.sock shipyard/deploy setup Shipyard Stack Deployed You should be able to login with http://<docker-host-ip>:8000 admin:shipyard APRIL 2014 70
  • 72. inBloom, Inc. Shipyard (2/2) Within each container to shipyard manage you will also need to setup and register the Shipyard Agent. See http://github.com/shipyard/shipyard-agent for details. Download to the host: sudo curl https://github.com/shipyard/shipyard- agent/releases/download/v0.2.5/shipyard-agent -L -o /usr/local/bin/shipyard-agent sudo chmod +x /usr/local/bin/shipyard-agent Register the host: ./shipyard-agent -url http://myshipyardhost:shipyardport -register vagrant@ubuntu-12:/usr/local/bin$ ./shipyard-agent -url http://0.0.0.0:8000 - register 2014/04/14 02:27:48 Using 10.0.2.15 for the Docker Host IP for Shipyard 2014/04/14 02:27:48 If this is not correct or you want to use a different IP, please update the host in Shipyard 2014/04/14 02:27:48 Registering at http://0.0.0.0:8000 2014/04/14 02:27:48 Agent Key: 597d7d4db3d44daca47ff114e48144d2 Register a host with the shipyard deployment. shipyard-agent -url http://my-shipyard-host:port -key 597d7d4db3d44daca47ff114e48144d2 APRIL 2014 71
  • 73. inBloom, Inc.APRIL 2014 72 Containers
  • 74. inBloom, Inc.APRIL 2014 73 Container (Redis)
  • 75. inBloom, Inc.APRIL 2014 74 Container (Redis logs)
  • 77. inBloom, Inc.APRIL 2014 76 Applications
  • 78. inBloom, Inc.APRIL 2014 77 Container Console
  • 79. inBloom, Inc. Two Container Example APRIL 2014 78
  • 80. inBloom, Inc. Linking Containers Links allow containers to communicate through TCP/IP ports. Suppose we start a container that exposes port 1337 docker run -name CONTAINER docker run -d -link CONTAINER:ALIAS -name LINKED user/wordpress Exposed ports and aliases of parent will show up in child container $ALIAS_PORT_1337_TCP_PORT $ALIAS_PORT_1337_TCP_ADDR More robust example (many more can be found via Googling) http://blogs.atlassian.com/2013/11/docker-all-the-things-at-atlassian-automation-and-wiring/ APRIL 2014 79
  • 81. inBloom, Inc. About Ambassador Containers Encourage portability by avoiding hardcoding and linking via an ambassador. (consumer) -> (redis-ambassador) --network--> (redis-ambassador) -> (redis) • Avoids restarting a consumer to attach to a different service • Restart the client ambassador container that the consumer is connected to, to rewire a consumer to talk to a different service • This pattern allows a transparent transition to to a different docker host for a consumer http://docs.docker.io/en/latest/use/ambassador_pattern_linking/ APRIL 2014 80
  • 82. inBloom, Inc. Ambassador Container Linking - Host A: Startup Redis big-server $ docker run -d --name redis crosbymichael/redis - Host A: Add ambassador linked to Redis big-server $ docker run -d --link redis:redis --name redis_ambassador -p 6379:6379 svendowideit/ambassador - Host B: Add ambassador that sets env client-server $ docker run -d --name redis_ambassador -- expose 6379 -e REDIS_PORT_6379_TCP=tcp://192.168.1.52:6379 svendowideit/ambassador - Host B: Use Redis client container to talk to remote server client-server $ docker run -i -t --rm --link redis_ambassador:redis relateiq/redis-cli redis 172.17.0.160:6379> ping PONG APRIL 2014 81
  • 84. inBloom, Inc. Load Balanced APRIL 2014 83 http://mdavey.wordpress.com/2014/01/07/devops-docker/
  • 85. inBloom, Inc. Distributed Producer-Consumer APRIL 2014 84 http://www.appneta.com/blog/automated-testing-with-docker/
  • 86. inBloom, Inc. Docker and Open vSwitch (1/2) • Docker and Open vSwitch for container isolation with VLANs between 2 hosts running Open vSwitch • Containers 1 & 3 are on VLAN 10 whereas containers 2 & 4 are on VLAN 20  1 & 3 can ping each other but cannot ping 2 or 4 • 4 bridges, 10 interfaces, 2 VLANs, 1 GRE tunnel and 4 containers. • Starts in 1 second... • Source (with code and cook book): http://fbevmware.blogspot.com/2013/12/coupling-docker-and-open-vswitch.html APRIL 2014 85
  • 87. inBloom, Inc. Docker and Open vSwitch (1/2) APRIL 2014 86
  • 88. inBloom, Inc. PaaS Frameworks • Deus • CoreOS • Flynn APRIL 2014 87
  • 89. inBloom, Inc. Flynn uses etcd A highly-available key value store for shared configuration and service discovery. etcd is an open-source distributed key value store that provides the backbone of CoreOS clusters and the etcd client runs on each machine in a cluster. etcd gracefully handles master election during network partitions and the loss of the current master. Your applications can read and write data into etcd. Common examples are storing database connection details, cache settings, feature flags, and more. Features • Simple, curl-able API (HTTP + JSON) • Optional SSL client cert authentication • Benchmarked 1000s of writes/s per instance • Properly distributed using Raft protocol • Keys support TTL • Atomic test and set • Easily listen for changes to a prefix via HTTP long-polling https://coreos.com/using-coreos/etcd/ APRIL 2014 88
  • 91. inBloom, Inc. Flynn uses Systemd CoreOS uses systemd as the core of its distributed init system, fleet. Systemd is well supported in many Linux distros, making it familiar to most engineers. Every aspect of CoreOS is deeply integrated with systemd. • Performance
Systemd boots extremely fast, with our goal to keep it under 1s. • Journal
Systemd's logging journal has modern features such as JSON export, forward sealing, and indexing for fast querying. • Socket Activation
While this might be a bit of a throw back to the inetd days, we think socket activation is particularly useful for inter-service dependency management. Systemd has an extremely rich syntax that can describe the attributes of a particular service. Your services can express hard or soft dependencies, the order of launch relative to those dependencies, and identify conflicting services. Docker containers are much easier to manage when you can specify whether they automatically restart per container and customize the timing for restarting. APRIL 2014 90
  • 92. inBloom, Inc. Flynn uses Discoverd A simple but powerful service discovery system written in Go. Backed by etcd, but can be extended to use ZooKeeper or other distributed consistent stores. Discoverd lets your services find each other in a constantly changing environment. With discoverd and a client you can: • Register a service as online • Locate online instances of a service • Get notified when instances of a service change • Determine a "leader" for any set of services There are three pieces to the discoverd system: • discoverd itself • Client library and API • Backend store (etcd, Zookeeper, etc) APRIL 2014 91
  • 95. inBloom, Inc. reference material https://www.docker.io/ http://deis.io/overview/ http://cjlarose.com/2014/03/08/run-docker-with-vagrant.html http://www.vagrantup.com/ http://blog.docker.io/2014/04/docker-0-10-quality-and-ops-tooling/ http://docs.docker.io/en/latest/examples/hello_world/#running-examples http://mesosphere.io/2013/09/26/docker-on-mesos/ https://medium.com/devops-programming/7f5fd023158f http://docs-v1.vagrantup.com/v1/docs/base_boxes.html http://docs.docker.io/en/latest/installation/ubuntulinux/ https://phunehehe.net/docker-vs-chef-vagrant/ http://www.centurylinklabs.com/top-10-startups-built-on-docker/ http://www.slideshare.net/julienbarbier42/building-a-saas-using-docker http://coreos.com/blog/docker-dynamic-ambassador-powered-by-etcd/ https://github.com/shipyard/shipyard-agent http://blog.docker.io/ http://blog.relateiq.com/why-docker-why-not-chef/ http://www.dockerbook.com/ http://www.centurylinklabs.com/building-complex-apps-for-docker-on-coreos-and-fig/ http://txt.fliglio.com/2013/12/service-discovery-with-docker-docker-links-and-beyond/ http://www.centurylinklabs.com/auto-loadbalancing-with-fig-haproxy-and-serf/ http://www.centurylinklabs.com/build-a-2-container-app-with-docker/ http://sysadvent.blogspot.com/2013/12/day-13-controlling-cluster-of-servers.html http://txt.fliglio.com/2013/12/service-discovery-with-docker-docker-links-and-beyond/ APRIL 2014 94