Docker concepts and microservices architecture are discussed. Key points include:
- Microservices architecture involves breaking applications into small, independent services that communicate over well-defined APIs. Each service runs in its own process and communicates through lightweight mechanisms like REST/HTTP.
- Docker allows packaging and running applications securely isolated in lightweight containers from their dependencies and libraries. Docker images are used to launch containers which appear as isolated Linux systems running on the host.
- Common Docker commands demonstrated include pulling public images, running interactive containers, building custom images with Dockerfiles, and publishing images to Docker Hub registry.
1. State of the Art in Microservices
Microservices architecture and docker
Alexander Ivanichev
November 2015
2. AGENDA
• Evolution of Software Architecture
• Docker concepts
• Creating docker hosts with docker-machine
• Running docker
• Running an Application Server in Docker
• Image vs. Container
• Changing container behaviour
• 3 ways to deploy an application
• How to link multiple containers
• Introduction to microservices
4. MARKET EVOLUTION
Thick, client – server app
On thick client
1995
Well-defined stack:
• O/S
• Runtime
• Middleware
Monolithic
Physical
Infrastructure
2015
Thick, app on
any device
Assembled by
developers using best
available services
Running on any available
set of physical resources
6. WHAT IS A SERVICE?
The service is peace of software which provides functionality to other peace's of software.
Service provides functionality to application for example:
Service that provides CRUD orders from database , communicated over network.
DB
Service
Website
Mobile app
Desktop app
APP
7. WHAT IS MICROSERVICE ?
An architecture of designing a software in a set of independent services
loosely coupled via lightweight communication.
Recommenda
tion Service
(MongoDB)
Rating
Service
(Neo4j)
Analysis
Service
(Spark)
Movie Service
(MySQL)
User Service
(MySQL)
Discovery
Service
• Application that is spilt into small pieces(suite of small services)
• Each service built around business capabilities (1 piece = 1 responsibility) and independently deployable
• Each service running in its own process
• loosely coupled : Inter-process communication mechanism, e.g. HTTP, Message Queue
• Bare minimum centralized management service
• Each service can be in different programming language and use different data storage technologies
9. If every service has to be
updated at the same time it’s
not loosely coupled
Microservice formal definition
Loosely coupled service oriented architecture
with bounded contexts
10. If every service has to be updated
at the same time it’s not loosely
coupled
A Microservice formal definition
Loosely coupled service oriented architecture
with bounded contexts
If you have to know too much about surrounding services you don’t
have a bounded context. See the Domain Driven Design book by
Eric Evans.
11. WE HAVE SOA , WHY DOING A
MICROSERVICES
SOA problems:
• How to size a service - traditional resulted in monolithic services
• Service failure – takes all application offline
• Scale specific part of a service
Why Microservices:
• Efficiently scalable applications
• Flexible applications
• High performance applications
12. SOA VS MICROSERVICES
Microservices are the kind of SOA we have been talking about for the last decade. Microservices
must be independently deployable, whereas SOA services are often implemented in deployment
monoliths. Classic SOA is more platform driven, so microservices offer more choices in all
dimensions.
SOA is an architectural pattern in which application components provide services
to other components. However, in SOA those components can belong to the same
application. On the other hand, in microservices these components are suites of
independently deployable services.
15. WHY MICROSERVICES
• Need to respond to change quickly
• Need for reliability
• Business domain-driven design
• Automated test tools
• Release and deployment tools
• On-demand hosting technology
• On-line cloud services
• Need to embrace new technology
• Asynchronous communication technology
• Simpler server side and client side technology
• Shorter development times
• Reliable and faster deployment
• Enables frequent updates
• Decouple the changeable parts
• Security
• Increased uptime
• Fast issue resolution
• Highly scalable and better performance
• Better ownership and knowledge
• Right technology
• Enables distributed teams
16. MICROSERVICES
DESIGN PRINCIPLES
High Cohesion
Single thing done well
Single focus
Approach:
Keeps splitting service until it only has
one reason to change
Autonomous
Independently changeable
Independently deployable
Approach:
Loosely coupled system, versioning strategy,
microservice ownership by team
Business Domain Centric
Represent business function or
represent a business domain
Approach:
Business domain specific
Subgroup into functions and areas
Resilience
Embrace Failure
Default or degrade functionality
Approach:
Design for known failures
Fail fast and recover fast
Observable
See system health
Centralized logging and monitoring
Approach:
Tools for real-time centralized
monitoring and centralized logging
Automation
Tools for testing and feedback
Tools for deployment
Approach:
Continuous integration tools
Continuous deployment tools
18. SYNCHRONOUS
COMMUNICATION
Remote procedure call (RPC)
• Sensitive to change
HTTP
• Work across the internet
• Firewall friendly
REST
• CRUD using HTTP verbs
• Natural decoupling
• Open communication protocol
• REST with HATEOS
Service One ServiceTwo
http://Service/Account/23
HTTP Verbs:
POST
PUT
GET
DELETE
JSON/XML
1. Make call
2. Wait…
3. Response received
Synchronous issues
• Both parties have to be available
• Performance subject to network quality
• Clients must know location of service (hostport)
19. ASYNCHRONOUS
COMMUNICATION
Event based
• Mitigates the need of client and service availability
• Decouples client and service
Message queueing protocol
• Message Brokers
• Subscriber and publisher are decoupled
• Microsoft message queuing (MSMQ)
• RabbitMQ
• ATOM (HTTP to propagate events)
Asynchronous challenge
• Complicated
• Reliance on message broker
• Visibility of the transaction
• Managing the messaging queue
Real world systems
• Would use both synchronous and asynchronous
Accounts
Service
Products
Service
Inventory
Service
Promotions
Service
API
Gateway
Internet
Client
Shopping
website
Orders
Service
Internal
Support
website
Message
Broker
20. API GATEWAY
• Request routing
• Bundling multiple calls (Composition)
• Protocol translation
• Authentication
• Caching
• Versioning
• Monitoring
• Load balancing
API Gateway is a server that is the single entry point into the system. The API Gateway
encapsulates the internal system architecture and provides an API that is tailored to each
client.
21. .NET STACK TOOLS FOR
MICROSERVICES
CI/ CD
TeamCity
Docker
Testing
xUnit.net
NUnit
Moq
FsCheck
Communication
REST
Protocol Buffers
RabbitMQ
Particular
MassTransit
Persistence
MongoDB
RavenDB
MySQL
Cassandra
Redis*
Memcached*
Logging and monitoring
Serilog
Seq
StatsD
Graphite
Grafana
Cabot - monitor and alert
Technology freedom, use the best tools available.
26. WHAT IF WE WANT RUN
MULTIPLE APPS?
[1] [2] [3] [4]
…………...…….…..
[10]
[+] [+] [+] [+]
100%
50%
15%
10GB disk space
4GB RAM
5% CPU
100GB disk space
40GB RAM
50% CPU
x 10 =
27. DOCKER VS VM
App A
Bins/Libs
Guest OS
App A
Bins/Libs
Guest OS
Hypervisor
Host OS
Server Infrastructure
Virtual Machine
• REUSABLE IMAGES
• SNAPSHOTS
• SIMPLIFY CLUSTERS CREATION
Problems?
YES!!
"TOO HEAVY"
App A
Bins/Libs
App A
Bins/Libs
Docker Engine
Host OS
Server Infrastructure
Docker
28. WHAT IS A CONTAINER?
Host OS
Server Infrastructure
Physical Machine
APP
User
Space
APP
User
Space
APP
User
Space
/
dev var proc
sda sda1 lib
/
dev etc lib
sda sda1 systemd
proc
udev
/
dev etc lib
sda sda1 systemd
proc
udev
Container 1
(mnt namespace 1)
Container 2
(mnt namespace2)
Docker Engine
Containers
Container ~ VM but lightweight
29. HOW CONTAINERS WORK?
Physical or Virtual Server
Docker Engine
libcontainer LXC
Host OS
Namespaces cgroups Capabilities
Linux Kernel
LXC = "LINUX CONTAINERS"
OS-LEVEL VIRTUALIZATION FOR RUNNING
MULTIPLE ISOLATED LINUX SYSTEMS
CGROUPS = "CONTROL GROUPS"
LINUX KERNEL FEATURE THAT LIMITS AND ISOLATES
THE RESOURCE USAGE
(CPU, DISK I/O, NETWORK, ETC.)
AUFS= "ADV. MULTI LAYERED
UNIFICATION FS"
FILESYSTEM WHICH IS BASED ON IMAGES
WHERE EVERY MODIFICATION IS A DIFF FROM
THE PREVIOUS ONE (LIKE COMMITS IN GIT)
30. HOW TO INSTALL ?
Linux:
$ wget -qO- https://get.docker.com/ | sh
Mac OSX:
https://github.com/docker/toolbox/releases/download/v1.9.1c/DockerToolbox-
1.9.1c.pkg
Windows:
https://github.com/docker/toolbox/releases/download/v1.9.1c/DockerToolbox-
1.9.1c.exe
http://docs.docker.com/engine/installation/
To use docker it's necessary a linux machine.
But.. for Windows and Mac OS X there are some tools to run docker in these OS
with a Virtual Machine”.
31. DOCKER HUB
“The Docker Hub is a cloud-based registry service for building and
shipping application or service containers”
5.6M
Pulls per Day
240K
Repositories on
Docker Hub
65
Pulls per Second
https://hub.docker.com/
32. DOCKER ARCHITECTURE
Docker client
docker search
docker run
docker start
docker pull
Local / Remote
Docker daemon
Container 1
Container 2
Host OS
…
DOCKER CLIENT
• binds to daemon via unix socket
• can access if user is in docker group
can
• bind to TCP or other UNIX socket
DOCKER DAEMON
• runs as root user
• creates UNIX socket for client
35. DOCKER BASICS
To show all docker commands just run docker binary
docker
Get command help
docker pull --help
Usage: docker pull [OPTIONS] NAME[:TAG|@DIGEST]
Pull an image or a repository from a registry
-a, --all-tags=false Download all tagged images in the repository
--disable-content-trust=true Skip image verification
--help=false Print usage
36. DOCKER BASICS
To show installed docker version
docker -v
Download a docker Ubuntu image
docker pull ubuntu
Interact with a container
docker run -it ubuntu bash
Show containers
docker ps
Show container run history
docker ps -a
38. DOCKER IMAGES
Docker images are the basis of containers.
Previously we’ve used Docker images that already exist, for example the ubuntu image.
• Immutable templates
• Used to create containers
• Used to create other images
• Images built in layers
• Uses union filesystems to glue layers together
• Layer are cached when build
• Can be uploaded to registry
docker images # To view all images available
docker run --rm -ti somecontainer bash
Basic images commands:
• Built from instructions in Dockerfile
• Built FROM base image
• Each instruction in Dockerfile creates new layer
39. DOCKER LAYERS
• AUFS - AnotherUnionFS/advanced multi layered unification filesystem
• Each layer has its own hash
• Layer can be tagged
• Layers are shared
docker images --tree
40. 2 WAYS TO CREATE
DOCKER IMAGES
1.COMMIT WAY
docker commit -m "<menssage>" <image name>
docker history <image name>
2.DOCKERFILE WAY
docker build -t <tag> <dockerfile path>
DOCKERFILE REFERENCE
FROM
MAINTAINER
WORKDIR
ENV
RUN
COPY
ADD
EXPOSE
VOLUME
USER
CMD
Dockerfile example:
And then we can build it
docker build -t somecontainer somecontainer/
FROM ubuntu
RUN apt-get update && apt-get install -y
python
telnet
ENTRYPOINT ["/bin/bash"]
41. IMAGES COMMANDS
// Build new image based on Dockerfile
> docker build -t neueda/myimage:tag ./path/to/Dockerfile
// List containers (-a to print also intermediate layers)
> docker images
// Create container based on ubuntu image, create pseudo-TTY, run command in interactive mode
> docker run -t -i ubuntu:14.04 rm -rf /etc
// Create new image based on mutations made by container
> docker commit -m "Removed /etc directory" -a "Nikolajs Arhipovs" $CONTAINER neueda/ubuntu
// Add tag to untagged image
> docker tag 5db5f8471261 neueda/ubuntu:broken
// Push to repository (Docker Hub)
> docker push neueda/ubuntu:broken
// Remove image with all intermediate layers on host
> docker rmi neueda/ubuntu:broken
Example commands
43. DOCKER CONTAINER
• Built on top of image
• Adds RW layer using union fs
Launch
(build-time) (runtime)
Image
Container
511136ea3c5a (rootfs)
6170bb7b0ad1
9cd978db300e
87026dcb0044
coreos/apache
Metadata
Image layering
3) 87026dcb0044
2) 9cd978db300e
1) 6170bb7b0ad1
0) 511136ea3c5a
etc…..
Docker Image
One per
container
Can be
shared by
many
containers
Thin writable layer
44. CONTAINERS COMMANDS
Example commands
// List containers (-a to print also stopped containers)
> docker ps
// Show stdout of a container (works as `cat`)
> docker logs $CONTAINER_ID
// Attaches to currently running container (like `tail -f`), same as `docker logs -f` > docker attach $CONTAINER_ID
// Stop running containers
> docker stop $CONTAINER_ID1 $CONTAINER_ID2
// Start stopped containers
> docker start $CONTAINER_ID
// Show running processes
> docker top $CONTAINER_ID
// Show all docker-related meta info like net interfaces, port forwarding, volumes
> docker inspect $CONTAINER_ID
45. DOCKER REGISTRY
• Images can be pushed to registry
• Images can pulled from it
• Images can be built on FROM other images
pulled from repository
~ $ docker push -h
Usage: docker push NAME[:TAG]
Push an image or a repository to the registry
--disable-content-trust=true Skip image signing
~ $ docker push alexiv/hello
The push refers to a repository [alexiv/hello] (len: 1)
b88f9422f14d: Image push failed
Please login prior to push:
Username: alexiv
Password:
Email: alexiv@gmail.com WARNING: login credentials saved in /Users/alex/.dockercfg. Login
Succeeded The push refers to a repository [alexiv/hello] (len: 1)
b88f9422f14d: Image already exists 91e54dfb1179:
Image successfully pushed d74508fb6632:
Image successfully pushed c22013c84729:
Image successfully pushed d3a1f33e8a5a:
Image successfully pushed
Digest: sha256:d659f9011eab6d04b3d9fd9f6324e23505bd1299c52d295c4b04ebe3e58878ce ~ $
Publish image to registry:
47. DOCKER VOLUME
A data volume is a specially-designated directory
within one or more containers that bypasses
the Union File System.
~ $ ls /Users/baptou/myDirectory file1 file2 file3
~ $ docker run -it -v /Users/baptou/myDirectory:/opt ubuntu:latest /bin/bash
root@29088b02f260:/# ls /opt
file1 file2 file3
root@29088b02f260:/# rm /opt/file2
root@29088b02f260:/# ls /opt file1 file3
root@29088b02f260:/# exit
exit
~ $ ls /Users/baptou/myDirectory file1 file3
~ $
49. DOCKER FOR
WINDOWS / .NET STACK
• Visual Studio 2015 Tools for Docker
• Docker Toolbox
• Windows server 2016
50. DOCKER NEXT
STEPS
Tutum
Build, deploy, and
manage your apps
across any cloud
Docker Universal Control
On-premises management solution
for Docker apps - regardless of
where they run
Docker Swarm
Docker Swarm is
native clustering for
Docker.
Kubernetes
Manage a cluster of
Linux containers as a
single system