Introduction to Docker

Transcript

1. Introduction to Kunal Kushwaha

2. whoami? - Kunal Kushwaha ๏ NTT Labs ๏ Contributor -

   Docker & related projects. ๏ Docker Tokyo Meetup Co Organizer. @kunalkushwaha

3. Linux Containers • A container is a group of isolated

   processes – cgroups – namespace • Isolated processes run straight on the host – native CPU performance – minimal memory overhead – minimal network performance overhead

4. Cgroups

5. Cgroups (control groups) • Linux kernel feature • Resource limitations

   • Accounting • Groups of processes • May be nested

6. Cgroups submodules • memory • CPU • network IO •

   disk IO

7. Namespaces

8. namespaces • Linux kernel feature • wrap particular global system

   resource in an abstracted & isolated instance • May be nested

9. Different kinds of namespaces • Currently 6 namespaces supported by

   Linux Kernel • mnt (mount points, filesystems) • pid (processess) • net (network stack) • ipc (System V IPC) • uts (hostname) • user (UIDs)

10. Implementations

11. VM vs Containers

12. 12 VMs

13. 13 Containers

14. Containers vs VM App A Hypervisor (Type 2) Host OS

    Server Guest OS Bins/ Libs App A’ Guest OS Bins/ Libs App B Guest OS Bins/ Libs App A’ Docker Host OS Server Bins/Libs App A Bins/Libs App B App B’ App B’ App B’ VM Container Containers are isolated, but share OS Kernel and, where appropriate, bins/ libraries Guest OS Guest OS … result is significantly faster deployment, much less overhead, easier migration, faster restart. isolation is achieved with OS components like cgroups, namespaces, secomp, SELinux, apparmor etc.

15. Startup Time

16. Pros & Cons • Startup time reduced to few seconds

    from minutes. • lightweight • No hypervisor overhead • Can run 100 to 1000 containers instead of 10-20 VM’s. • Less secure
17. None

18. Loosely Coupled Services Many Small Servers ~2000 Today Monolithic Big

    Servers Slow changing Rapidly updated Application are changing

19. •Many different stacks. •Many different targets. Deployment becomes very complex

20. Virtual machines Server Public Cloud Disaster Recovery Developer Laptop Server

    Cluster Data Center Static Website Web Front End Background Workers User DB Analytics DB Queue API Endpoint Development Test & QA Production Scale Out The deployment challenge

21. The Matrix from Hell

22. Cargo Transport pre-1960 Multiplicity of Goods Multipilicity of methods for

    transporting/ storing Do I worry about how goods interact (e.g. coffee beans next to spices) Can I transport quickly and smoothly (e.g. from boat to train to truck)

23. Also an NxN Matrix ? ? ? ? ? ?

    ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?

24. Solution: Intermodal Shipping Container Multiplicity of Goods Multiplicity of methods

    for transporting/storing Do I worry about how goods interact (e.g. coffee beans next to spices) Can I transport quickly and smoothly (e.g. from boat to train to truck) …in between, can be loaded and unloaded, stacked, transported efficiently over long distances, and transferred from one mode of transport to another A standard container that is loaded with virtually any goods, and stays sealed until it reaches final delivery.

25. This eliminated NxN Problem… ? ? ? ? ? ?

    ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?

26. …and Spawned an Intermodal Shipping Container Ecosystem • 90% of

    all cargo now shipped in a standard container • Order of magnitude reduction in cost and time to load and unload ships • Massive reduction in losses due to theft or damage • Huge reduction in freight cost as percent of final goods (from >25% to <3%) • massive globalizations • 5000 ships deliver 200M containers per year

27. Docker is Shipping Container system for Code Static website Web

    frontend User DB Queue Analytics DB Development VM QA server Public Cloud Contributor’s laptop Multiplicity of Stacks Multiplicity of hardware environments Production Cluster Customer Data Center Do services and apps interact appropriately? Can I migrate smoothly and quickly …that can be manipulated using standard operations and run consistently on virtually any hardware platform An engine that enables any payload to be encapsulated as a lightweight, portable, self-sufficient container…

28. Or… put more simply Static website Web frontend User DB

    Queue Analytics DB Development VM QA server Public Cloud Contributor’s laptop Multiplicity of Stacks Multiplicity of hardware environments Production Cluster Customer Data Center Do services and apps interact appropriately? Can I migrate smoothly and quickly Operator: Configure Once, Run Anything Developer: Build Once, Run Anywhere (Finally)

29. Eliminate the Matrix from Hell

30. None

31. Docker • Package • Docker provides the ability to package

    and run an application in a loosely isolated environment called a container. • Encapsulate your applications (and supporting components) into Docker containers • Run • The isolation and security allow you to run many containers simultaneously on a given host. • Because of the lightweight nature of containers, which run without the extra load of a hypervisor, you can run more containers on a given hardware combination than if you were using virtual machines. • Docker provides tooling and a platform to manage the lifecycle of your containers: • Ship • Distribute and ship containers to your teams for further development and testing • Deploy applications to your production environment, whether it is in a local data center or the Cloud

32. Build on Giants

33. Container Revolution • Started by making Linux containers usable. •

    Whole ecosystem was built. • Now moving towards standards • OCI (Open Container Initiative) • Runtime Specs • Image Specs • Docker libcontainer and image specs are donated for both. • No lock-in.

34. Docker for Windows/Mac •Currently in public beta •Easy to install:

    Get up and running on Docker in minutes •Leverages Hyper-V (Windows) or xhyv (Mac)
 −Docker for Windows requires Windows Pro 10, Enterprise, or Education •Full API / CLI compatibility •OS integration for increased stability and speed

35. •Native Windows containers powered by Docker Engine •Windows kernel engineered

    with new primitives to support containers •Deep integration with 2+ years of engineering collaboration in Docker Engine and Windows Server •Microsoft is top 5 Docker open source project contributor and a Docker maintainer Infrastructure Windows Server 2016 Bins/Libs App Docker Engine Bins/Libs App Bins/Libs App Docker + Windows Server = Windows Containers

36. Docker ecosystem Dev Tools Official Repositories Operating Systems Big Data

    Service Discovery Build / Continuous Integration Configuration Management Consulting &Training Management Storage Clustering & Scheduling Networking Infrastructure & Service Providers Security Monitoring & Logging

37. QA