Docker & Linux Containers (with animations)

Slide 1

Slide 1 text

Linux Containers & Docker Ahmet Alp Balkan 8/14/2014 NOT MICROSOFT CONFIDENTIAL

Slide 2

Slide 2 text

‘Real’ containers

Slide 3

Slide 3 text

‘Real’ containers

Slide 4

Slide 4 text

What is special about containers?

Slide 5

Slide 5 text

What is special about containers?

Slide 6

Slide 6 text

What is special about containers?

Slide 7

Slide 7 text

What is special about containers?

Slide 8

Slide 8 text

Power of Containers        

Slide 9

Slide 9 text

Power of Containers •  Standard format everybody agrees on      

Slide 10

Slide 10 text

Power of Containers •  Standard format everybody agrees on •  Once you seal the box, it gets shipped “as is”    

Slide 11

Slide 11 text

Power of Containers •  Standard format everybody agrees on •  Once you seal the box, it gets shipped “as is” •  SeparaVon of concerns – Building ó Packaging ó Shipping

Slide 12

Slide 12 text

Containers vs. VMs

Slide 13

Slide 13 text

Type 1 Hypervisor

Slide 14

Slide 14 text

Type 1 Hypervisor Hardware

Slide 15

Slide 15 text

Type 1 Hypervisor Hardware Hypervisor Kernel

Slide 16

Slide 16 text

Type 1 Hypervisor Hardware VM VM Hypervisor Kernel

Slide 17

Slide 17 text

Type 1 Hypervisor Hardware VM VM OperaVng System OperaVng System Hypervisor Kernel

Slide 18

Slide 18 text

Type 1 Hypervisor Hardware VM VM OperaVng System OperaVng System bins/libs bins/libs Hypervisor Kernel

Slide 19

Slide 19 text

Type 1 Hypervisor Hardware VM VM OperaVng System OperaVng System bins/libs bins/libs App App App App Hypervisor Kernel

Slide 20

Slide 20 text

Type 2 Hypervisor

Slide 21

Slide 21 text

Type 2 Hypervisor Hardware

Slide 22

Slide 22 text

Type 2 Hypervisor Hardware OperaVng System

Slide 23

Slide 23 text

Type 2 Hypervisor Hardware Hypervisor So[ware OperaVng System

Slide 24

Slide 24 text

Type 2 Hypervisor Hardware Hypervisor So[ware OperaVng System App App App

Slide 25

Slide 25 text

Type 2 Hypervisor Hardware Hypervisor So[ware VM VM OperaVng System OperaVng System bins/libs bins/libs App App App App OperaVng System App App App

Slide 26

Slide 26 text

Linux Containers

Slide 27

Slide 27 text

Linux Containers Hardware

Slide 28

Slide 28 text

Linux Containers Hardware OperaVng System (Linux)

Slide 29

Slide 29 text

Linux Containers Hardware OperaVng System (Linux) bins/libs

Slide 30

Slide 30 text

Linux Containers Hardware OperaVng System (Linux) bins/libs Container

Slide 31

Slide 31 text

Linux Containers Hardware OperaVng System (Linux) bins/libs Container App

Slide 32

Slide 32 text

Linux Containers Hardware OperaVng System (Linux) bins/libs Container App App

Slide 33

Slide 33 text

Linux Containers Hardware OperaVng System (Linux) bins/libs Container Container App App

Slide 34

Slide 34 text

Linux Containers Hardware OperaVng System (Linux) bins/libs Container Container bins/libs App App

Slide 35

Slide 35 text

Linux Containers Hardware OperaVng System (Linux) bins/libs Container Container bins/libs App App App

Slide 36

Slide 36 text

Linux Containers Hardware OperaVng System (Linux) bins/libs Container Container bins/libs App App App

Slide 37

Slide 37 text

lxc: Linux Containers •  OS-‐Level virtualizaVon, no Hypervisor •  Namespacing –  PIDs –  user IDs –  network tables –  mounted drivers –  … •  Started in 2006. •  Developed by a team of 4 –  v1.0 in 2014.

Slide 38

Slide 38 text

cgroups: Control Groups •  Fair resource usage sharing for Linux kernel – CPU – Memory – I/O •  Started in 2007. – by 2 Google Engineers

Slide 39

Slide 39 text

Distributed ApplicaVon Model

Slide 40

Slide 40 text

Distributed ApplicaVon Model Front-‐end (web)

Slide 41

Slide 41 text

Distributed ApplicaVon Model Front-‐end (web) App services

Slide 42

Slide 42 text

Distributed ApplicaVon Model Front-‐end (web) App services Background workers

Slide 43

Slide 43 text

Distributed ApplicaVon Model Front-‐end (web) App services Background workers DB Cache Servers

Slide 44

Slide 44 text

Distributed ApplicaVon Model Front-‐end (web) App services Background workers DB Cache Servers

Slide 45

Slide 45 text

Distributed ApplicaVon Model Front-‐end (web) App services Background workers DB Cache Servers

Slide 46

Slide 46 text

Advantages of containers              

Slide 47

Slide 47 text

Advantages of containers •  Only one kernel runs on the machine            

Slide 48

Slide 48 text

Advantages of containers •  Only one kernel runs on the machine •  No Hypervisor overhead. –  Apps directly run on CPU –  Rack space & power & more free CPU cycles      

Slide 49

Slide 49 text

Advantages of containers •  Only one kernel runs on the machine •  No Hypervisor overhead. –  Apps directly run on CPU –  Rack space & power & more free CPU cycles •  Run diﬀerent versions of OS on same server –  Run diﬀerent OSes on the same server  

Slide 50

Slide 50 text

Slide 51

Slide 51 text

Use of Linux Containers              

Slide 52

Slide 52 text

Use of Linux Containers •  Borg –  Google’s “secret sauce” –  Everything runs in containers –  Not open source      

Slide 53

Slide 53 text

Use of Linux Containers •  Borg –  Google’s “secret sauce” –  Everything runs in containers –  Not open source      

Slide 54

Slide 54 text

Use of Linux Containers •  Borg –  Google’s “secret sauce” –  Everything runs in containers –  Not open source •  Mesos –  Developed by Twiger –  Open sourced

Slide 55

Slide 55 text

Use of Linux Containers •  Borg –  Google’s “secret sauce” –  Everything runs in containers –  Not open source •  Mesos –  Developed by Twiger –  Open sourced

Slide 56

Slide 56 text

Use of Linux Containers •  Borg –  Google’s “secret sauce” –  Everything runs in containers –  Not open source •  Mesos –  Developed by Twiger –  Open sourced “IT’S A WAY OF STITCHING TOGETHER A COLLECTION OF MACHINES INTO, BASICALLY, A BIG COMPUTER.”

Slide 57

Slide 57 text

No content

Slide 58

Slide 58 text

No content

Slide 59

Slide 59 text

…is a Linux container engine

Slide 60

Slide 60 text

…is Open Source

Slide 61

Slide 61 text

…is also a company.

Slide 62

Slide 62 text

Why was Docker born?            

Slide 63

Slide 63 text

Why was Docker born? •  Shipping code to servers is hard          

Slide 64

Slide 64 text

Why was Docker born? •  Shipping code to servers is hard •  It’s hard to glue the technology – LXC + cgroups      

Slide 65

Slide 65 text

Why was Docker born? •  Shipping code to servers is hard •  It’s hard to glue the technology – LXC + cgroups – lmcky: “Let me contain that for you” •  open source version of Google’s container stack  

Slide 66

Slide 66 text

Slide 67

Slide 67 text

Another moVve: eliminaVng Ops            

Slide 68

Slide 68 text

Another moVve: eliminaVng Ops •  So[ware used to be deployed by ops teams          

Slide 69

Slide 69 text

Another moVve: eliminaVng Ops •  So[ware used to be deployed by ops teams •  Docker might be “the ﬁrst true DevOps tool”        

Slide 70

Slide 70 text

Another moVve: eliminaVng Ops •  So[ware used to be deployed by ops teams •  Docker might be “the ﬁrst true DevOps tool” – Increased shipment cadence      

Slide 71

Slide 71 text

Another moVve: eliminaVng Ops •  So[ware used to be deployed by ops teams •  Docker might be “the ﬁrst true DevOps tool” – Increased shipment cadence – Fast moving engineering culture    

Slide 72

Slide 72 text

Slide 73

Slide 73 text

Slide 74

Slide 74 text

Why is Docker special?      

Slide 75

Slide 75 text

Why is Docker special? •  The real value is not technology.    

Slide 76

Slide 76 text

Why is Docker special? •  The real value is not technology. •  It’s “gelng people to agree on something”.  

Slide 77

Slide 77 text

Why is Docker special? •  The real value is not technology. •  It’s “gelng people to agree on something”. – Packaging and delivery method.

Slide 78

Slide 78 text

Why is Docker special? •  The real value is not technology. •  It’s “gelng people to agree on something”. – Packaging and delivery method.

Slide 79

Slide 79 text

Cloud as one big machine

Slide 80

Slide 80 text

Cloud as one big machine

Slide 81

Slide 81 text

Cloud as one big machine docker client

Slide 82

Slide 82 text

Cloud as one big machine docker client $ docker run …

Slide 83

Slide 83 text

Cloud as one big machine docker client $ docker run …

Slide 84

Slide 84 text

Cloud as one big machine docker client $ docker run … libswarm

Slide 85

Slide 85 text

Demo Vme

Slide 86

Slide 86 text

Demo Vme Linux VM on Azure

Slide 87

Slide 87 text

Demo Vme Linux VM on Azure docker daemon

Slide 88

Slide 88 text

Demo Vme Linux VM on Azure docker daemon

Slide 89

Slide 89 text

Demo Vme Linux VM on Azure docker daemon docker client

Slide 90

Slide 90 text

Demo Vme Linux VM on Azure docker daemon docker client

Slide 91

Slide 91 text

Demo Vme Linux VM on Azure docker daemon docker client Container Container

Slide 92

Slide 92 text

Demo Vme Linux VM on Azure docker daemon docker client Container Container App App

Slide 93

Slide 93 text

Docker Image Layers

Slide 94

Slide 94 text

Docker Image Layers ubuntu

Slide 95

Slide 95 text

Docker Image Layers ubuntu apache+php

Slide 96

Slide 96 text

Docker Image Layers ubuntu apache+php ADD /my/applicaIon

Slide 97

Slide 97 text

Docker Image Layers ubuntu apache+php ADD /my/applicaIon ADD /my/conﬁguraIon

Slide 98

Slide 98 text

Docker Image Layers ubuntu apache+php ADD /my/applicaIon ADD /my/conﬁguraIon 200 MB

Slide 99

Slide 99 text

Docker Image Layers ubuntu apache+php ADD /my/applicaIon ADD /my/conﬁguraIon 200 MB 250 MB

Slide 100

Slide 100 text

Docker Image Layers ubuntu apache+php ADD /my/applicaIon ADD /my/conﬁguraIon 200 MB 250 MB 260 MB

Slide 101

Slide 101 text

Docker Image Layers ubuntu apache+php ADD /my/applicaIon ADD /my/conﬁguraIon 200 MB 250 MB 260 MB 261 MB

Slide 102

Slide 102 text

Docker Image Layers ubuntu apache+php ADD /my/applicaIon ADD /my/configuraIon 200 MB 250 MB 260 MB 261 MB 50 MB diff 10 MB diff 1 MB diff

Slide 103

Slide 103 text

Layers & Reuse

Slide 104

Slide 104 text

Layers & Reuse

Slide 105

Slide 105 text

Layers & Reuse Base Linux DistribuVon image

Slide 106

Slide 106 text

Layers & Reuse Base Linux DistribuVon image Google conﬁguraVon

Slide 107

Slide 107 text

Layers & Reuse Base Linux DistribuVon image Google conﬁguraVon mapreduce crawler web frontend video encoder

Slide 108

Slide 108 text

Layers & Reuse Base Linux DistribuVon image Google conﬁguraVon mapreduce crawler web frontend video encoder

Slide 109

Slide 109 text

Layers & Reuse Base Linux DistribuVon image Google conﬁguraVon mapreduce crawler web frontend video encoder

Slide 110

Slide 110 text

Dockerﬁle          

Slide 111

Slide 111 text

Dockerﬁle FROM ubuntu:latest        

Slide 112

Slide 112 text

Dockerﬁle FROM ubuntu:latest MAINTAINER Ahmet      

Slide 113

Slide 113 text

Dockerﬁle FROM ubuntu:latest MAINTAINER Ahmet RUN apt-get install nginx mysql python    

Slide 114

Slide 114 text

Dockerﬁle FROM ubuntu:latest MAINTAINER Ahmet RUN apt-get install nginx mysql python ADD /my/app /var/www/app  

Slide 115

Slide 115 text

Dockerﬁle FROM ubuntu:latest MAINTAINER Ahmet RUN apt-get install nginx mysql python ADD /my/app /var/www/app ENTRYPOINT /var/www/app/server.py

Slide 116

Slide 116 text

Dockerﬁle FROM ubuntu:latest MAINTAINER Ahmet RUN apt-get install nginx mysql python ADD /my/app /var/www/app ENTRYPOINT /var/www/app/server.py $ docker build

Slide 117

Slide 117 text

Dockerﬁle inheritance        

Slide 118

Slide 118 text

Dockerﬁle inheritance FROM microsoft/aspnet-vnext      

Slide 119

Slide 119 text

Dockerﬁle inheritance FROM microsoft/aspnet-vnext MAINTAINER Bob    

Slide 120

Slide 120 text

Dockerﬁle inheritance FROM microsoft/aspnet-vnext MAINTAINER Bob ADD /my/app /var/www/app  

Slide 121

Slide 121 text

Dockerﬁle inheritance FROM microsoft/aspnet-vnext MAINTAINER Bob ADD /my/app /var/www/app ENTRYPOINT /var/www/app/Server.cs

Slide 122

Slide 122 text

Dockerﬁle inheritance FROM microsoft/aspnet-vnext MAINTAINER Bob ADD /my/app /var/www/app ENTRYPOINT /var/www/app/Server.cs Reuse

Slide 123

Slide 123 text

Docker use cases                

Slide 124

Slide 124 text

Docker use cases •  Just like VMs in producVon –  SpoVfy, eBay            

Slide 125

Slide 125 text

Docker use cases •  Just like VMs in producVon –  SpoVfy, eBay •  One oﬀ tasks          

Slide 126

Slide 126 text

Docker use cases •  Just like VMs in producVon –  SpoVfy, eBay •  One oﬀ tasks –  Build automaVon        

Slide 127

Slide 127 text

Docker use cases •  Just like VMs in producVon –  SpoVfy, eBay •  One oﬀ tasks –  Build automaVon –  ConVnuous integraVon      

Slide 128

Slide 128 text

Docker use cases •  Just like VMs in producVon –  SpoVfy, eBay •  One oﬀ tasks –  Build automaVon –  ConVnuous integraVon –  TesVng    

Slide 129

Slide 129 text

Docker use cases •  Just like VMs in producVon –  SpoVfy, eBay •  One oﬀ tasks –  Build automaVon –  ConVnuous integraVon –  TesVng –  Bug repros  

Slide 130

Slide 130 text

Docker use cases •  Just like VMs in producVon –  SpoVfy, eBay •  One oﬀ tasks –  Build automaVon –  ConVnuous integraVon –  TesVng –  Bug repros •  Making the cloud look like “one big machine”

Slide 131

Slide 131 text

No content

Slide 132

Slide 132 text

… is a minimal host OS (Linux) for Docker.

Slide 133

Slide 133 text

…is an open source project

Slide 134

Slide 134 text

…is also a company

Slide 135

Slide 135 text

…is auto self-‐updaVng.

Slide 136

Slide 136 text

…has rollbacks. (updates are atomic)

Slide 137

Slide 137 text

Clustering                  

Slide 138

Slide 138 text

Clustering •  Kubernetes (by Google) –  for clustering Docker containers across nodes –  Inspired by Google’s internal systems like Borg/ Omega –  Open source –  10+ years of experience in running containers –  ContribuVons by Microso[ & IBM etc.      

Slide 139

Slide 139 text

Slide 140

Slide 140 text

Cons of Docker          

Slide 141

Slide 141 text

Cons of Docker •  Linux only – Probably will never support Windows.      

Slide 142

Slide 142 text

Cons of Docker •  Linux only – Probably will never support Windows. •  Security risks    

Slide 143

Slide 143 text

Cons of Docker •  Linux only – Probably will never support Windows. •  Security risks •  Same pricing as VMs  

Slide 144

Slide 144 text

Cons of Docker •  Linux only – Probably will never support Windows. •  Security risks •  Same pricing as VMs •  SVll developing ecosystem

Slide 145

Slide 145 text

Further reading •  Return of the Borg (Wired) •  Inside the Borg and Mesos (Verge) •  Google Open Sources Its Secret Weapon in Cloud CompuVng: Kubernetes (Wired) •  Docker: hgp://docker.com •  CoreOS: hgp://coreos.com •  Running Docker on Windows (docker.com) •  Docker on Azure (azure.com) •  Omega: ﬂexible, scalable schedulers for large compute clusters SIGOPS EuroSys 2013, ACM, pp. 351-‐364 (Google Research)

Slide 146

Slide 146 text

Thanks. QuesVons?