What's new in Docker-land? (Docker Glasgow, August 2016)

Transcript

1. What’s new in Docker-land Docker Glasgow (August, 2016) @gjtempleton @rawkode

2. Thanks, @CodeVoyagers Your support has been awesome!

3. Docker 1.12 Biggest Update Yet

4. New Features • SwarmKit • Security • Complete Orchestration ◦

   Load Balancing ◦ Service Discovery ◦ Healthchecks • Plugins • Docker Store • Docker for Mac / Windows

5. Docker Swarm Kit

6. Swarm vs. Swarm Kit Don’t confuse them

7. Vocabulary • Swarm • SwarmKit ◦ Raft • Node ◦

   Manager ◦ Worker • Service ◦ Task

8. Creating / Joining a Swarm $ docker swarm init $

   docker swarm join --token BLAH ip:2377

9. Creating a Service

10. $ docker service create --replicas 1 --name cms --network public

    --publish 80:80/tcp wordpress:latest

11. Special Sauce: Mesh Routing --publish 80:80/tcp

12. Global Service

13. $ docker service create --mode global --name datadog datadog:latest

14. Scaling a Service

15. $ docker service scale cms=2

16. Is it “web-scale”? What does that even mean!?

17. Swarm2k https://github.com /swarm2k /swarm2k /blob/master/PROPOSAL.md • Over 2,000 connected swarm

    workers • Managed by three swarm managers • Tested resiliency of manager failure • Tested load balancing and service discovery

18. Is there more?

19. DAB Distributed Application Bundle

20. Creating the DAB $ docker-compose bundle $ docker deploy <bundle>

    Docker Compose 1.8 required

21. Security Can’t be disabled • Automated certification rotation • TLS

    encryption across the swarm

22. Healthchecks # Dockerfile HEALTHCHECK --interval 1m --timeout 1s --retries 5

    CMD curl http://localhost || exit 250

23. Want to know more? https://docs.docker.com/engine/swarm/key-concepts/ https://www.youtube.com/user/dockerrun

24. The new beta: Docker for AWS and Azure • Uses

    Cloudformation stack with custom AMIs to spin up a swarm cluster • Allows you to expose ports, on ELBs, from the console • Use the new Distributed App Bundle format • All the benefits of Swarm, but running natively on AWS, little config on your side • Fault tolerant as long as you set it to have multiple masters • Sets up its own network http://beta.docker.com

25. The new beta: Docker for AWS and Azure • Even

    Docker are calling parts Alpha • Uses DynamoDB as a distributed lock • IAM permissions are pretty wide open ( “Resource”: “*” statements) • No SSHing onto the worker nodes

26. Other developments • Labelling schemas - still in development (Not

    Docker specific, but gaining steam like the OCI) ◦ Build time labels at the moment ◦ Help developers/users understand where the code in a container came from, and when ◦ How to run it! • Extra depth of information compared to imagelayers.io • Everyone loves more badges! http://label-schema.org https://microbadger.com/

27. Schema examples • org.label-schema.usage= “/usr/doc/app-usage.txt” • org.label-schema.docker.cmd= “docker run -d

    -p 5000:5000 -v config.json:/etc/config.json myapp” • https://microbadger.com/#/images/vidsyhq/ruby-ca

28. Plugins - Another command to learn

29. Plugins $ docker plugin install tiborvass/no-remove Plugin "tiborvass/no-remove" is requesting

    the following privileges: - network: [host] - mount: [/data] - device: [/dev/cpu_dma_latency] Do you grant the above permissions? [y/N] y tiborvass/no-remove $ docker plugin enable tiborvass/no-remove https://docs.docker.com/engine/extend/plugins/

30. Dockerfile PreProcessing • Another level of Domain specific abstraction •

    Single place to manage updating package versions etc. • From multi-line CMD statements to simple commands • However: means needing to preprocess every Dockerfile as part of the build pipeline https://github.com/garethr/dockerfilepp

31. Preprocessors From: RUN apt-get update && \ apt-get install -y

    wget=1.17.1-1ubuntu1 && \ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-"$UBUNTU_CODENAME".deb && \ dpkg -i puppetlabs-release-pc1-"$UBUNTU_CODENAME".deb && \ rm puppetlabs-release-pc1-"$UBUNTU_CODENAME".deb && \ apt-get update && \ apt-get install --no-install-recommends -y puppet-agent="$PUPPET_AGENT_VERSION"-1"$UBUNTU_CODENAME" && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* To: PUPPET_INSTALL

32. CodeCraft conf.codecraftuk.org 16th September, 2016 CitizenM, Glasgow Container Camp container.camp/uk/2016

    9th September, 2016 Picturehouse Central, London

33. Join the Slack channel! www.dockerscotland.com Next Month: Workshop