Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to Docker @elasticbox

Introduction to Docker @elasticbox

Introduction to Docker + Zero downtime deployment using Hipache

Victor Vieux

March 05, 2014
Tweet

More Decks by Victor Vieux

Other Decks in Technology

Transcript

  1. Docker Meetup @elasticbox– 03/05/2014
    Introduction to Docker
    Victor Vieux, Docker Inc.
    @vieux

    View full-size slide

  2. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  3. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  4. Devs
    •  all languages
    •  all databases
    •  all O/S
    •  targeting Linux system
    Docker will eventually be able to target FreeBSD, Solaris, and maybe OS X

    View full-size slide

  5. Ops
    •  any distro
    •  any cloud
    •  any machine (physical, virtual…)
    •  recent kernels
    – at least 3.8
    – Or the one that comes with RHEL 6.5

    View full-size slide

  6. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  7. The Matrix From Hell

    View full-size slide

  8. Another Matrix From Hell

    View full-size slide

  9. Solution:
    the intermodal shipping container

    View full-size slide

  10. Solution to the deployment problem:
    the Linux container

    View full-size slide

  11. Linux containers…
    Units of software delivery.
    •  run everywhere
    –  regardless of kernel version
    –  regardless of host distro
    •  (but container and host distro must match*)
    •  run anything
    –  if it can run on the host, it can run in the container
    –  i,e., if it can run on a Linux kernel, it can run
    *Unless you emulate CPU with QEMU and binfmt

    View full-size slide

  12. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  13. High level approach:
    lightweight VM
    •  own process space
    •  own network interface
    •  can run stuff as root
    •  can have it’s own /sbin/init
    (different from the host)
    “Machine Container”

    View full-size slide

  14. Low level approach:
    chroot on steroids
    •  can also not have it’s own /sbin/init
    •  container = isolated process(es)
    •  share kernel with the host
    “Application Container”

    View full-size slide

  15. Separation of concerns:
    dev POV
    •  inside my container:
    – my code
    – my libraries
    – my packages
    – my app
    – my data

    View full-size slide

  16. Separation of concerns:
    ops POV
    •  outside the container:
    – logging
    – remote access
    – network configuration
    – monitoring

    View full-size slide

  17. How does it works ?
    Isolation with namespaces
    •  pid
    •  mnt
    •  net
    •  uts
    •  ipc
    •  user

    View full-size slide

  18. How does it works ?
    Isolation with cgroups
    •  memory
    •  cpu
    •  blkio
    •  devices

    View full-size slide

  19. How does it works ?
    Copy-on-write storage
    •  unioning filesystems
    – AUFS, overlayFS
    •  snapshotting filesystems
    – BTRFS, ZFS
    •  copy-on-write block devices
    – Thin snapshots with LVM or device-mapper

    View full-size slide

  20. Storage efficiency:
    many options!

    View full-size slide

  21. Compute efficiency:
    almost no overhead
    •  Processes isolation
    –  but run straight on the host
    •  CPU performance
    –  equal to native performance
    •  Memory performance
    –  small overhead for (optional) accounting
    •  Network performance
    –  small overhead, can be reduced to zero

    View full-size slide

  22. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  23. Classic: hello world
    •  Get one base image (ubuntu, centos, busybox, …)
    $> docker pull ubuntu
    •  List images on you system
    $> docker images
    •  Display hello world
    $> docker run ubuntu:12.10 echo “hello world”

    View full-size slide

  24. Detached mode
    •  Run docker using the detach flag (-d)
    $> docker run –d busybox ping google.com
    •  Get container’s id
    $> docker ps
    •  Attach to the container
    $> docker attach
    •  Stop/Start/Restart the container
    $> docker stop/start/restart

    View full-size slide

  25. Container vs Images
    •  Remove a file from an image
    $> docker run busybox rm /etc/passwd
    •  The file is still there ??
    $> docker run busybox cat /etc/passwd
    •  Commit the changes
    $> docker ps –n=2 #get the container’s id
    $> docker commit broken-busybox
    •  The file is gone
    $> docker run broken-busybox cat /etc/passwd

    View full-size slide

  26. Public index & Network
    •  Pull an apache image from the public index
    $> docker search apache
    $> docker pull creack/apache2
    •  Run the image and check the ports
    $> docker run –d creack/apache2
    $> docker ps
    •  Expose public ports
    $> docker run –d –p 8888:80 –p 4444:443 creack/apache2
    $> docker ps

    View full-size slide

  27. Creating your 1st app: the interactive way
    •  Using docker in interactive mode
    $> docker run –i -t ubuntu bash
    root@82c63ee50c3d:/#
    root@82c63ee50c3d:/# apt-get update
    root@82c63ee50c3d:/# apt-get install memcached -y
    root@82c63ee50c3d:/# exit
    •  Commit the image
    $> docker commit `docker ps –q –l` vieux/memcached
    •  Start the image
    $> docker run –d –p 11211 –u daemon vieux/memcached memcached

    View full-size slide

  28. Creating your 1st app: the boring way
    •  Using run / commit
    $> docker ubuntu bash apt-get update
    $> $ID=(docker commit `docker ps –l –q`)
    $> docker run $ID apt-get install memcached -y
    $> docker commit `docker ps –q –l` vieux/memcached
    •  Define default configuration at commit
    $> docker commit -–run=‘{“Entrypoint”:[“memcached”]}’
    •  Start the image
    $> docker run –d –p 11211 –u daemon vieux/memcached

    View full-size slide

  29. Creating your 1st app: the scripted way
    •  Write a Dockerfile
    # Memcache
    FROM UBUNTU
    MAINTAINER Victor Vieux
    RUN apt-get update
    RUN apt-get install memcached –y
    ENTRYPOINT [“memcached”]
    USER daemon
    EXPOSE 11211
    •  Build the image
    $> docker build –t vieux/memcached
    •  Start the image
    $> docker run –d vieux/memcached
    # Memcache
    FROM UBUNTU:12.10
    MAINTAINER Victor Vieux
    RUN apt-get update
    RUN apt-get install memcached –y
    ENTRYPOINT [“memcached”]
    USER daemon
    EXPOSE 11211
     

    View full-size slide

  30. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  31. Index
    •  http://index.docker.io
    •  Closed source
    •  Manage user accounts, trusted builds,
    comments, stars, etc...

    View full-size slide

  32. Registry
    •  https://github.com/dotcloud/docker-registry
    •  Open source, written in Python
    •  Manage actual images files.
    •  Multiple storage backend:
    – Local
    – S3
    – Google Cloud Storage
    – etc…

    View full-size slide

  33. How to use a private registry
    $> docker push /
    •  Docker uses the namespace to know where to push, if
    the namespace is an url, it will push on this url
    #push in the namespace to the index
    $> docker push /  
    #push the to your a private registry
    $> docker push /
    •  Same mechanism for docker pull

    View full-size slide

  34. Example: push busybox to your registry
    # Rename add a new name to the busybox image
    $> docker tag busybox my.registry.com:5000/busybox
     
     
     
    # Push the image to your registry
    $> docker push my.registry.com:5000/busybox
     

    View full-size slide

  35. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  36. Local development
    •  App running in prod
    http://app.vieux.fr/
    •  Build local
     $> docker build –t=app .
    •  Test local
    $> docker run –p 49200:8000 app
     http://localhost:49200
    •  Change some files
    •  Rebuild & test
    $> docker build –t=app .
    $> docker run –p 49200:8000 app

    View full-size slide

  37. Push to production
    •  Tag image in order to push it
    $> docker tag app registry.vieux.fr/app
    •  Push image to local registry
    $> docker push registry.vieux.fr/app
    •  On production server, download image
    $> docker pull registry.vieux.fr/app
    •  Start the new container
    $> docker run –d registry.vieux.fr/app  

    View full-size slide

  38. Seamless update
    •  List running containers
    •  Update hipache config
    $> docker inspect –f ’{{.NetworkSettings.IPAddress}}
    $> redis-cli lset frontend:app.vieux.fr -1 http://:
    •  See the changes live
    http://app.vieux.fr/

    View full-size slide

  39. Outline
    •  Whom is this for ?
    •  What’s a the problem ?
    •  What’s a Container ?
    •  Docker 101
    •  Docker index vs registry & How-To
    •  Demo: Deployment with zero downtime
    •  Docker future
    •  Questions

    View full-size slide

  40. Docker: the community
    •  10000+ GitHub stars
    •  300+ Contributors
    •  ~50% of all commits made by external contributors
    •  1500+ GitHub forks
    •  260k+ index pulls
    •  and counting…

    View full-size slide

  41. Docker: the future
    •  0.9 is about to be released, 1.0 around the corner...
    •  Supports AUFS, BTRFS and device-mapper as storage
    drivers, more to come… (ZFS?, OverlayFS?)
    •  Support our native go implementation and LXC as
    execution driver, more to come... (systemd-nspawn?)
    •  Stable plugins (as container?) API
    •  Introspection
    •  Image signature

    View full-size slide

  42. Thank you! Questions?
    http://docker.io
    http://docker.com
    @docker - @vieux

    View full-size slide