SlideShare a Scribd company logo

codemotion-docker-2014

C
Carlo Bonamico

Why everyone is excited about Docker (and you should too...)

Technology
1 of 43
Download to read offline
MILAN november 28th/29th 2014 Carlo Bonamico Why everyone is excited about Docker (and you should too...) carlo.bonamico@nispro.it - NIS s.r.l. carlo.bonamico@gmail.com – Genova Java User Group Twitter: @carlobonamico
Didn't you hear these at least once?  Can you deploy my application? It's for Linux...  Yes, but which distribution? release? patch?  Why the deploy failed? Didn't you test the app?  Yes, but the production environment is slightly different  The new version is having some issues, can you rollback to the previous one, please?  Yes, but it will take some hours – if John hasn't already gone home – in that case he'll do it on monday  Can you debug this production problem?  Yes, but I need an hosted DEV environment as I can't run all the needed VMs on my laptop
In the beginning...  We moved from physical server to VMs  performance and resource usage issues  Got more security and hardware independence  but creating a VM still takes time  Some hosting / cloud providers took advantage of kernel-level virtualization  LXC  OpenVZ  But out-of-reach of the common man Dev  Try setting up LXC...
Then in 2013 (please fake drum roll)  Solomon Hykes (@solomonstre) started Docker as an internal project within dotCloud.com hosting  to make Linux Containers an order of magnitude easier  and more powerful, too  Open Sourced in March 2013  in a week, it went to the top projects on GitHub  https://github.com/docker/docker  A catalyst for innovative work on containers  shortly, several other key projects converged
Fast Forward to mid-2014  Major Open Source project with contributions from all the big names in IT  Google, RedHat, OpenShift, Ubuntu ...  DotCloud → Docker Inc.  https://www.docker.com/  All cloud big and small names are in a rush to provide Docker hosting  Amazon, CloudFoundry, Linode, Digital Ocean…  and Microsoft !  both for Azure and soon for the new Windows Server...
But why should I join the party?  In short, Docker makes creating  Development  Test  and Production  environments an order of magnitude  simpler  faster  and completely portable  across both local and cloud infrastructure
Docker hello world...  What's happening here? user@laptop:~$ docker pull ubuntu:14.04.1 user@laptop:~$ docker run ubuntu:14.04.1 echo "Hello World" Hello World  And here? user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@d1fa8fcb4518:/# python bash: python: command not found root@d1fa8fcb4518:/#
Behind the scenes...  I run the docker cli (Command Line Interface ) user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash  the CLI connects to docker daemon by REST API,  which asks the Linux kernel to create a new container d1fa8fcb4518  and runs /bin/bash in it, so root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media ...  lists the filesystem of the container (!= from host OS) root@d1fa8fcb4518:/# python bash: python: command not found
So what's inside Docker?  Isolation layer based on kernel namespaces  separate process trees, network, user IDs and mounted file systems  Resource isolation through cgroups  CPU, memory, block I/O and network  Standard interface through libcontainer  based on libvirt, LXC and systemd-nspawn  And more...
How are data & containers stored?  AUFS Another Union Filesystem  possibly other snapshotting fs (zfs) / block device (LVM)  Layered approach  rootfs → kernel layer  bootfs → a Linux distribution  emacs  apache  application  Copy-on-Write approach – à la subversion (SVN)
Containers, Images and Index  A Container is a running instance  can run 100-1000 containers per host  An Image is a static snapshot  in turn based on a series of layers  unique hash for each layer, so  Images are basically versioned (think git)  can be tagged ubuntu:14.04.1  can be updated by applying layer deltas  Images can be stored in an Index  local and remote indexes (think maven / npm repos)
So a container is like a lighter/better Virtual Machine? Well...
VM vs Container  A Virtual Machine  needs an hypervisor  and a full OS inside  Bigger footprint  RAM needed  Storage space  Tend to be slower  2 filesystems, 2 OSes  Strong resource management  A Container  talks to the host kernel  Smaller footprint  no RAM needed for Guest OS  differential storage  Tend to be faster  direct CPU access  Less sophisticated resource management
VM vs Container
Great! but tell me about security  Are containers less secure than Vms?  the answer is nuanced...  https://docs.docker.com/articles/security/  Can I use Docker in Production?  Sure! many Internet companies trust it  But a container still needs good System Administration & InfoSec practices!  limiting privileges, avoiding unsecure defaults, etc...  http://www.slideshare.net/jpetazzo/docker­linux­conta iners­lxc­and­security  http://opensource.com/business/14/7/docker­security­s elinux Avoid This!
Docker workflow
Start with a dockerfile  Define an image for running Tomcat 7  inspired by https://registry.hub.docker.com/_/tomcat/ FROM java:7­jre RUN groupadd ­r tomcat && useradd ­r ­­create­home ­g tomcat tomcat ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH RUN mkdir ­p "$CATALINA_HOME" && chown tomcat:tomcat "$CATALINA_HOME" WORKDIR $CATALINA_HOME USER tomcat ENV TOMCAT_MAJOR 7 ENV TOMCAT_VERSION 7.0.57
Dockerfiles - continued ENV TOMCAT_TGZ_URL https://www.apache.org/dist/tomcat/tomcat­$ TOMCAT_MAJ OR/v$TOMCAT_VERSION/bin/apache­tomcat­$ TOMCAT_VERSION .tar.gz RUN curl ­SL "$TOMCAT_TGZ_URL" ­o tomcat.tar.gz && curl ­SL "$TOMCAT_TGZ_URL.asc" ­o tomcat.tar.gz.asc && tar ­xvf tomcat.tar.gz ­­strip­components= 1 && rm bin/*.bat && rm tomcat.tar.gz* EXPOSE 8080 CMD ["catalina.sh", "run"]  Public repo of Dockerfiles, with automatic build  http://dockerfile.github.io/
Building an image  Build the image from the Dockerfile docker build .  You can then do further edits, then docker build .  And archive the image locally docker commit 38b73dfecc3c docker­simple­samples­web  And tag it docker tag 47432ccfea81 docker­simple­samples­web: 1.0  List local images docker images
Starting a container  Start a container interactively docker run ­i ­t docker­simple­samples­web /bin/bash  Start a container as a daemon  using defaul entrypoint docker run ­d docker­simple­samples­web: 1.0  Check running containers docker ps  And stopping it  docker stop <<id>>  Check also stopped containers docker ps ­a
Attaching to a running container  Using nsenter docker inspect ­­format "{{ .State.Pid }}" determined_bardeen nsenter ­­target $PID ­­mount ­­uts ­­ipc ­­net ­­pid
Storing and Sharing data  Creating a Container to host a data Volume #Dockerfile FROM busybox VOLUME /var/lib/mysql CMD /bin/sh  Create the Image docker build ­­tag carlobonamico/datastore  Create the Container docker run ­d ­name pgsql_data ­v /var/lib/pgsql/ carlobonamico/datastore  Attach the volume to another container docker run ­d ­volumes­from pgsql_data cb/postgres­db
Publishing  To the Central Registry docker push carlobonamico/docker­simple­samples­web  need a free account on https://hub.docker.com/  Tag and publish to a private repository  docker tag 8dbd9e392a96 my­local­repo: 5000/docker­simple­samples­web  You need  https://github.com/docker/docker­registry
Deploy to the cloud  On cloud server docker pull carlobonamico/docker­simple­samples­web: 2  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2  Upgrade it docker pull carlobonamico/docker­s... ­samples­web: 2.1  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2.1  Rollback to previous version docker run ­d carlobonamico/docker­s... ­samples­web: 2
So what do I get?  If I am a Dev  recreate complex environments on a laptop  If I am a Tester  easy to recreate applications deployments and data  If I am an Ops person  less configuration effort  more standardization  In general  lots of pre-packaged components  https://registry.hub.docker.com/  quickly deploy (groups of) packages  even multiple versions at the same time But many other benefits to come...
Docker and DevOps DevOps is a software development method that stresses communication, collaboration and integration between software developers and IT professionals, as a response to the interdependence of Dev and Ops.  http://en.wikipedia.org/wiki/DevOps  Docker gives a common, seamless collaboration model and workflow between Dev and Ops  clearer separation of responsibilities  Docker and DevOps by Gene Kim  https://www.youtube.com/watch?v=SaHbtEeu37M
Docker helps Continuous Delivery Continuous Delivery of value to users through a constant flow of incremental product/service improvements along the entire pipeline Idea → Implementation → Test → Deploy → Prod http://continuousdelivery.com/  4 Practices of Continuous Delivery (from the book)  Build binaries only once  package them in containers  Same mechanism to deploy to every environment  and move the containers across environments  Smoke test your deployment, & If anything fails, stop the line!
Docker helps with CD's 8 principles  Releasing/deploying MUST be repeatable and reliable  containers  Automate everything!  docker is fully scriptable and has an API  If somethings difficult or painful, do it more often  containers are quick to deploy many times a day  Keep everything in source control  including dockerfiles!  Done means “released”  it's containers all the way to production  Build quality in!  containers support frequent and realistic testing  Everybody has responsibility for the release process  see DevOps slide...  Improve continuously
What do I put in a Docker image?  The traditional Way  VM-like approach  SSH, init.d  several apps in the same container  http://phusion.github.io/baseimage-docker/  https://registry.hub.docker.com/u/phusion/baseimage/  Useful in the transition phase or to run existing SW  The Docker Way  run a service per container  purists say a single process per container!
From a single container
To many containers  Two key drivers  Scalability  Microservices
Microservices Instead of big, monolitic, black-hole-like single app implement a network of collaborating simple services http://martinfowler.com/articles/microservices.html “a bit like SOA, but done right”  Componentization via Services  Organized around Business Capabilities  Products not Projects  Smart endpoints and dumb pipes  Decentralized Governance  Decentralized Data Management  Infrastructure Automation  Design for failure  Evolutionary Design It looks like Docker is a perfect match!
SOLID Design Principles  Apply @unclebobmartin S.O.L.I.D. principles to entire architecture  Separation of Concerns → microservices  Open for extension, Closed for modification → Immutable Infrastructure  never “change” a container: add a new one with the new version then discard the old one  http://blog.codeship.com/immutable­infrastructure/  Liskov Substitution Principle → APIs, service contracts  Interface Segregation Principle → micro-APIs  Dependency Inversion Principle → container linking
Linking containers  Run a DB  and give it a name docker run ­d ­­name db postgres:9.3.5  Run a Web server docker rm ­f carlobonamico/web  does not see the db  Run a Web Server linked to the DB  with automatic local dns alias registration docker run ­d ­P ­­link db:db carlobonamico/d­s­s­web
Principles of Package Design  How do I split functionality across Containers?  REP The Release Reuse Equivalency Principle  The granule of reuse is the granule of release  CCP The Common Closure Principle  Classes that change together are packaged together  CRP The Common Reuse Principle  Classes that are used together are packaged together  ADP The Acyclic Dependencies Principle  The dependency graph must have no cycles  SDP The Stable Dependencies Principle  Depend in the direction of stability  SAP The Stable Abstractions Principle  Abstractness increases with stability  Thank you again, Uncle Bob http://butunclebob.com/ArticleS.UncleBob.PrinciplesOfOod
Managing Development and Production clusters  Fig http://www.fig.sh/  create DEV environm.  fig.yml web: build: . command: catalina .sh run links: ­db ports: ­" 8000:8000" db: image: postgres  Then (think vagrant-up) fig up   open source  https://github.com/g ooglecloudplatform/k ubernetes  manage prod clusters  use it on Google Compute Engine  or download on premises
Ansible and Docker  So I do not need a configuration management system anymore?  Well, you still need to  Create images  Manage the Docker host  Ansible to the rescue!
Ansible  Simple yet incredibly powerful Open Source configuration management and orchestration tool  Infrastructure as data  http://www.slideshare.net/carlo.bonamico/infrastructu re­as­data­with­ansible­for­easier­continuous­deliver y  Ansible can support Docker in two ways  http://www.ansible.com/docker  1) Manage the docker host with docker module  e.g. create a container running Tomcat docker: image=centos command="service tomcat6 start" ports=808
Building Images with Ansible  2) Copy and launch ansible playbook in Dockerfile  http://www.ansible.com/2014/02/12/installing­and­buil ding­docker­with­ansible  https://github.com/CaptTofu/ansible­docker­presentati on  Use base image with ansible from https://registry.hub.docker.com/repos/ansible/ FROM ansible/ubuntu14.04­ansible MAINTAINER yourname RUN git clone http://github.com/user/myapp.git /tmp/myapp WORKDIR /tmp/myapp ADD inventory /etc/ansible/hosts RUN ansible­playbook myapp.yml ­c local EXPOSE 22 3000 ENTRYPOINT [“/home/app/tomcat/bin/catalina.sh run”]
So, where do I start?  Try the samples  https://github.com/carlobonamico/docker­simple­sample s  Great interactive tutorial at  https://docs.docker.com/  https://docs.docker.com/articles/dockerfile_best­prac tices/  Try Docker in the Cloud  with Koding ide  http://learn.koding.com/guides/what­is­docker/
References  Cloud architectures  http://sites.oreilly.com/odewahn/dds­field­guide/  http://12factor.net/  Microservices  https://skillsmatter.com/conferences/6312­mucon  http://douglassquirrel.com/microservices/  Distributions to put around and inside a container?  https://coreos.com/  Docker and Windows  http://weblogs.asp.net/scottgu/docker­and­microsoft­i ntegrating­docker­with­windows­server­and­microsoft­a zure
Thank you!  Other presentations  http://www.slideshare.net/carlo.bonamico/presentations  Follow me on Twitter  @carlobonamico  updates on Docker, Ansible, Continuous Delivery  and some AngularJS!  Contact me  carlo.bonamico@gmail.com / carlo.bonamico@nispro.it  My company  http://www.nispro.it
Running on Mac/Windows  Boot2docker  A minimalistic VM – just SSH + docker  http://boot2docker.io/  Download and launch the installer  https://github.com/boot2docker/windows­installer/ rele ases/latest  Launch docker Boot2Docker Start

Recommended

Infrastructure as Data with Ansible
Infrastructure as Data with AnsibleInfrastructure as Data with Ansible
Infrastructure as Data with Ansible
Carlo Bonamico
 
Real World AngularJS recipes: beyond TodoMVC
Real World AngularJS recipes: beyond TodoMVCReal World AngularJS recipes: beyond TodoMVC
Real World AngularJS recipes: beyond TodoMVC
Carlo Bonamico
 
Angular 1.x reloaded: improve your app now! and get ready for 2.0
Angular 1.x reloaded: improve your app now! and get ready for 2.0Angular 1.x reloaded: improve your app now! and get ready for 2.0
Angular 1.x reloaded: improve your app now! and get ready for 2.0
Carlo Bonamico
 
Testing cloud and kubernetes applications - ElasTest
Testing cloud and kubernetes applications - ElasTestTesting cloud and kubernetes applications - ElasTest
Testing cloud and kubernetes applications - ElasTest
Micael Gallego
 
Drone Continuous Integration
Drone Continuous IntegrationDrone Continuous Integration
Drone Continuous Integration
Daniel Cerecedo
 
Jenkins 101: Continuos Integration with Jenkins
Jenkins 101: Continuos Integration with JenkinsJenkins 101: Continuos Integration with Jenkins
Jenkins 101: Continuos Integration with Jenkins
All Things Open
 
Testing fácil con Docker: Gestiona dependencias y unifica entornos
Testing fácil con Docker: Gestiona dependencias y unifica entornosTesting fácil con Docker: Gestiona dependencias y unifica entornos
Testing fácil con Docker: Gestiona dependencias y unifica entornos
Micael Gallego
 
Improve your Java Environment with Docker
Improve your Java Environment with DockerImprove your Java Environment with Docker
Improve your Java Environment with Docker
HanoiJUG
 

Recommended

Infrastructure as Data with Ansible
Infrastructure as Data with AnsibleInfrastructure as Data with Ansible
Infrastructure as Data with Ansible
Carlo Bonamico
 
Real World AngularJS recipes: beyond TodoMVC
Real World AngularJS recipes: beyond TodoMVCReal World AngularJS recipes: beyond TodoMVC
Real World AngularJS recipes: beyond TodoMVC
Carlo Bonamico
 
Angular 1.x reloaded: improve your app now! and get ready for 2.0
Angular 1.x reloaded: improve your app now! and get ready for 2.0Angular 1.x reloaded: improve your app now! and get ready for 2.0
Angular 1.x reloaded: improve your app now! and get ready for 2.0
Carlo Bonamico
 
Testing cloud and kubernetes applications - ElasTest
Testing cloud and kubernetes applications - ElasTestTesting cloud and kubernetes applications - ElasTest
Testing cloud and kubernetes applications - ElasTest
Micael Gallego
 
Drone Continuous Integration
Drone Continuous IntegrationDrone Continuous Integration
Drone Continuous Integration
Daniel Cerecedo
 
Jenkins 101: Continuos Integration with Jenkins
Jenkins 101: Continuos Integration with JenkinsJenkins 101: Continuos Integration with Jenkins
Jenkins 101: Continuos Integration with Jenkins
All Things Open
 
Testing fácil con Docker: Gestiona dependencias y unifica entornos
Testing fácil con Docker: Gestiona dependencias y unifica entornosTesting fácil con Docker: Gestiona dependencias y unifica entornos
Testing fácil con Docker: Gestiona dependencias y unifica entornos
Micael Gallego
 
Improve your Java Environment with Docker
Improve your Java Environment with DockerImprove your Java Environment with Docker
Improve your Java Environment with Docker
HanoiJUG
 
Drone CI
Drone CIDrone CI
Drone CI
Thomas Boerger
 
Joomla Continuous Delivery with Docker
Joomla Continuous Delivery with DockerJoomla Continuous Delivery with Docker
Joomla Continuous Delivery with Docker
Jirayut Nimsaeng
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOps
Daniel Oh
 
Continuous integration / deployment with Jenkins
Continuous integration / deployment with JenkinsContinuous integration / deployment with Jenkins
Continuous integration / deployment with Jenkins
cherryhillco
 
Intro 2 docker
Intro 2 dockerIntro 2 docker
Intro 2 docker
HanoiJUG
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Docker, Inc.
 
Delivery Pipeline as Code: using Jenkins 2.0 Pipeline
Delivery Pipeline as Code: using Jenkins 2.0 PipelineDelivery Pipeline as Code: using Jenkins 2.0 Pipeline
Delivery Pipeline as Code: using Jenkins 2.0 Pipeline
Slawa Giterman
 
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
Daniel Oh
 
Building Jenkins Pipelines at Scale
Building Jenkins Pipelines at ScaleBuilding Jenkins Pipelines at Scale
Building Jenkins Pipelines at Scale
Julien Pivotto
 
2013 10-28 php ug presentation - ci using phing and hudson
2013 10-28 php ug presentation - ci using phing and hudson2013 10-28 php ug presentation - ci using phing and hudson
2013 10-28 php ug presentation - ci using phing and hudson
Shreeniwas Iyer
 
Node js
Node jsNode js
Node js
Fatih Şimşek
 
How to write a Dockerfile
How to write a DockerfileHow to write a Dockerfile
How to write a Dockerfile
Knoldus Inc.
 
Jenkins, pipeline and docker
Jenkins, pipeline and docker Jenkins, pipeline and docker
Jenkins, pipeline and docker
AgileDenver
 
Micronaut: A new way to build microservices
Micronaut: A new way to build microservicesMicronaut: A new way to build microservices
Micronaut: A new way to build microservices
Luram Archanjo
 
Brujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalabilityBrujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalability
Damien Coraboeuf
 
Continuous Integration With Jenkins Docker SQL Server
Continuous Integration With Jenkins Docker SQL ServerContinuous Integration With Jenkins Docker SQL Server
Continuous Integration With Jenkins Docker SQL Server
Chris Adkin
 
Maven beyond hello_world
Maven beyond hello_worldMaven beyond hello_world
Maven beyond hello_world
Gabriel Dogaru
 
Jenkins
JenkinsJenkins
Jenkins
penetration Tester
 
7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users
Jules Pierre-Louis
 
Dev ops using Jenkins
Dev ops using JenkinsDev ops using Jenkins
Dev ops using Jenkins
Synergetics Learning and Cloud Consulting
 
Continuous Security: Zap security bugs now Codemotion-2015
Continuous Security: Zap security bugs now Codemotion-2015Continuous Security: Zap security bugs now Codemotion-2015
Continuous Security: Zap security bugs now Codemotion-2015
Carlo Bonamico
 
Web Application Security Reloaded for the HTML5 era
Web Application Security Reloaded for the HTML5 eraWeb Application Security Reloaded for the HTML5 era
Web Application Security Reloaded for the HTML5 era
Carlo Bonamico
 

More Related Content

What's hot

Continuous integration / deployment with Jenkins
Continuous integration / deployment with JenkinsContinuous integration / deployment with Jenkins
Continuous integration / deployment with Jenkins
cherryhillco
 
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
Daniel Oh
 
2013 10-28 php ug presentation - ci using phing and hudson
2013 10-28 php ug presentation - ci using phing and hudson2013 10-28 php ug presentation - ci using phing and hudson
2013 10-28 php ug presentation - ci using phing and hudson
Shreeniwas Iyer
 
Jenkins, pipeline and docker
Jenkins, pipeline and docker Jenkins, pipeline and docker
Jenkins, pipeline and docker
AgileDenver
 

What's hot (20)

Drone CI
Drone CIDrone CI
Drone CI
 
Joomla Continuous Delivery with Docker
Joomla Continuous Delivery with DockerJoomla Continuous Delivery with Docker
Joomla Continuous Delivery with Docker
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOps
 
Continuous integration / deployment with Jenkins
Continuous integration / deployment with JenkinsContinuous integration / deployment with Jenkins
Continuous integration / deployment with Jenkins
 
Intro 2 docker
Intro 2 dockerIntro 2 docker
Intro 2 docker
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
 
Delivery Pipeline as Code: using Jenkins 2.0 Pipeline
Delivery Pipeline as Code: using Jenkins 2.0 PipelineDelivery Pipeline as Code: using Jenkins 2.0 Pipeline
Delivery Pipeline as Code: using Jenkins 2.0 Pipeline
 
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
 
Building Jenkins Pipelines at Scale
Building Jenkins Pipelines at ScaleBuilding Jenkins Pipelines at Scale
Building Jenkins Pipelines at Scale
 
2013 10-28 php ug presentation - ci using phing and hudson
2013 10-28 php ug presentation - ci using phing and hudson2013 10-28 php ug presentation - ci using phing and hudson
2013 10-28 php ug presentation - ci using phing and hudson
 
Node js
Node jsNode js
Node js
 
How to write a Dockerfile
How to write a DockerfileHow to write a Dockerfile
How to write a Dockerfile
 
Jenkins, pipeline and docker
Jenkins, pipeline and docker Jenkins, pipeline and docker
Jenkins, pipeline and docker
 
Micronaut: A new way to build microservices
Micronaut: A new way to build microservicesMicronaut: A new way to build microservices
Micronaut: A new way to build microservices
 
Brujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalabilityBrujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalability
 
Continuous Integration With Jenkins Docker SQL Server
Continuous Integration With Jenkins Docker SQL ServerContinuous Integration With Jenkins Docker SQL Server
Continuous Integration With Jenkins Docker SQL Server
 
Maven beyond hello_world
Maven beyond hello_worldMaven beyond hello_world
Maven beyond hello_world
 
Jenkins
JenkinsJenkins
Jenkins
 
7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users
 
Dev ops using Jenkins
Dev ops using JenkinsDev ops using Jenkins
Dev ops using Jenkins
 

Viewers also liked

Web Application Security Reloaded for the HTML5 era
Web Application Security Reloaded for the HTML5 eraWeb Application Security Reloaded for the HTML5 era
Web Application Security Reloaded for the HTML5 era
Carlo Bonamico
 
AngularJS Security: defend your Single Page Application
AngularJS Security: defend your Single Page Application AngularJS Security: defend your Single Page Application
AngularJS Security: defend your Single Page Application
Carlo Bonamico
 

Viewers also liked (14)

Continuous Security: Zap security bugs now Codemotion-2015
Continuous Security: Zap security bugs now Codemotion-2015Continuous Security: Zap security bugs now Codemotion-2015
Continuous Security: Zap security bugs now Codemotion-2015
 
Web Application Security Reloaded for the HTML5 era
Web Application Security Reloaded for the HTML5 eraWeb Application Security Reloaded for the HTML5 era
Web Application Security Reloaded for the HTML5 era
 
Layers box agder docker
Layers box agder dockerLayers box agder docker
Layers box agder docker
 
Docker AWS TechCONNECT Boston, 28-July-2015
Docker AWS TechCONNECT Boston, 28-July-2015Docker AWS TechCONNECT Boston, 28-July-2015
Docker AWS TechCONNECT Boston, 28-July-2015
 
Optimizing Docker Images
Optimizing Docker ImagesOptimizing Docker Images
Optimizing Docker Images
 
Docker
DockerDocker
Docker
 
Angular Rebooted: Components Everywhere
Angular Rebooted: Components EverywhereAngular Rebooted: Components Everywhere
Angular Rebooted: Components Everywhere
 
Docker on AWS OpsWorks
Docker on AWS OpsWorksDocker on AWS OpsWorks
Docker on AWS OpsWorks
 
Docker From Scratch
Docker From ScratchDocker From Scratch
Docker From Scratch
 
WebLogic im Docker Container
WebLogic im Docker ContainerWebLogic im Docker Container
WebLogic im Docker Container
 
Docker Architecture (v1.3)
Docker Architecture (v1.3)Docker Architecture (v1.3)
Docker Architecture (v1.3)
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Component Based UI Architectures for the Web
Component Based UI Architectures for the WebComponent Based UI Architectures for the Web
Component Based UI Architectures for the Web
 
AngularJS Security: defend your Single Page Application
AngularJS Security: defend your Single Page Application AngularJS Security: defend your Single Page Application
AngularJS Security: defend your Single Page Application
 

Similar to codemotion-docker-2014

Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant
Ricardo Amaro
 
Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant
Ricardo Amaro
 

Similar to codemotion-docker-2014 (20)

Docker Ecosystem on Azure
Docker Ecosystem on AzureDocker Ecosystem on Azure
Docker Ecosystem on Azure
 
Docker dDessi november 2015
Docker dDessi november 2015Docker dDessi november 2015
Docker dDessi november 2015
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
 
Docker intro
Docker introDocker intro
Docker intro
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
 
Agile Brown Bag - Vagrant & Docker: Introduction
Agile Brown Bag - Vagrant & Docker: IntroductionAgile Brown Bag - Vagrant & Docker: Introduction
Agile Brown Bag - Vagrant & Docker: Introduction
 
Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant
 
Hands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesHands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbies
 
Docker module 1
Docker module 1Docker module 1
Docker module 1
 
Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned
 
Docker navjot kaur
Docker navjot kaurDocker navjot kaur
Docker navjot kaur
 
Introduction To Docker
Introduction To DockerIntroduction To Docker
Introduction To Docker
 
Docker containers & the Future of Drupal testing
Docker containers & the Future of Drupal testing Docker containers & the Future of Drupal testing
Docker containers & the Future of Drupal testing
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
 
Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant
 
Docker and containers - Presentation Slides by Priyadarshini Anand
Docker and containers - Presentation Slides by Priyadarshini AnandDocker and containers - Presentation Slides by Priyadarshini Anand
Docker and containers - Presentation Slides by Priyadarshini Anand
 
Linux containers & Devops
Linux containers & DevopsLinux containers & Devops
Linux containers & Devops
 

More from Carlo Bonamico

Build Your Own Angular Component Library
Build Your Own Angular Component LibraryBuild Your Own Angular Component Library
Build Your Own Angular Component Library
Carlo Bonamico
 
AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013
AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013
AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013
Carlo Bonamico
 
Nasa World Wind For Java (by Fabrizio Giudici)
Nasa World Wind For Java (by Fabrizio Giudici)Nasa World Wind For Java (by Fabrizio Giudici)
Nasa World Wind For Java (by Fabrizio Giudici)
Carlo Bonamico
 

More from Carlo Bonamico (9)

Build Your Own Angular Component Library
Build Your Own Angular Component LibraryBuild Your Own Angular Component Library
Build Your Own Angular Component Library
 
Mobile HTML5 websites and Hybrid Apps with AngularJS
Mobile HTML5 websites and Hybrid Apps with AngularJSMobile HTML5 websites and Hybrid Apps with AngularJS
Mobile HTML5 websites and Hybrid Apps with AngularJS
 
AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013
AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013
AngularJS: How to code today with tomorrow tools - Codemotion Milan 2013
 
Infrastructure as Data with Ansible for easier Continuous Delivery
Infrastructure as Data with Ansible for easier Continuous DeliveryInfrastructure as Data with Ansible for easier Continuous Delivery
Infrastructure as Data with Ansible for easier Continuous Delivery
 
Is my Web Application secure? OWASP Top Ten Security Risks and Beyond...
Is my Web Application secure? OWASP Top Ten Security Risks and Beyond...Is my Web Application secure? OWASP Top Ten Security Risks and Beyond...
Is my Web Application secure? OWASP Top Ten Security Risks and Beyond...
 
Maven 2 in the real world
Maven 2 in the real worldMaven 2 in the real world
Maven 2 in the real world
 
Nasa World Wind For Java (by Fabrizio Giudici)
Nasa World Wind For Java (by Fabrizio Giudici)Nasa World Wind For Java (by Fabrizio Giudici)
Nasa World Wind For Java (by Fabrizio Giudici)
 
Continuous Integration With Hudson (and Jenkins)
Continuous Integration With Hudson (and Jenkins)Continuous Integration With Hudson (and Jenkins)
Continuous Integration With Hudson (and Jenkins)
 
Build Automation Tips
Build Automation TipsBuild Automation Tips
Build Automation Tips
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

codemotion-docker-2014

  • 1. MILAN november 28th/29th 2014 Carlo Bonamico Why everyone is excited about Docker (and you should too...) carlo.bonamico@nispro.it - NIS s.r.l. carlo.bonamico@gmail.com – Genova Java User Group Twitter: @carlobonamico
  • 2. Didn't you hear these at least once?  Can you deploy my application? It's for Linux...  Yes, but which distribution? release? patch?  Why the deploy failed? Didn't you test the app?  Yes, but the production environment is slightly different  The new version is having some issues, can you rollback to the previous one, please?  Yes, but it will take some hours – if John hasn't already gone home – in that case he'll do it on monday  Can you debug this production problem?  Yes, but I need an hosted DEV environment as I can't run all the needed VMs on my laptop
  • 3. In the beginning...  We moved from physical server to VMs  performance and resource usage issues  Got more security and hardware independence  but creating a VM still takes time  Some hosting / cloud providers took advantage of kernel-level virtualization  LXC  OpenVZ  But out-of-reach of the common man Dev  Try setting up LXC...
  • 4. Then in 2013 (please fake drum roll)  Solomon Hykes (@solomonstre) started Docker as an internal project within dotCloud.com hosting  to make Linux Containers an order of magnitude easier  and more powerful, too  Open Sourced in March 2013  in a week, it went to the top projects on GitHub  https://github.com/docker/docker  A catalyst for innovative work on containers  shortly, several other key projects converged
  • 5. Fast Forward to mid-2014  Major Open Source project with contributions from all the big names in IT  Google, RedHat, OpenShift, Ubuntu ...  DotCloud → Docker Inc.  https://www.docker.com/  All cloud big and small names are in a rush to provide Docker hosting  Amazon, CloudFoundry, Linode, Digital Ocean…  and Microsoft !  both for Azure and soon for the new Windows Server...
  • 6. But why should I join the party?  In short, Docker makes creating  Development  Test  and Production  environments an order of magnitude  simpler  faster  and completely portable  across both local and cloud infrastructure
  • 7. Docker hello world...  What's happening here? user@laptop:~$ docker pull ubuntu:14.04.1 user@laptop:~$ docker run ubuntu:14.04.1 echo "Hello World" Hello World  And here? user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@d1fa8fcb4518:/# python bash: python: command not found root@d1fa8fcb4518:/#
  • 8. Behind the scenes...  I run the docker cli (Command Line Interface ) user@laptop:~$ docker run ­t ­i ubuntu:14.04.1 /bin/bash  the CLI connects to docker daemon by REST API,  which asks the Linux kernel to create a new container d1fa8fcb4518  and runs /bin/bash in it, so root@d1fa8fcb4518:/# ls bin boot dev etc home lib lib64 media ...  lists the filesystem of the container (!= from host OS) root@d1fa8fcb4518:/# python bash: python: command not found
  • 9. So what's inside Docker?  Isolation layer based on kernel namespaces  separate process trees, network, user IDs and mounted file systems  Resource isolation through cgroups  CPU, memory, block I/O and network  Standard interface through libcontainer  based on libvirt, LXC and systemd-nspawn  And more...
  • 10. How are data & containers stored?  AUFS Another Union Filesystem  possibly other snapshotting fs (zfs) / block device (LVM)  Layered approach  rootfs → kernel layer  bootfs → a Linux distribution  emacs  apache  application  Copy-on-Write approach – à la subversion (SVN)
  • 11. Containers, Images and Index  A Container is a running instance  can run 100-1000 containers per host  An Image is a static snapshot  in turn based on a series of layers  unique hash for each layer, so  Images are basically versioned (think git)  can be tagged ubuntu:14.04.1  can be updated by applying layer deltas  Images can be stored in an Index  local and remote indexes (think maven / npm repos)
  • 12. So a container is like a lighter/better Virtual Machine? Well...
  • 13. VM vs Container  A Virtual Machine  needs an hypervisor  and a full OS inside  Bigger footprint  RAM needed  Storage space  Tend to be slower  2 filesystems, 2 OSes  Strong resource management  A Container  talks to the host kernel  Smaller footprint  no RAM needed for Guest OS  differential storage  Tend to be faster  direct CPU access  Less sophisticated resource management
  • 15. Great! but tell me about security  Are containers less secure than Vms?  the answer is nuanced...  https://docs.docker.com/articles/security/  Can I use Docker in Production?  Sure! many Internet companies trust it  But a container still needs good System Administration & InfoSec practices!  limiting privileges, avoiding unsecure defaults, etc...  http://www.slideshare.net/jpetazzo/docker­linux­conta iners­lxc­and­security  http://opensource.com/business/14/7/docker­security­s elinux Avoid This!
  • 17. Start with a dockerfile  Define an image for running Tomcat 7  inspired by https://registry.hub.docker.com/_/tomcat/ FROM java:7­jre RUN groupadd ­r tomcat && useradd ­r ­­create­home ­g tomcat tomcat ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH RUN mkdir ­p "$CATALINA_HOME" && chown tomcat:tomcat "$CATALINA_HOME" WORKDIR $CATALINA_HOME USER tomcat ENV TOMCAT_MAJOR 7 ENV TOMCAT_VERSION 7.0.57
  • 18. Dockerfiles - continued ENV TOMCAT_TGZ_URL https://www.apache.org/dist/tomcat/tomcat­$ TOMCAT_MAJ OR/v$TOMCAT_VERSION/bin/apache­tomcat­$ TOMCAT_VERSION .tar.gz RUN curl ­SL "$TOMCAT_TGZ_URL" ­o tomcat.tar.gz && curl ­SL "$TOMCAT_TGZ_URL.asc" ­o tomcat.tar.gz.asc && tar ­xvf tomcat.tar.gz ­­strip­components= 1 && rm bin/*.bat && rm tomcat.tar.gz* EXPOSE 8080 CMD ["catalina.sh", "run"]  Public repo of Dockerfiles, with automatic build  http://dockerfile.github.io/
  • 19. Building an image  Build the image from the Dockerfile docker build .  You can then do further edits, then docker build .  And archive the image locally docker commit 38b73dfecc3c docker­simple­samples­web  And tag it docker tag 47432ccfea81 docker­simple­samples­web: 1.0  List local images docker images
  • 20. Starting a container  Start a container interactively docker run ­i ­t docker­simple­samples­web /bin/bash  Start a container as a daemon  using defaul entrypoint docker run ­d docker­simple­samples­web: 1.0  Check running containers docker ps  And stopping it  docker stop <<id>>  Check also stopped containers docker ps ­a
  • 21. Attaching to a running container  Using nsenter docker inspect ­­format "{{ .State.Pid }}" determined_bardeen nsenter ­­target $PID ­­mount ­­uts ­­ipc ­­net ­­pid
  • 22. Storing and Sharing data  Creating a Container to host a data Volume #Dockerfile FROM busybox VOLUME /var/lib/mysql CMD /bin/sh  Create the Image docker build ­­tag carlobonamico/datastore  Create the Container docker run ­d ­name pgsql_data ­v /var/lib/pgsql/ carlobonamico/datastore  Attach the volume to another container docker run ­d ­volumes­from pgsql_data cb/postgres­db
  • 23. Publishing  To the Central Registry docker push carlobonamico/docker­simple­samples­web  need a free account on https://hub.docker.com/  Tag and publish to a private repository  docker tag 8dbd9e392a96 my­local­repo: 5000/docker­simple­samples­web  You need  https://github.com/docker/docker­registry
  • 24. Deploy to the cloud  On cloud server docker pull carlobonamico/docker­simple­samples­web: 2  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2  Upgrade it docker pull carlobonamico/docker­s... ­samples­web: 2.1  Run it docker run ­d carlobonamico/docker­s... ­samples­web: 2.1  Rollback to previous version docker run ­d carlobonamico/docker­s... ­samples­web: 2
  • 25. So what do I get?  If I am a Dev  recreate complex environments on a laptop  If I am a Tester  easy to recreate applications deployments and data  If I am an Ops person  less configuration effort  more standardization  In general  lots of pre-packaged components  https://registry.hub.docker.com/  quickly deploy (groups of) packages  even multiple versions at the same time But many other benefits to come...
  • 26. Docker and DevOps DevOps is a software development method that stresses communication, collaboration and integration between software developers and IT professionals, as a response to the interdependence of Dev and Ops.  http://en.wikipedia.org/wiki/DevOps  Docker gives a common, seamless collaboration model and workflow between Dev and Ops  clearer separation of responsibilities  Docker and DevOps by Gene Kim  https://www.youtube.com/watch?v=SaHbtEeu37M
  • 27. Docker helps Continuous Delivery Continuous Delivery of value to users through a constant flow of incremental product/service improvements along the entire pipeline Idea → Implementation → Test → Deploy → Prod http://continuousdelivery.com/  4 Practices of Continuous Delivery (from the book)  Build binaries only once  package them in containers  Same mechanism to deploy to every environment  and move the containers across environments  Smoke test your deployment, & If anything fails, stop the line!
  • 28. Docker helps with CD's 8 principles  Releasing/deploying MUST be repeatable and reliable  containers  Automate everything!  docker is fully scriptable and has an API  If somethings difficult or painful, do it more often  containers are quick to deploy many times a day  Keep everything in source control  including dockerfiles!  Done means “released”  it's containers all the way to production  Build quality in!  containers support frequent and realistic testing  Everybody has responsibility for the release process  see DevOps slide...  Improve continuously
  • 29. What do I put in a Docker image?  The traditional Way  VM-like approach  SSH, init.d  several apps in the same container  http://phusion.github.io/baseimage-docker/  https://registry.hub.docker.com/u/phusion/baseimage/  Useful in the transition phase or to run existing SW  The Docker Way  run a service per container  purists say a single process per container!
  • 30. From a single container
  • 31. To many containers  Two key drivers  Scalability  Microservices
  • 32. Microservices Instead of big, monolitic, black-hole-like single app implement a network of collaborating simple services http://martinfowler.com/articles/microservices.html “a bit like SOA, but done right”  Componentization via Services  Organized around Business Capabilities  Products not Projects  Smart endpoints and dumb pipes  Decentralized Governance  Decentralized Data Management  Infrastructure Automation  Design for failure  Evolutionary Design It looks like Docker is a perfect match!
  • 33. SOLID Design Principles  Apply @unclebobmartin S.O.L.I.D. principles to entire architecture  Separation of Concerns → microservices  Open for extension, Closed for modification → Immutable Infrastructure  never “change” a container: add a new one with the new version then discard the old one  http://blog.codeship.com/immutable­infrastructure/  Liskov Substitution Principle → APIs, service contracts  Interface Segregation Principle → micro-APIs  Dependency Inversion Principle → container linking
  • 34. Linking containers  Run a DB  and give it a name docker run ­d ­­name db postgres:9.3.5  Run a Web server docker rm ­f carlobonamico/web  does not see the db  Run a Web Server linked to the DB  with automatic local dns alias registration docker run ­d ­P ­­link db:db carlobonamico/d­s­s­web
  • 35. Principles of Package Design  How do I split functionality across Containers?  REP The Release Reuse Equivalency Principle  The granule of reuse is the granule of release  CCP The Common Closure Principle  Classes that change together are packaged together  CRP The Common Reuse Principle  Classes that are used together are packaged together  ADP The Acyclic Dependencies Principle  The dependency graph must have no cycles  SDP The Stable Dependencies Principle  Depend in the direction of stability  SAP The Stable Abstractions Principle  Abstractness increases with stability  Thank you again, Uncle Bob http://butunclebob.com/ArticleS.UncleBob.PrinciplesOfOod
  • 36. Managing Development and Production clusters  Fig http://www.fig.sh/  create DEV environm.  fig.yml web: build: . command: catalina .sh run links: ­db ports: ­" 8000:8000" db: image: postgres  Then (think vagrant-up) fig up   open source  https://github.com/g ooglecloudplatform/k ubernetes  manage prod clusters  use it on Google Compute Engine  or download on premises
  • 37. Ansible and Docker  So I do not need a configuration management system anymore?  Well, you still need to  Create images  Manage the Docker host  Ansible to the rescue!
  • 38. Ansible  Simple yet incredibly powerful Open Source configuration management and orchestration tool  Infrastructure as data  http://www.slideshare.net/carlo.bonamico/infrastructu re­as­data­with­ansible­for­easier­continuous­deliver y  Ansible can support Docker in two ways  http://www.ansible.com/docker  1) Manage the docker host with docker module  e.g. create a container running Tomcat docker: image=centos command="service tomcat6 start" ports=808
  • 39. Building Images with Ansible  2) Copy and launch ansible playbook in Dockerfile  http://www.ansible.com/2014/02/12/installing­and­buil ding­docker­with­ansible  https://github.com/CaptTofu/ansible­docker­presentati on  Use base image with ansible from https://registry.hub.docker.com/repos/ansible/ FROM ansible/ubuntu14.04­ansible MAINTAINER yourname RUN git clone http://github.com/user/myapp.git /tmp/myapp WORKDIR /tmp/myapp ADD inventory /etc/ansible/hosts RUN ansible­playbook myapp.yml ­c local EXPOSE 22 3000 ENTRYPOINT [“/home/app/tomcat/bin/catalina.sh run”]
  • 40. So, where do I start?  Try the samples  https://github.com/carlobonamico/docker­simple­sample s  Great interactive tutorial at  https://docs.docker.com/  https://docs.docker.com/articles/dockerfile_best­prac tices/  Try Docker in the Cloud  with Koding ide  http://learn.koding.com/guides/what­is­docker/
  • 41. References  Cloud architectures  http://sites.oreilly.com/odewahn/dds­field­guide/  http://12factor.net/  Microservices  https://skillsmatter.com/conferences/6312­mucon  http://douglassquirrel.com/microservices/  Distributions to put around and inside a container?  https://coreos.com/  Docker and Windows  http://weblogs.asp.net/scottgu/docker­and­microsoft­i ntegrating­docker­with­windows­server­and­microsoft­a zure
  • 42. Thank you!  Other presentations  http://www.slideshare.net/carlo.bonamico/presentations  Follow me on Twitter  @carlobonamico  updates on Docker, Ansible, Continuous Delivery  and some AngularJS!  Contact me  carlo.bonamico@gmail.com / carlo.bonamico@nispro.it  My company  http://www.nispro.it
  • 43. Running on Mac/Windows  Boot2docker  A minimalistic VM – just SSH + docker  http://boot2docker.io/  Download and launch the installer  https://github.com/boot2docker/windows­installer/ rele ases/latest  Launch docker Boot2Docker Start