Diving into docker

WikiToLearn India Conference 2017




Amit Kumar Jaiswal
amitkumarj441@gmail.com



@amitkumarj441 {github}
@AMIT_GKP {twitter}

THE HYPE


DOCKER JOURNEY FROM MARCH 2013

  • >300,000 pulls
  • >38,000 github stars
  • >1,500 significant contributors
  • >300 projects built on top of docker
  1. UIs, mini-Paas, Remote Desktop, CryptoMiners...
  • >2,000's of Dockerized applications
  1. Memcached, Redis, Node.js, Hadoop, Blockchain...
  • >Integration in Jenkins, Travis, Chef, Puppet, Vagrant and OpenStack

WHAT IS DOCKER?




Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application.

LIGHTWEIGHT


Based on Linux containers

Minimal overhead (cpu/io/network)

Uses layered filesystem to save space (AUFS/LVM)

Uses a copy-on-write filesystem to track changes

Portable


Can run on any Linux system that supports LXC (today). 

Docker 1.13.0 release includes support for DEB/RPM builder, Windows Server 2016.

Raspberry pi2 support.

Future plans to support other container tools (lmctfy, etc.)

Possible future support for other operating systems (RedHat 7.3, Antegros)

Self-sufficient



A Docker container contains everything it needs to run:

  • Minimal Base OS
  • Libraries and frameworks
  • Application code

A docker container should be able to run anywhere that Docker can run. 

DOCKER ARCHITECTURE

Docker Key Components


  • Images
  • Container
  • Docker Hub
DOCKER IS A CONTAINER SYSTEM FOR CODE

DOCKER ELIMINATES THE MATRIX FROM HELL




"I once heard that hypervisors are the living proof of operating system's incompetence"


        Glauber Costa/LinuxCon 2012

PROCESS VIRTUALIZATION

  •  1979-1982 UNIX chroot
  •  1998 FreeBSD jail
  •  2001 Parallels Virtuozzo
  •  2001 Linux-VServer
  •  2005 Solaris Containers
  •  2005 OpenVZ
  •  2008 Linux LXC
  •   2007+ PAAS:
       Heroku, Joyent, CloudFoundry
  •  2013 Docker

 

RUNNING DOCKER

PULLING an image

RUNNING CONTAINERS

Performance

 Startup under .5 sec
less than 5% penalty
less than 5% difference

COMMITTING CHANGES

 

IMAGES ARE A DAG

IMMUTABLE SERVERS


With all this virtualization, why do we still manage virtual servers like mainframes?


Modern systems have a ridiculous amount of configuration state (packages, settings, etc.).


We try to manage state with tools like CFEngine, Chef, & Puppet (or via massive amounts of labor).      


The current immutable server practice in is to use Chef/Puppet to build OS images and deploy them to a cloud.


 



IMMUTABLE SERVERS


Physical server lifetime is measured in years.


A container's lifetime can only be a few seconds.


Treat containers like a build artifact. 


If you need to make changes, build a new container.

Dockerfiles




Dockerfiles


Build a uWSGI Container


SUMMARY


  •  Easy to build, run & share containers

  •  Rapidly expanding ecosystem

  •  Better performance vs. VMs

  •  Layered filesystem gives us git-like control of images.

  •  Reduces complexity of system builds



THE FUTURE IS EXCITING


     Lean base operating systems optimized for containers. (CoreOS)
       

      New operational models:

        •  Automated routing
        •  Distributed consensus (Paxos, Raft)
        •  Service Discovery
        •  Software Defined Networking
        •  Distributed scheduling (Mesos)

        ONE LAST THING



        today:
        WANT TO LEARN MORE ABOUT DOCKER??


        Made with Slides.com