- 2014-07:
  Update dockerfile for demo app
  Fix type in demo code
  Fix images after docker site update

- 2014-04: 
  Initial release for SID

LXC is a userspace interface for the Linux 

kernel containment features.

https://linuxcontainers.org

• started by Google in 2006 
  
• merged into kernel version 2.6 in 2007
  
• many improvements since
• stable since kernel version 3.8 in 2013

• host provides kernel + core
• filesystem, network, etc are shared
• but you control what and how you share

• filesystem: read only, read write, share, slave, private
• networking: root, bridge, socket activation
• process: ps
• etc

• I/O: limit reads / writes
• CPU: limit CPU usage
• Memory: limit total memory available 

• processes are isolated BUT run on the host
• CPU = native performance
• Memory = almost native performance
• Networking = small overhead
• I/O = small overhead

• LXC != lightweight VM
• run on host but still isolated
• share kernel + core
• share resources
• not portable
• specific configurations

pack, ship and run any application 

as a lightweight container.

https://www.docker.io

• encapsulate anything & its dependencies
• run on virtually and hardware
• resource, network & content isolation
  
• standard operations: stop, start, etc
• lightweight
• quick to move and manipulate
• repository
• versioning
• automation

 $ boot2docker init $ boot2docker up Starting boot2docker-vm... Started.

 $ docker run ubuntu:latest /bin/echo hello world
 hello world $ docker ps -a

 $ docker run -d ubuntu:latest /bin/sh -c "while true; do echo ping; sleep 1; done" bd45aacc39 $ docker ps
 $ docker attach bd45aacc39 $ docker logs bd45aacc39

• node.js & npm must be installed
• express is installed with npm
• only 2 files (available on github)

 $ git clone https://github.com/meier-christoph/sid-docker-demo-app.git $ cd sid-docker-demo-app $ npm install $ node app

• instructions for provisioning
• base image
• libraries & applications
• process to run
• resources (exposed and/or required)

 $ docker build -t meierc/sid-docker-demo-app . $ docker images

 $ docker run -d -p 8080:8888 meierc/sid-docker-demo-app

 $ boot2docker ssh -L 8080:localhost:8080

 $ docker login $ docker push meierc/sid-docker-demo-app

 $ docker run -d -r 8080:8888 meierc/sid-docker-demo-app

• build images in layers !!!
• use tags !!!
• don't use 'latest'
• don't use apt-get upgrade

• container logs
• monitoring in general
• container linking
• container versioning

• containers made easy
• repeatable builds
• portable containers
• re-use images / layers
• public and private repositories
• standard interface for ops (stop, start, etc)

What's CoreOS ?

• kernel & core
• ~160MB RAM
• fast boot time
• no package manager
• read only
• docker
• etcd
• systemd
• fleet
• cloud-config

• download entire image of update
• install in offline root partition
• restart on new root partition
• previous images is still available for easy rollback

• all libraries and dependencies are in the container
• no more version conflicts or side effects
• install app = run new container
• update app = update container
• fast, only a few seconds
• easy to test
• easy to rollback

• master election
• distributed by raft protocol
• > 1000 writes / second
• easy listen for changes
• store configurations
• connection details
• etc.

• units = lifecycle
• service = app
• target = run level

[Unit]
Description=My Advanced Service
After=etcd.service
After=docker.service

[Service]
ExecStart=/bin/bash -c '/usr/bin/docker start -a apache || /usr/bin/docker run -name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND'
ExecStartPost=/usr/bin/etcdctl set /domains/example.com/10.10.10.123:8081 running
ExecStop=/usr/bin/docker stop apache
ExecStopPost=/usr/bin/etcdctl rm /domains/example.com/10.10.10.123:8081

[Install]
WantedBy=multi-user.target

• deploy container on arbitrary host
• distribute services across cluster
• multiple instances of same service
• re-schedule on failure
• systemd + extra fields

subgun-http.1.service

[X-Fleet]
X-Conflicts=subgun-http.*.service

subgun-presence.1.service

[X-Fleet]
X-ConditionMachineOf=subgun-http.1.service

• makes adding hosts to the cluster easy
• configure once, use everywhere
• all hosts are identical
• easy to maintain

#cloud-config

coreos:
    etcd:
        name: node001
        discovery: https://discovery.etcd.io/<token>
        addr: $private_ipv4:4001
        peer-addr: $private_ipv4:7001    units:
        - name: etcd.service
          command: start
        - name: fleet.service
          command: start

• next generation OS
• distributed
• easy updates
• easy to configure

Things to improve

• etcd integration
• configd
• fig