4. Many Targets
Your local development environment
Your coworkers' development environment
Your Q&A team's test environment
Some random demo/test server
The staging server(s)
The production server(s)
Bare metal
Virtual machines
Shared hosting
12. Linux Containers (LXC)
• Units of software delivery (ship it!)
• Run everywhere
– Regardless of kernel version
– Regardless of host distro
– (but container and host architecture must match*)
• Run anything
– If it can run on the host, it can run in the container
– i.e., if it can run on a Linux kernel, it can run
13. What are Linux Containers exactly?
High level approach: it's a lightweight VM
• Own process space
• Own network interface
• Can run stuff as root
• Can have its own /sbin/init
(different from the host)
14. What are Linux Containers exactly?
Low level approach: it's chroot on steroids
• Can also not have its own /sbin/init
• Container = isolated process(es)
• Share kernel with host
15. Containers Implementation History
Different OS Implement Differently
• Unix – chroot (1979)
• FreeBSD – jails
• Solaris 11 – zones
• HP-UX containers
• IBM AIX workload partitions.
• Linux - LXC
16. Docker
• Docker is an open source project
• Systematic way to automate the faster deployment of Linux
applications inside portable containers
• Docker extends LXC with a kernel-and application-level API that
together run processes in isolation: CPU, memory, I/O, network
• Docker containers are created using base images
22. How Docker Works
• You can build Docker images that hold your applications
• You can create Docker containers from those Docker images to run
your applications.
• You can share those Docker images via Docker Hub or your own
registry
23. Docker File
• Like a Makefile (shell script with keywords)
• Extends from a Base Image
• Results in a new Docker Image
• A Docker file lists the steps needed to build an images
• docker build is used to run a Docker file
• Can define default command for docker run, ports to expose, etc
25. Some Docker Cmds
docker run => Create a new container
docker stop => Stop a running container
docker start => Start an existing container
docker restart => Restart an existing container
docker ps => List existing containers
docker inspect => Get low-level container/image information
docker rm => Delete an existing container
docker exec => Run a command in a running container
29. Kubernetes
POD = Group of tightly coupled containers
▸ Various services composing an application
▸ All containers always scheduled on same node
▸ Unique IP address per POD
▸ Do not reschedule themselves
CONTROLLER = Implements the control loop
▸ Ensures desired # of pods are running
32. Kubernetes Services
▸ Logical abstraction for a set of pods
▸ Label selector express which pods implement a given service
▸ Defines a public endpoint similar to a Virtual IP
▸ exposes 1 or more TCP/UDP ports
▸ Forwards requests to pods through DNAT (Destination NAT)
34. Kubernetes LABELS AND SELECTORS
▸ Labels: metadata (key/value pairs) applied to resources
▸ Examples:
environment = { dev | qa | staging | prod}
network_qos = { standard | premium | guaranteed }
35. Containers, docker, and Kubernetes seem to have
Sparked the hope of a universal Cloud application and
Deployment technology.
Conclusion
36. • Containers and Cloud: From LXC to Docker to Kubernetes –DAVID BERNSTEIN
• www.docker.com
• www.kubernetes.com
• P. Mell and T. Grance, The NIST Definition of Cloud Computing: Recommendations
of the National Institute of Standards and Technology, NIST Special Publication
800-145, 2011.
References