Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere. This is the presentation which was shown in December 2014 for the "Tour de France" in Paris, Lille, Lyon, Nice...

1. #dockertour

2. Docker
December 2014—Docker 1.3

3. @jpetazzo
● Wrote dotCloud PAAS deployment tools
– EC2, LXC, Puppet, Python, Shell, ØMQ...
● Docker contributor
– Security, Networking...
● Runs all kinds of crazy things in Docker
– Docker-in-Docker, VPN-in-Docker,
KVM-in-Docker, Xorg-in-Docker...

4. Agenda
● What is Docker and Why it matters
● What are containers
● The Docker ecosystem (Engine, Hub, etc.)
● How to get started with Docker

5. What
is Docker
Why
it matters

6. Deploy everything
● Webapps
● Backends
● SQL, NoSQL
● Big data
● Message queues
● … and more

7. Deploy almost everywhere
● Linux servers
● VMs or bare metal
● Any distro
● Kernel 3.8+ (or RHEL 2.6.32)
Currently: focus on x86_64.
(But people reported success on arm.)

8. Deploy almost* everywhere

9. Deploy reliably & consistently

11. Deploy reliably & consistently
● If it works locally, it will work on the server
● With exactly the same behavior
● Regardless of versions
● Regardless of distros
● Regardless of dependencies

12. Deploy efficiently
● Containers are lightweight
– Typical laptop runs 10-100 containers easily
– Typical server can run 100-1000 containers
● Containers can run at native speeds
– Lies, damn lies, and other benchmarks:
http://qiita.com/syoyo/items/bea48de8d7c6d8c73435
http://www.slideshare.net/BodenRussell/kvm-and-docker-lxc-benchmarking-with-openstack

13. Infiniband throughput and latency:
no difference at all

14. Booting 15 OpenStack VMs:
KVM vs Docker

15. Memory speed:
Bare Metal vs Docker vs KVM

16. Is there really
no overhead at all?
● Processes are isolated,
but run straight on the host
● Code path in containers
= code path on native
● CPU performance
= native performance
● Memory performance
= a few % shaved off for (optional) accounting
● Network and disk I/O performance
= small overhead; can be reduced to zero

17. Should we get rid
of
Virtual Machines?

18. No

19. NoNot yet

20. OK, but
what is
Docker?

21. Docker Engine
+ Docker Hub
= Docker Platform

22. The Docker
Engine runs
containers.

23. OK, but
what is a
container?

24. High level approach:
it's a lightweight VM
● Own process space
● Own network interface
● Can run stuff as root
● Can have its own /sbin/init
(different from the host)
« Machine Container »

25. Low level approach:
it's chroot on steroids
● Can also not have its own /sbin/init
● Container = isolated process(es)
● Share kernel with host
● No device emulation (neither HVM nor PV)
« Application Container »

26. Stop.
Demo time.

28. How does it work?
Isolation with namespaces
● pid
● mnt
● net
● uts
● ipc
● user

29. How does it work?
Isolation with cgroups
● memory
● cpu
● blkio
● devices

30. Alright, I get this.
Containers = nimble Vms.
Let's just tell the CFO,
and get back to work!

32. What happens when
something becomes
10-100x cheaper?

33. Random example:
testing
● Project X has 100 unit tests
● Each test needs a pristine SQL database

34. Random example:
testing
● Project X has 100 unit tests
● Each test needs a pristine SQL database
● Plan A: spin up 1 database, clean after each use
– If we don't clean correctly, random tests will fail
– Cleaning correctly can be expensive (e.g. reload DB)

35. Random example:
testing
● Project X has 100 unit tests
● Each test needs a pristine SQL database
● Plan B: spin up 100 databases
– … in parallel: needs too much resources
– … one after the other: takes too long

36. Random example:
testing
● Project X has 100 unit tests
● Each test needs a pristine SQL database
● Plan C: spin up 100 databases in containers
– fast, efficient (no overhead, copy-on-write)
– easy to implement without virtualization black belt

38. Containers
make testing
(and many other things)
way easier

39. Docker's
Entourage

40. Docker: the cast
● Docker Engine
● Docker Hub
● Docker, the community
● Docker Inc, the company

41. Docker Engine
● Open Source engine to commoditize LXC
● Uses copy-on-write for quick provisioning
● Written in Go, runs as a daemon, comes with a CLI
● Everything exposed through a REST API
● Allows to build images in standard, reproducible way
● Allows to share images through registries
● Defines standard format for containers
(stack of layers; 1 layer = tarball+metadata)

42. … Open Source?
● Nothing up the sleeve, everything on the table
– Public GitHub repository: https://github.com/docker/docker
– Bug reports: GitHub issue tracker
– Mailing lists: docker-user, docker-dev (Google groups)
– IRC channels: #docker, #docker-dev (Freenode)
– New features: GitHub pull requests (see CONTRIBUTING.md)
– Docker Governance Advisory Board (elected by contributors)

43. Docker Hub
Collection of services to make Docker more useful.
● Public registry
(push/pull your images for free)
● Private registry
(push/pull secret images for $)
● Automated builds
(link github/bitbucket repo; trigger build on commit)
● More to come!

44. Docker, the community
● >700 contributors
● ~20 core maintainers
● >40,000 Dockerized projects on GitHub
● >60,000 repositories on Docker Hub
● >25000 meetup members,
>140 cities, >50 countries
● >2,000,000 downloads of boot2docker

45. Docker Inc, the company
● Headcount: ~70
● Led by Open Source veteran Ben Golub
(GlusterFS)
● Revenue:
– t-shirts and stickers featuring the cool blue whale
– SAAS delivered through Docker Hub
– Support & Training

46. First steps
with Docker

47. One-time setup
● On your dev env (Linux, OS X, Windows)
– boot2docker (25 MB VM image)
– Natively (if you run Linux)
● On your servers (Linux)
– Packages (Ubuntu, Debian, Fedora, Gentoo, Arch...)
– Single binary install (Golang FTW!)
– Easy provisioning on Azure, Rackspace, Digital Ocean...
– Special distros: CoreOS, Project Atomic

48. Authoring images
with a Dockerfile

49. FROM ubuntu:14.04
RUN apt-get update
RUN apt-get install -y nginx
RUN echo 'Hi, I am in your container!'
>/usr/share/nginx/html/index.html
CMD nginx -g "daemon off;"
EXPOSE 80
docker build -t jpetazzo/staticweb .
docker run -P jpetazzo/staticweb

51. FROM ubuntu:12.04
RUN apt-get -y update
RUN apt-get install -y g++
RUN apt-get install -y erlang-dev erlang-base-hipe ...
RUN apt-get install -y libmozjs185-dev libicu-dev libtool ...
RUN apt-get install -y make wget
RUN wget http://.../apache-couchdb-1.3.1.tar.gz
| tar -C /tmp -zxf-
RUN cd /tmp/apache-couchdb-* && ./configure && make install
RUN printf "[httpd]nport = 8101nbind_address = 0.0.0.0"
> /usr/local/etc/couchdb/local.d/docker.ini
EXPOSE 8101
CMD ["/usr/local/bin/couchdb"]
docker build -t jpetazzo/couchdb .

52. FROM debian:jessie
RUN apt-get -y update
RUN apt-get install -y python-pip
RUN mkdir /src
WORKDIR /src
ADD requirements.txt /src
RUN pip install -r requirements.txt
ADD . /src
RUN python setup.py install

53. Running
multiple
containers

55. Fig
● Run your stack with one command: fig up
● Describe your stack with one file: fig.yml
● Example: run a (one node) Mesos cluster
– Mesos master
– Mesos slave
– Volt framework

56. master:
image: redjack/mesos-master
command: mesos-master --work_dir=/mesos
ports:
- 5050:5050
slave:
image: redjack/mesos-slave
links:
- master:master
command: mesos-slave --master=master:5050 --containerizers=docker,mesos
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/bin/docker
volt:
image: volt/volt
links:
- master:master
command: --master=master:5050
ports:
- 8080:8080

57. Do you even
Chef?
Puppet?
Ansible?
Salt?

59. Summary
With Docker, I can:
● put my software in containers
● run those containers anywhere
● write recipes to automatically build containers
● use Fig to effortlessly start stacks of containers

60. Thank you! Questions?
http://docker.com/
@docker
@jpetazzo
#dockertour