Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Luciano Fiandesio - Docker 101 | Codemotion Milan 2015

452 vues

Publié le

Containers are a technology that will take over infrastructure management in next few years and it is absolutely important to anyone involved in software delivery automation and maintenance to understand the principles behind it and know how to use it. This workshop offers an introduction to Linux containers using the predominant technology, Docker. The following topics will be covered: - A bit of history (LXC Containers, Docker, other players) - Setting up your environment - Docker daemon and client - Image vs. container - Docker registry - Container orchestration - Docker use cases

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Luciano Fiandesio - Docker 101 | Codemotion Milan 2015

  1. 1. DOCKER101 FROM0TODOCKERIN30MINUTES /Luciano Fiandesio @ishipsoftware
  2. 2. WHO'SLUCIANO Generalist 25 years of software development Consulting on lightweight approach to software factory Author of "Groovy 2 Cookbook" for Packt Dad github: https://github.com/luciano­ fiandesio
  3. 3. ABOUTYOU
  4. 4. AGENDA What is Docker Docker components Live Demo Additional resources
  5. 5. DOCKERSTATS 25.000 Github stars 425M+ Docker Engine downloads 100.000+ Dockerized applications on Docker Hub 180+ Docker Meetup Groups in 50 countries 950 community contributors 50.000 3rd party projects on Github using Docker in PAAS, OS, CI etc.
  6. 6. WHATISDOCKER? Docker vs. Virtualization
  7. 7. THISISWHATMAKESDOCKERSO POWERFUL
  8. 8. LXCCONTAINERS Available in modern kernels since 2008 Generically isolates resource usage (CPU, memory, disk, network) Guarantee resources to app/set of apps Can be adjusted on the fly Can monitor the cgroup itself to see utilization
  9. 9. KERNELNAMESPACES Isolating views of the system Can make a process think it’s the only process Built-in way to "virtualize" a process
  10. 10. KERNELNAMESPACES mnt (mount points, filesystem) pid (processes) net (network stack) ipc (inter-process comms) uts (hostname) user (UIDs)
  11. 11. CGROUPS-CONTROLGROUPS Built into Kernel Generically isolates resource usage (CPU, memory, disk, network) Guarantee resources to app/set of apps Can be adjusted on the fly Can monitor the cgroup itself to see utilization
  12. 12. WHATABOUTPERFORMANCES? Processes are isolated, but run directly on the host CPU - native performance Memory - a few % required for bean keeping Network - small overhead, can be reduced to 0
  13. 13. TORECAP Content Agnostic Hardware Agnostic Content Isolation Automation Highly Efficient Separation of Concerns
  14. 14. DOCKERCONCEPTS
  15. 15. DOCKERENGINE Docker is a simple client/server application A Docker client talks to a Docker daemon, which execute the work Docker executables are written in Go The Docker daemon also exposes a RESTFul API Both client and server must be executed as root!
  16. 16. DOCKERIMAGES Read-only templates from which containers are launched from Each image consists of a series of layers using the Union File System When an image gets modified, a new layer is created Docker can also use additional file systems
  17. 17. HOWDOESANIMAGELOOKLIKE? First the bootfs is loaded Then, the root fs is mounted (Ubuntu, etc) in read only mode The remaining layers are mounted Thanks to the UnionFS, the layers look like one FS Finally, when the container is launched, Docker mounts a read- write layer
  18. 18. THINKOFIMAGESARETHESOURCE CODEOFYOURCONTAINERS!
  19. 19. DOCKERCONTAINERS A container is started from an image, which may be locally created, cached locally, or downloaded from a registry It "looks & feels" like a VM Ridicolously fast boot time Low resource usage
  20. 20. CONTAINERS-GOODTOKNOW Containers are meant to run a single process Decouple applications into separate containers — one for each process Don’t install unnecessary packages: smaller images! Build containers that are easy to replace
  21. 21. DOCKERFILES Image representations Simple syntax for describing an image Automate and script the image creation Easy to learn (looks like Shell!) Fast and reliable
  22. 22. DOCKERFILEEXAMPLE # Version: 0.0.1 FROM ubuntu:14.04 MAINTAINER Rocky Balboa "rocky@gmail.com" RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 RUN echo 'deb http://download-distro.mongodb.org/repo/ubuntu-upstart dis RUN apt-get update # note the -y flag, for non interactive RUN apt-get install -y mongodb-org RUN mkdir -p /data/db # This mongo instance will run in a container # so it must be configured to accept connections from foreign hosts RUN echo "bind_ip = 0.0.0.0" >> /etc/mongdodb.conf EXPOSE 27017 # Set the default command for this image CMD ["mongod"]
  23. 23. Build the image docker build -t="balboa/mongo" .
  24. 24. DOCKERREGISTRY Application dedicated to the storage and distribution of your Docker images Useful when a company wants to share images internally Docker offers a commercial version, named "Docker Trusted Registry"
  25. 25. DOCKERHUB A cloud hosted service from Docker that provides registry capabilities for public and private content. Useful for sharing images at large or collaborating withing a team Useful for automation workflows
  26. 26. DOCKERMACHINE A tool to simplify the automatic creation, configuration and management of Docker- enabled machines, wheter they are VMs running locally in Virtualbox or in a cloud provider such AWS $ create --driver virtualbox dev # start machine locally using virtualbox $ create --driver digitalocean dev-cloud # start machine locally using di
  27. 27. DOCKERCOMPOSE A tool for running multi-container applications Single file configuration Great for dev environments, CI, staging Written in Python, was Fig (acquired by Docker) Useful for building complex environments in a reproducible way
  28. 28. DEMOTIME!
  29. 29. DOCKERCOMMANDLINE $ docker search # search hub.docker.com for an image $ docker pull # download an image $ docker images # list all existing local images $ docker run # starts a container from an image $ docker ps # list running containers $ docker build # build an image from a docker file
  30. 30. SOMEDOCKER'RUN'FLAGS -d # runs the container in detached mode (background proces -t # runs the container using a pseudo-tty -i # uses interactive mode --name # assign a name, instead of autogenerated one
  31. 31. START/KILL/REMOVECONTAINERS docker stop # stops a container docker start # starts a container docker attach # attach to a container docker remove # remove a container docker rmi # remove an image
  32. 32. CONTAINERSCOMMUNICATION Containers can be linked together (container linking) Container linking works well on a single host, but large-scale systems need other discovery mechanisms. $ docker run -d --name database -e MYSQL_ROOT_PASSWORD=root mysql $ docker run -d --link database:db --name web runseb/hostname $ docker run -d --link web:application --name lb nginx
  33. 33. CONTAINERSVOLUMES Docker can mount host voulumes in read/write mode. Data are shared between host and container $ docker run -ti -v "$PWD":/shared ubuntu:14.04 /bin/bash
  34. 34. ADDITIONALRESOURCES
  35. 35. WEJUSTSCRATCHEDTHESURFACE!
  36. 36. ECOSYSTEM Orchestration Clustering Discovery Cloud Monitoring Logging Security
  37. 37. LINKS Docker training - Docker cheat sheet - Docker cheat sheet - https://github.com/wsargent/docker-cheat-sheet More links! - http://www.nkode.io/2014/08/24/valuable- docker-links.html Docker ecosystem - mind blowing - https://www.mindmeister.com/389671722/docker- ecosystem Docker videos - http://training.docker.com/ https://github.com/wsargent/docker­cheat­ sheet https://www.youtube.com/user/dockerrun

×