2015 05-06-elias weingaertner-docker-intro
-
Upload
haufe-lexware-gmbh-co-kg -
Category
Software
-
view
185 -
download
1
Transcript of 2015 05-06-elias weingaertner-docker-intro
What does Docker do technically?
So:ware Container Image
Containeriza>on
DataCenter
Developer PC
Instan>a>on
Dockerfile
„docker-‐compose“
„docker run“
Orchestra>on of Compound Services
A Dockerfile describes how to turn any so;ware ar<fact Into a Docker Image
# A basic apache server. To use either add or bind mount content under /var/www FROM ubuntu:12.04
MAINTAINER Kimbro Staken version: 0.1
RUN apt-get update && apt-get install -y apache2 && apt-get clean && rm -rf /var/lib/apt/lists/*
ENV APACHE_RUN_USER www-data ENV APACHE_RUN_GROUP www-data ENV APACHE_LOG_DIR /var/log/apache2
EXPOSE 80
CMD ["/usr/sbin/apache2", "-D", "FOREGROUND"]
Install Apache into Ubuntu Image
Dockerfile by example
hEps://github.com/kstaken/dockerfile-‐examples
Base Image
Metadata
Basic Apache2 configura<on
Tell Docker that the container exposes HTTP
How to start it up
Docker Images
• Important: Docker executes Docker Images, not Dockerfiles • A Docker image contains everything to run the so:ware • Binaries (Think /usr/bin) • Configura>on (Think /etc) • System Libraries, Auxiliary Files, System Content
• Layered File System • Each write opera>on adds a layer to the file system • Image Inheritance
Docker Registry
• Central repository for Docker images • docker push <name> • docker pull <name>
• Enables sharing of executable images • Public Docker Registry: Docker Hub (14000+ images)
• Enterprise use: Need for a private registry
Docker Links
• Wish: Separa>on of Concerns into different containers • Manual “composi>on” via Docker Links:
à Containers need to be started in the right order à Even more complexity with cross-‐host links
mysql:3306
1) docker pull mysql:latest docker pull httpd:latest
2) docker run -e MYSQL_ROOT_PASSWORD=123 --name mydb mysql 3) docker run –name web –link mydb:mydb httpd
The need for orchestra-on
Some „Fic>on“: 13 Containers with 15 links
Challenges • Container/Service Dependencies • Star>ng Order • Network Dynamics • Ressource Alloca>on
Let‘s do this manually with Docker
Docker Orchestra-on Tools
• Container Instan>a>on & Order • Communica>on between containers & link management • Wish list: • Transparent Container placement on infrastructure • Support for service redundancy fail-‐over
Docker orchestra>on tools automate the instan>a>on of service landscapes.
Docker Orchestra-on Tools
Today: Brief introduc>on to two orchestra>on tools
Docker Compose Docker Swarm (Docker Machine)
Others: Mesos, Kubernetes, Lafce (Pivotal), Helios (Spo>fy), SmartDataCenter, Panamax, Clocker…
Docker Compose/Swarm/Machine
• Docker originally had no orchestra>on func>onality
Now • Docker Compose • Docker Machine • Docker Swarm
Docker Compose Example
docker-compose up will start Wordpress + MySQL
web: build: . command: php -S 0.0.0.0:8000 -t /code ports: - "8000:8000" links: - db volumes: - .:/code db: image: orchardup/mysql environment: MYSQL_DATABASE: wordpress
docker-‐compose.yml
CoreOS
• Manages en>re Docker Clusters • Main Components • CoreOS: Minimal Linux Opera>ng system • Docker: Container Run>me • etcd: Distributed key/value store à Configura>on Management • Fleet
• Cluster Management • Distribute service on cluster • Failover support
CoreOS Example: High Availability Apache
Description=My Apache Frontend After=docker.service Requires=docker.service
[Service] TimeoutStartSec=0 ExecStartPre=-/usr/bin/docker kill apache1 ExecStartPre=-/usr/bin/docker rm apache1 ExecStartPre=/usr/bin/docker pull coreos/apache ExecStart=/usr/bin/docker run -rm --name apache1 -p 80:80
coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ExecStop=/usr/bin/docker stop apache1
[X-Fleet] Conflicts=apache@*.service
Prerequisites
Source: CoreOS Documenta>on
Service Instan<a<on
HA: Avoid 2 Apaches on one host
CoreOS Example: High Availability Apache
$ fleetctl submit [email protected] $ fleetctl start apache@1 $ fleetctl start apache@2 $ fleetctl list-‐units UNIT MACHINE ACTIVE SUB [email protected] 491586a6.../10.10.1.2 ac>ve running [email protected] 148a18ff.../10.10.1.1 ac>ve running
Source: CoreOS Documenta>on
Eight golden Rules for Docker Containers
1. One Purpose: Each container does exactly one job 2. Working: The container is func>onal 3. Fix Dependencies: All dependencies of the container are sound 4. Minimal: Contains only bare essen>als 5. Whitebox Sources for the container must be available 6. Secure The container is tested and checked regularly 7. Limited The container requires only limited resource
8. Trust The maintainer of the container is trustworthy. Its content is not
tampered.
Summary
• Docker provides mobility for so:ware ar>facts • „Build once, ship anywhere“
• Deployment of compound services: Orchestra>on needed! • Different toolchains available.
• Claim: We need guidelines for Docker use at Haufe. • Many ques>ons (unsorted)
• Use of private/public Docker registries? • Should we containerize everything? • How to handle cer>ficates? • Which orchestra>on platorm to use? Which backend to use for container management?