Containers on Bluemix2015/11/10, Matthias Hub, [email protected]
CloudFoundry AppsContainers
Virtual Machines
CloudFoundry AppsContainers
Virtual Machines
a brief history of Containers
1979
chrootA chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name (and therefore normally cannot access) files outside the designated directory tree. … The modified environment is called a "chroot jail". https://en.wikipedia.org/wiki/Chroot
2007
cgroupscgroups (abbreviated from control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.https://en.wikipedia.org/wiki/Cgroups
2008
LXCLXC (Linux Containers) is an operating-system-level virtualization environment for running multiple isolated Linux systems (containers) on a single Linux control host.
…
LXC combines kernel's cgroups and support for isolated namespaces to provide an isolated environment for applications.
https://en.wikipedia.org/wiki/LXC
now
warden, lmctfy, Docker, rocket, opencontainers
Containers (revisited)Taken from Onsis Diego presentation at http://de.slideshare.net/Pivotal/cloud-foundry-summit-2015-diego-update
Containers Benefits
Efficiencyspeed: milliseconds instead of seconds deployment: faster and thus more deployments possible onboarding: new developers can be easily onboard
Portabilitysame container everywhere: development machines, private or public cloud, staging or production no more environment inconsistencies
Build / Ship / Run
Terminology
• Image - layered file system
• Container - runtime instance of an image
• Dockerfile - build script for an image
• Registry - a server hosting images
Image / Container
• Layered file system, using UnionFS underneath
• Each layer references the layer below
• An image is read-only, but the container from an image is writable
Dockerfile• Script with a certain set of instructions (FROM,
ADD, CMD, ENV, VOLUME, WORKDIR, …) which are executed to build an image
• Example: https://github.com/tianon/docker-brew-ubuntu-core/blob/380b4edf3d7e68499f81acc3eb8d22d59236b7b2/trusty/Dockerfile
• Documentation: http://docs.docker.com/engine/reference/builder/
Registry
• Public registry is available at Docker Hub, https://hub.docker.com
• Private registry can be deployed on your own server
• Link private git repositories to integrate with Docker Hub
Ecosystem• Docker Toolbox (Developer Tools)
• Docker Hub (Public image registry)
• Docker Trusted Registry (Private image registry)
• Tutum (Deploy and manage dockerized apps)
• Kitematic (Desktop GUI)
• Docker Swarm (Clustering and scheduling)
• Docker Compose (Multi-container applications)
Containers on Bluemix
Add-ons• Private image registry for each user
• Integrated monitoring and logging of containers
• All containers are by default in a single private network and can see each other
• External IP addresses available which can be mapped to a container
• Vulnerability Advisor for images
• Auto-recovery to automatically restart containers
• Service integration with cloud foundry applications
UI walk-through
Hands-on
Bluemix
Target Architecture
DropwizardMicroservice(Container)
Web Application(CloudFoundry App) Service
Binding
REST RESTHTML
Browser
Git
AJAX
DevOps
Deploy
Redis
Development and Deployment Steps
• Create application within the web ui and create a git repository populated with the sample code
• Check-out from git, implement the simple application and publish application within Eclipse
• Create the DropWizard application and build the Dockerfile
• Prepare and publish container (using command line): • gradle run • gradle container • docker tag {registry_name}/dropwizard-sample:0.1 registry.eu-gb.bluemix.net/{registry_name}/
unistuttgart-sample:0.1 • docker push registry.eu-gb.bluemix.net/{registry_name}/unistuttgart-sample:0.1 • cf ic run --name container-unistuttgart-sample -p 8080:8080 -m 64 -d registry.eu-gb.bluemix.net/
{registry_name}/unistuttgart-sample:0.1 • cf ic ip bind {public_ip} container-unistuttgart-sample
• Create service and bind it to the application • cf create-user-provided-service unistuttgart-container -p "{ \"url\": \”http://{public_ip}:8080/microservice
\” }" • cf bind-service bluemix-unistuttgart-web unistuttgart-container • cf restage bluemix-container-sample
Links• Main Bluemix Page: http://www.bluemix.net/
• Example Web Project: https://hub.jazz.net/project/matthiashub/bluemix-unistuttgart-web/overview
• Example Container Project: https://hub.jazz.net/project/matthiashub/bluemix-unistuttgart-container/overview
• DropWizard Framework: http://www.dropwizard.io/
• Eclipse Tooling: http://marketplace.eclipse.org/content/ibm-eclipse-tools-bluemix
• Promo code for students: http://codes.mybluemix.net
Top Related