+ All Categories
Home > Technology > Docker - Ankara JUG, Nisan 2015

Docker - Ankara JUG, Nisan 2015

Date post: 15-Jul-2015
Category:
Upload: mustafa-akin
View: 431 times
Download: 3 times
Share this document with a friend
54
Mustafa AKIN Ankara Java Users Group 16 April 2015 What is Docker? And what it means to you?
Transcript

Mustafa AKIN

Ankara Java Users Group

16 April 2015

What is Docker?

And what it means to you?

What is Docker?

■ An open platform

■ Portable, lightweight runtime and packaging tool

■ Automating deployment of applications inside software

containers

■ Operating-system-level virtualization

■ Isolated containers

Virtual Machines, Hypervisors

■ KVM, kernel based virtual

machine

■ Virtualize an entire system

■ Virtual CPU

■ Virtual Hard Disk

■ Virtual Network

Containers

■ Containers share same Linux

Kernel

■ Isolation possible by

namespaces, cgroups provided

by Linux Kernel

■ Microsoft has started providing

Native Windows Containers

Containers vs Virtual Machines

Performance of Containers

An Updated Performance Comparison of Virtual Machines and Linux Containers,

IBM Research

How does Docker Work?

■ Operating system provides you a set of system calls

■ You do not actually read file, read from socket, write output

to screen

■ Operating system handles most crucial functionality for you

■ Docker utilizes namespaces for abstracting access to system

resources

■ Docker also utilizes cgroups, that provides namespace

isolation

■ Cgroups also provide resource accounting and limitation

Namespaces

■ Mount: Isolate the set of file system mount points for

processes

■ UTS: Isolates domain name and host name

■ IPC: Inter process communication, such as shared memory,

named semaphores, message queues

■ PID: Process ID number space. So init process of each

namespace can be different

■ Network: Different network devices, routing tables

■ User: Different user ids for inside and outside of namespace

Regular htop

htop inside a container

Docker images

■ Docker mounts images as the root file system of a container

■ Images in Docker are layered: like git, you have to commit

changes to create a new image, or update the current

version

■ Image layers can be shared among containers

■ Sharing layers increases performance since the common

files will be in cache, and also reduces the disk usage

Example usage of images

Layers of images

ubuntu

jdk8

myjavaapp jetty

gcc

helloworld

Docker hub

Dockerfile

Control Groups (cgroups)

■ blkio: set limits and monitor usage of block devices such as

disks

■ cpu: scheduling, weights of tasks

■ cpuacct: usage reports of cpus

■ cpuset: assign cpus and memory nodes to tasks

■ devices: allow access to devices (webcam, gpu etc.)

■ memory: limit on memory, and usage reports

■ net_prio: priority on network interfaces

Example of cpuacct

Aggregating Docker metrics■ My own project to gather cgroup metrics for containers:

https://github.com/mustafaakin/docker-resource-reporter

Boot2Docker

Containerizing GUI Apps$ docker run -it \

-v /tmp/.X11-unix:/tmp/.X11-unix \ # mount the X11 socket

-e DISPLAY=unix$DISPLAY \ # pass the display

-v /dev/snd:/dev/snd --privileged \ # sound

--name tor-browser jess/tor-browser

Containerizing Ubuntu Desktop

docker run -i -t -p 6080:6080 dorowu/ubuntu-desktop-lxde-vnc

Running a database

Mounting Data

Poor man’s Continuous integration

Rich man’s continuous integration

■ CircleCI

■ Bamboo

■ Jenkins

■ TravisCI

■ Shippable

PrimeFaces showcase

Running Benchmarks

Selenium Grid

Selenium Grid

PAGS: Programming Assignment Grading System

■ http://pags.cs.bilkent.edu.tr

or http://code.gy

PAGS, Programming Assignment Grading System

PAGS, Programming Assignment Grading System

My Research

Twelve Factor App

I. Codebase

One codebase tracked in revision

control, many deploys

II. Dependencies

Explicitly declare and isolate

dependencies

III. Config

Store config in the environment

IV. Backing Services

Treat backing services as

attached resources

V. Build, release, run

Strictly separate build and run

stages

VI. Processes

Execute the app as one or more

stateless processes

VII. Port binding

Export services via port binding

VIII. Concurrency

Scale out via the process model

IX. Disposability

Maximize robustness with fast

startup and graceful shutdown

X. Dev/prod parity

Keep development, staging, and

production as similar as possible

XI. Logs

Treat logs as event streams

XII. Admin processes

Run admin/management tasks

as one-off processes

Heroku

Deis – Your own Heroku

Deis – Your own Heroku

Deis – Your own Heroku

IBM Bluemix

RancherOS: Dockerizeeverything

Rancher UI

Docker Web UIs

Kitematic: GUI for Docker

Kubernetes by Google

Docker Compose (Fig)

Docker SwarmUse filtering:

• Constraints:

• Labeling, SSD Server, Big

Server..

• Operating System

• Kernel Version

• Affinity

• Schedule 2 containers

together

• Port

• Availability

• Dependency

• Containers might be using

volumes, or share network

stack

Docker Machine

Docker-ready clouds

■ Amazon EC2 Container Service

■ Google Container Engine

■ Digital Ocean

Docker investments

■ Series B: 21 Jan 2014 $15M

■ Series C: 16 Sep 2014 $40M

■ Series D: 14 Apr 2015: $95M

■ Docker initial release: 13 March 2013

Windows side.. Docker Client!

Windows side, Nano Server!

Remote API■ HTTP over Unix Socket, TCP Socket, Optionally TLS

■ JSON API

– Create container

– Start container

– Wait container

– List containers

– Search image

– Pull/Push images

– Build image from Dockerfile

■ Hijacked HTTP API or alternatively WebSocket API for

attaching to container, to see its output in real-time

Mustafa AKINTwitter: @mustafaakin

Mail: [email protected]

Web: www.mustafaak.in

■ Feel free to contact for Docker related questions, or anything

else!


Recommended