introducción a docker - librecon 2016
TRANSCRIPT
Introducción a Docker22-11-2016 LibreCon 2016 Bilbao
2 / 33(C) 2016 Hopla! Software & Subsidiaries
About Us
• Only Docker Value-Added Master Reseller in Spain, Portugal and LATAM
• Only distributor for EDB in Spain, Italy & LATAM• Presence in France, Spain, Portugal, Mexico &
Colombia• We provide 24x7 Support in Spanish for:
• Docker• PostgreSQL – EDB
• 12 Engineers
3 / 33(C) 2016 Hopla! Software & Subsidiaries
SUPPORT
● Break & Fix support L
1-2 ; local lang● 24x7 local languages● Proactive support w/
extensive
monitoring
LICENSES / SOLUTIONS
● Subscriptions:
EnterpriseDB,
Docker, Bacula● Management,
Monitoring &
Tooling
TRAINING
● Official + custom
EDB & Docker● Custom advanced
Enterprise training
TOOLS
● Migration solutions● Architectural
consulting &
re-engineering● Advanced / custom
functionalities
What we do
4 / 33(C) 2016 Hopla! Software & Subsidiaries
Local References
5 / 33(C) 2016 Hopla! Software & Subsidiaries
¿Qué es Docker?
6 / 33(C) 2016 Hopla! Software & Subsidiaries
Software Containers and Docker Containers: Wikipedia• Software Containers:
Operating-system-level virtualization is a server virtualization method in which the kernel of an operating system allows the existence of multiple isolated user-space instances, instead of just one. Examples: chroot, LXC, OpenVZ, Solaris Containers (Zones), FreeBSD Jail, VMWare ThinApp
• Docker containers Designed to wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries, anything you can install on a server. This guarantees that it will always run the same, regardless of the environment it is running in.
7 / 33(C) 2016 Hopla! Software & Subsidiaries
Container Technology
Used Technologies• cgroups• Kernel namespaces
• PID• NET• IPC• MNT• UTS: Unix Timesharing System
• Union Filesystems: • AUFS• Btrfs• Vfs• DeviceMapper
• Container format: libcontainer, but some other will be supported: BSD Jails or Solaris Zones
8 / 33(C) 2016 Hopla! Software & Subsidiaries
Motivation: Microservices and SOA
9 / 33(C) 2016 Hopla! Software & Subsidiaries
Applications: Paradigm change
• Applications are no longer monolithic
• SOA implies multiple app stacks
• Services are decoupled
• Developers focused on Functionality
• Scalability
10 / 33(C) 2016 Hopla! Software & Subsidiaries
Multiple Technologies, A Common Problem
11 / 33(C) 2016 Hopla! Software & Subsidiaries
Problem Solved Again!!!
Concepts
• Image
• Container
• Engine / Client
• Security• Attack surface• SE Linux• Networking
• Persistence vs Ephemeral
Concepts
• Orchestrating Containers
• Swarm
• Compose
mysql: image: mysql:5.5 environment: MYSQL_ROOT_PASSWORD: rootpasswd MYSQL_DATABASE: drupal volumes: - ./conf/mysql/conf.d:/etc/mysql/conf.d ports: - "3306"
redis: image: redis:2.8 ports: - "6379"
solr: build: ../../build/drupal-solr ports: - "8983"
web: build: ../../build/drupal-nginx-php55x ports: - "80" - "443" - "22" volumes: - /opt/code/example/drupal:/var/www links: - mysql - redis - solr
Docker: High Level Architecture
Concepts
• Manage Images
• Registry / Trusted Registry
• Notary
• Extending Functionality
• Engine Plugins
• Volumes
• Networking
Docker Enterprise Solutions
• Cloud Products
• Docker Hub
• Docker Cloud
• On-Premise Products
• Docker Universal Control Plane
• Docker Trusted Registry
17 / 33(C) 2016 Hopla! Software & Subsidiaries
Developers IT Operations
BUILDDevelopment Environments
SHIPSecure Content & Collaboration
RUNDeploy, Manage, Scale
Docker CaaS Overview
18 / 33(C) 2016 Hopla! Software & Subsidiaries
Introducing Docker Datacenter
Integrated, end-to-end platform for agile application development and management in production
19 / 33(C) 2016 Hopla! Software & Subsidiaries
Docker Datacenter integrates with existing enterprise systems
20 / 33(C) 2016 Hopla! Software & Subsidiaries
Why Docker?
Docker Ecosystem
21 / 33(C) 2016 Hopla! Software & Subsidiaries
Integration: CI/CD
21
Developer
Versioncontrol
1. Development 2. Test 3. Stage / Production
QA / QE
SysadminProject Management
22 / 33(C) 2016 Hopla! Software & Subsidiaries
Dockerizing an existing complex application
23 / 33(C) 2016 Hopla! Software & Subsidiaries
Dockerizing an existing complex application
24 / 33(C) 2016 Hopla! Software & Subsidiaries
Dockerizing an existing complex application (detail)• Remarkable elements
• Gateway to external services• Proxy for controlled access to the Internet (i.e. restricted)• Synchronizing gateway (w/ semaphore!)• Centralized configuration• User-controlled app-wide events
• Service Discovery … and consumption!• Auto-register (declaratively) containers upon startup• Containers can also register themselves• ALL services are available in the catalog, and resolvable via
DNS. Non-standard ports are supported too – SRV [RFC 2782]• Legacy services use the same mechanism
25 / 33(C) 2016 Hopla! Software & Subsidiaries
Dockerizing an existing complex application (detail – cont.)• Event-driven reconfiguration
• Central distributed KV stores config params• Changes to configuration trigger reconfig actions
...and cluster-wide actions – management at scale!e.g.: apply patches, reconfigure services
• Comms security with performance• Hardware-accelerated flow separation till switches (VLAN)• Kernel-enforced/accelerated private network per application• Centrally-configured restricted access to the internet• Service consumption only over trusted datapath
DR/BC-ready: multi-DC & auto-failover
Dockerization of Legacy Systems Benefits: Cost Reduction• 100 VMs Frontal Servers
• Apache2.2 on CentOS6-7; mpm-event[ILK]+php5-fpm 5.3• 4GB de RAM average• 2 or 4 vCPU • 10GB minimal disk image (tipically 25GB)
• That makes 400GB RAM and 200 vCPU
• 5 VMs with 8vCPUs and 32GB RAM• 60% RAM and 80% CPUs savings
27 / 33(C) 2016 Hopla! Software & Subsidiaries
Escalado PostgresqlArchitecture and network
SELECTS
This demo shows how a STATEFUL application can be managed and scaled using containers.
Master Slave
Replication
Writes
28 / 33(C) 2016 Hopla! Software & Subsidiaries
Escalado PostgresqlOne click scale
Scale in one click:• Application Server• DB Pool• Horizontal DB ScaleAND…Autoscale DB under several
configurable parameters.
SELECTSELECT
Master Slave
Replication
Slave
Replication
29 / 33(C) 2016 Hopla! Software & Subsidiaries
Container Advantages
• BUSINESS: • Time to Market.
• Faster development cycles.
• More releases in less time
• Scalability: 0,5s to launch a new container
30 / 33(C) 2016 Hopla! Software & Subsidiaries
Container Advantages
• IT ORGS: • Responsibilities Segregation
31 / 33(C) 2016 Hopla! Software & Subsidiaries
Container Advantages
• DEVELOPMENT: • Portability
• Development Deployment→
• CI & testing simplified• Reproducible builds &
deploy• Fast rollback made possible• Deterministic operations
• Common CI tools• Native Jenkins plugin available• GitLab, Gerrit, Bamboo too
...no need to abandon BCPs!
32 / 33(C) 2016 Hopla! Software & Subsidiaries
Container Advantages
• OPERATIONS: Efficiency• Higher density: 100s
containers/server vs 10’s VM/server
• Elasticity: grow and shrink. Better “pay per use”
• Management simplification. No need for virtualization
• Repeteable Architectures. Design once, deploy 100’s times
• Decoupling of OS from the applications: Independent evolution
33 / 33