to save time • Deployment takes much longer (ad hoc configuration) • Consolidate in order to save time • Backup & Restore ? doesn’t save time :( • Security ? System provisioning (& OS provisioning)
• Solaris Zones (containers - link) • Vserver • Openvz • Chroot Isn't there enough container tech ? • Solaris not widely used as linux/freebsd … • Linux kernel support ( >= 2.6.27 ) • Application segmentation • We really need it !!! => “.service” era
An abstraction layer for LXC + features So Why not “plain old” LXC ? • Portable deployments across machines • LXC alone doesn't guarantee that ! • Docker build - a “build tool” designed for portability • Application centric / OS centric [ Docker’s API ] • SHA-1 (git like) based versioning • DRY / Reuse - 1 base image for many applications • Sharing - index (global) or registry (private / on prem)
• Daemon per container ISOLATION • Container == Independent ( user/group/service etc) • New version == new container ( not toe trading …) PORTABILITY • Container on DEV machine => to production • Deploy from private registry • Rollback == latest -1
your application’s environment • OS • Packages • Configuration ! etc • Number of machines ? • Define a container via Dockerfile • Use that Dockerfile to define your environment (via yaml file) web: build: . links: -‐ db ports: -‐ 8000:8000 db: image: hagzag/pgsql workflow
container # Docker Image/tag FROM ubuntu:12.10 # command(s) to execute on container RUN apt-‐get update RUN apt-‐get -‐y install redis-‐server # what port to listen on EXPOSE 6379 # once container is acJve what binary to run ENTRYPOINT ["/usr/bin/redis-‐server"]
. Step 1 : FROM ubuntu:12.10 -‐-‐-‐> b750fe79269d Step 2 : RUN apt-‐get update -‐-‐-‐> Running in 0d768rc284d Fetched 9813 kB in 20s (481 kB/s) -‐-‐-‐> 46a6f0556e96 Step 3 : RUN apt-‐get -‐y install redis-‐server -‐-‐-‐> Running in 5ea88c37d21f The following extra packages will be installed: libjemalloc1 The following NEW packages will be installed: libjemalloc1 redis-‐server 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 319 kB of archives.
docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9026507ef675 a6dd4adbb425 /usr/bin/redis-‐serve 12 minutes ago Up 12 minutes 6379/tcp redis 7e88dcb96856 registry:0.6.1 /bin/sh -‐c cd /docke 9 days ago Up 40 minutes 0.0.0.0:5000-‐>5000/ tcp condescending_thompson
• Dependencies Out container responsibility • Security & Remote access • Logging • Monitoring • Networking take tag “latest” of app A docker push <reg-‐name>/app-‐1 docker pull <reg-‐name>/app-‐1 Immutability ? - not just yet … but we are getting close