Scribd
Upload
14 views34 pages

02 - Docker

Uploaded by

drivesankofa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views34 pages

02 - Docker

Uploaded by

drivesankofa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 34

Docker

Put your application into containers

© takima 2022 all rights reserved²


Once upon a
time...
… in the land of infrastructures

2
© takima 2022 all rights reserved²
Once upon a time...
Use case
Simple 3-Tiers application

‒ An HTTP server for your website

‒ A Java application for your API

‒ A PostgreSQL database for persistence

3
© takima 2022 all rights reserved²
Once upon a time...
Multiple services / single server
Your application is getting complex… Company
‒ with multiple backend
■ with multiple languages
‒ with a lot of config
■ http servers, SSL certs, firewalls, LDAP, …
‒ … and harder to (re)deploy
‒ no process isolation
■ bad for security & resiliency*

*resilience: tolerance to faults 4


© takima 2022 all rights reserved²
Once upon a time...
Multiple services / multiple servers
Your application is getting complex…
Company
‒ Put things in bare-metal servers!

PROS? CONS?

5
© takima 2022 all rights reserved²
Once upon a time...
Multiple services / multiple servers
Your application is getting complex… Company
‒ Put things in bare-metal servers!

‒ Great performance
‒ Perfect process isolation

‒ Costly
‒ Harder to deploy and manage
‒ No automatic scaling
6
© takima 2022 all rights reserved²
Once upon a time...
Multiple services / multiple VMs
Your application is getting complex… Company
‒ Put things in bare-metal servers!
VM 1 VM 2
‒ Put things in VMs*.

PROS?

VM 3

Your application is getting complex…


● Put things in bare-metal servers!
● *VM: Virtual
Put things in VMs*.Machine 7
© takima 2022 all rights reserved²
Once upon a time...
Multiple services / multiple VMs
Your application is getting complex… Company
‒ Put things in bare-metal servers!
VM 1 VM 2
‒ Put things in VMs*.
‒ Everything in a single package
‒ Configure once, redeploy everywhere
‒ No Conflicting tools
■ ie: python + python3, JRE versions,... VM 3
‒ Great process isolation

8
© takima 2022 all rights reserved²
Containers
Why ?

9
© takima 2022 all rights reserved²
Containers
Why ?
Your application is getting complex… Company

‒ Put things in bare-metal servers!


VM 1 VM 2
‒ Put things in VMs*.

CONS?
VM 3

10
© takima 2022 all rights reserved²
Containers
Why ?
Your application is getting complex… Company

‒ Put things in bare-metal servers!


VM 1 VM 2
‒ Put things in VMs*.
‒ Setup & maintenance
‒ Performance overload
■ requires beefy hardware
■ no resource management VM 3
‒ Heavy to store and slow to start
‒ Hard to share
■ GIT ? FTP ?
■ need other solutions (ig: Vagrant, Terraform,
…)
● virtual machine 11
© takima 2022 all rights reserved²
We want something like
light virtual machines.

12
© takima 2022 all rights reserved²
Docker
containers, containers everywhere !

13
© takima 2022 all rights reserved²
Docker
Containers
‒ Open source
‒ Docker != VM. Docker ≈ lightweight VM
■ Package application and its dependencies
■ Isolate processes
‒ One usage = One container
■ eg: front-end + back-end + 1 DB = 3 containers
‒ Build once, ship everywhere
■ One docker image for all environment
‒ Version Control
■ Versioned images

14
© takima 2022 all rights reserved²
Docker
Containers vs VM
VM1 VM2

Clients :443 :5432


bin & libs bin & libs

Guest OS Guest OS

‒ Isolated processes: virtual HW virtual HW


■ Virtual Machines (RAM, CPU, (RAM, CPU,
○ slow virtual hardware NIC, HDD, …) NIC, HDD, …)
○ slow booting up guest OS
○ lock host’s resources
Host OS

Host Hardware
(RAM, CPU, NIC, …)

15
© takima 2022 all rights reserved²
Docker
Containers vs VM
Docker1 Docker2

Clients :443 :5432


bin & libs bin & libs

‒ Isolated processes: Docker engine


■ Virtual Machines
■ Containers
UNIX-based Host OS
○ uses host hardware & software (fast)
○ do not boot guest OS (fast) Kernel
○ minimal virtualization overread (network, filesystem, …)

Host Hardware
(RAM, CPU, NIC, …)

16
© takima 2022 all rights reserved²
Take away

Docker rather than VMs ?


● runs processes right on host OS
■ no virtualization overread
■ fast
○ start, stop, recreate containers in seconds
● emulated process isolation
● Dockerfile
■ Repeatable builds
■ can be versioned
● 1 single artifact, deployed everywhere
■ (binaries, libraries, conf, files …)

17
© takima 2022 all rights reserved²
Docker stuff
Images, containers, volumes, networks...

18
© takima 2022 all rights reserved²
Docker
Images
Containers are made out of images
‒ image ≈ immutable, static
container
‒ one image = one usage
■ java + db + python = 3 images
■ reusable
■ minimal size
‒ built with Dockerfile

19
© takima 2022 all rights reserved²
Docker
Dockerfile
‒ “makefile” recipe to create an # Base image

image FROM ubuntu:22.04

■ stack layers on top another image # Run a command in the container


# (eg: install a dependency)

RUN apt update && apt install sl layer 1

# Default program to run when container starts

ENTRYPOINT ["/usr/games/sl"] layer 2

# Default command/args to pass to command above

CMD [".", "-e"] layer 3

20
© takima 2022 all rights reserved²
Docker
Dockerfile
from Dockerfile to image

# build docker image


docker build . -t my-image

latest
+ java:
+ conf
+ jar
+ ...

Dockerfile docker image


21
© takima 2022 all rights reserved²
Docker
Containers
builds images, to create containers

latest
+ java: >$ docker build >$ docker run
+ conf
+ jar
+ ...

Dockerfile docker image docker container

22
© takima 2022 all rights reserved²
Docker
Containers
‒ live, running copies of images

# run the latest nginx version in a container with name nginx


docker container run --name my-nginx nginx:latest

23
© takima 2022 all rights reserved²
Containers commands
# Run a nginx container with name my-nginx
docker container run \
--name my-nginx \ # with container name=my-nginx
-it \ # with interactive terminal
-d \ # daemon mode (not linked to a terminal)
nginx:1.15.8 # based on specific nginx 1.15.8 image

# Stop | kill (sends a SIGKILL) a running container


docker container {stop|kill} my-nginx

# Lists running containers | all containers


docker container ps [-a]

# Execute a command (bash) in a running container


docker container exec -it my-nginx bash

24
© takima 2022 all rights reserved²
Docker # create a network
Networks docker network create -d bridge public-net

‒ “Containers are isolated” # run server


■ invisible from each other docker run -d \

‒ Networks: --name my-http \


--network=public-net \
■ connect containers
hashicorp/http-echo -text= "hello world"
together
■ one application = dozen of
# run client
containers in a network
docker run \
--name my-client \
--network=public-net \
-it \
-p 5678:5678 \
curlimages/curl my-http

25
© takima 2022 all rights reserved²
Docker
Volumes
# bind-mount a volume
‒ “Containers are stateless:” docker run -d \
■ Keep no valuable data
--name my-nginx \
■ Can be destroyed or replaced,
-v "$(pwd)"/hostDir:/containerDir \
anytime
nginx
‒ Volumes
■ are a safe place on host
■ shared between containers
■ survive to container’s destruction

26
© takima 2022 all rights reserved²
Docker
Volumes use if you want to share files between host and container

# bind-mount a volume
‒ Bind-Mount volumes docker run -d \
■ mount a host folder into the
--name my-nginx \
container
-v "$(pwd)"/hostDir:/containerDir \
■ are OS dependent
nginx
■ let the container add files that
are owned by root
use if you want files on a safe place, without the need of
accessing them

# bind-mount a volume
‒ Named volumes docker volume create my-volume
■ are managed by docker engine
■ can be on a remote machine docker run -d \
■ cannot be accessed directly by --name my-nginx \
host -v my-volume:/containerDir \
nginx

27
© takima 2022 all rights reserved²
Take away

‒ Start with an appropriate base image


■ as light as possible (eg: alpine is best)
‒ Reduce the number of layers
‒ One container = one concern
‒ No unnecessary packages installation (Text Editor …)
‒ Never use latest as a version
‒ RTFM
■ https://docs.docker.com/develop/dev-best-practices/#how-to-keep-your-images-small
■ https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices
‒ use read-only volume if you do not need write access

# bind-mount a volume
docker run -d \
--name my-nginx \
-v "$(pwd)"/hostDir:/containerDir:ro \
nginx

28
© takima 2022 all rights reserved²
Docker universe
Docker-compose, Docker HUB & co

29
© takima 2022 all rights reserved²
Docker universe
Docker compose
‒ Manage multiple containers # docker-compose.yml
together
■ build, run, build & run, start, stop version: "3"
‒ Declarative YAML Syntax services:
■ Services (= containers) myapp-web:
■ Networks image: "nginx:latest"
■ Volumes ports:
- "8080:80"
myapp-mysql:
image: "mysql:latest"

30
© takima 2022 all rights reserved²
Docker universe
Docker HUB
‒ “github” for docker
■ public place to store docker images
‒ host docker images
■ images are already built
‒ official & unofficial images

31
© takima 2022 all rights reserved²
Docker universe
Go Deeper
‒ Docker is a great tool but most of
the time production requires
■ Multi instances deployment
■ Vertical and / or Horizontal scaling
■ Fault tolerance on instance crashes
‒ Say Hello to : Containers
Orchestration
■ Deploy, manage and expose
containers on multiple instances

32
© takima 2022 all rights reserved²
Contributors

Thank you.
‒ Nicolas THIERION <[email protected]>
‒ Quentin BISSON <[email protected]>
‒ Aurélien MORREAU <[email protected]>

Lab: https://guide.master3.takima.io/docker-01
See also
Leave feedback: feedback form
‒ 01 - Devops
‒ 03 - Gitlab CI
‒ 04- Ansible (Bonus)

Contact [email protected]
© takima 2022 all rights reserved²
Références

● Why docker
● https://docs.docker.com/

34
© takima 2022 all rights reserved²

You might also like